Report - www.amdahost.com/watch.php?id=f86bdb2db9

Report Overview

Submitted URL
www.amdahost.com/watch.php?id=f86bdb2db9
IP
104.21.40.89
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 22:39:16
Access
public
Website Title
Video [f86bdb2db9]
Final URL
www.amdahost.com/watch.php?id=f86bdb2db9
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
js.mbidpp.com	unknown	2023-02-20	2023-04-22	2024-02-23	418 B	29 kB	45.133.44.53
imgsdn.com	unknown	2024-02-12	2024-02-12	2024-05-03	993 B	183 B	138.201.194.90
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20	2024-05-04	431 B	790 B	142.250.74.98
storage.mbidstorage.com	unknown	2024-02-27	2024-03-05	2024-04-27	2.2 kB	18 kB	172.67.164.241
js.wpshsdk.com	12130	2021-06-04	2021-06-04	2024-05-04	411 B	16 kB	45.133.44.53
static.bookmsg.com	47495	2020-09-15	2020-11-24	2024-05-03	3.3 kB	6.6 kB	45.133.44.25
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-05-03	498 B	20 kB	104.16.80.73
bid.mbidtg.com	unknown	2023-03-09	2023-03-09	2024-05-02	448 B	3.0 kB	45.133.44.25
cdn.tailwindcss.com	422202	2017-07-20	2018-07-09	2024-05-04	811 B	479 kB	104.22.21.144
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-04	431 B	31 kB	142.250.74.138
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2024-05-03	526 B	1.6 kB	104.21.30.242
js.mbidpsh.com	unknown	2023-02-20	2023-02-21	2024-04-23	411 B	15 kB	45.133.44.52
www.amdahost.com	unknown	2024-03-17	2024-03-21	2024-04-18	8.5 kB	5.0 MB	104.21.40.89
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	3.6 kB	68 kB	142.250.74.106
3fb4026cec.ffbd26c481.com	unknown	unknown	No data	No data	833 B	320 B	45.133.44.53
mpougdusr.com	unknown	unknown	No data	No data	8.7 kB	73 kB	212.117.190.201
da7b22a400.13199960a1.com	unknown	unknown	No data	No data	1.8 kB	310 kB	45.133.44.53
img.vmmcdn.com	36292	2019-11-26	2019-11-26	2024-05-04	807 B	36 kB	138.201.51.142
mcpuwpsh.com	unknown	2022-08-12	2022-08-12	2024-05-02	974 B	9.3 kB	94.130.197.240
cdn.pncloudfl.com	13313	2021-04-20	2021-06-07	2024-05-01	948 B	188 kB	172.67.25.161
mbdippex.com	unknown	2023-04-26	2023-06-06	2024-03-26	6.7 kB	3.8 kB	157.90.84.246
5d39fe7c75.2ac4fce9b8.com	unknown	unknown	No data	No data	7.2 kB	5.3 kB	168.119.25.102
js.mbidadm.com	unknown	2023-02-20	2023-02-21	2024-05-01	832 B	39 kB	45.133.44.53
pyknrhm5c.com	unknown	unknown	No data	No data	2.8 kB	3.9 MB	212.117.190.201
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2024-05-04	1.6 kB	1.2 kB	157.90.84.242
mbddip.com	unknown	2023-04-26	2023-07-14	2024-05-02	596 B	322 B	157.90.84.246
vjs.zencdn.net	4968	2011-12-27	2012-05-21	2024-05-03	423 B	13 kB	151.101.66.217
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-04	445 B	18 kB	151.101.129.229
32879.2481april2024.com	unknown	unknown	No data	No data	1.7 kB	9.4 kB	88.208.22.3
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-03	1.7 kB	5.3 kB	74.125.131.84
cdn.fluidplayer.com	33284	2016-09-22	2017-08-29	2024-05-04	877 B	120 kB	185.76.9.14
nereserv.com	40015	2020-12-21	2020-12-21	2024-05-04	609 B	320 B	157.90.84.246
js.mbidinp.com	unknown	2023-02-20	2023-04-25	2024-03-26	822 B	639 kB	45.133.44.53
b57dqedu4.com	unknown	unknown	No data	No data	1.9 kB	53 kB	212.117.190.201
js.capndr.com	316718	2021-08-30	2021-08-30	2024-05-02	403 B	374 B	45.133.44.52
metricswpsh.com	unknown	2021-10-29	2021-11-02	2024-05-02	823 B	320 B	168.119.25.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	ffbd26c481.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	www.amdahost.com/watch.php?id=f86bdb2db9	561 B	2024-04-29	2024-05-08
Pretty URL www.amdahost.com/watch.php?id=f86bdb2db9 IP 104.21.40.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-29 10:28:04 Last Seen2024-05-08 04:51:47 Times Seen19 Hash 66de4b95a7fd34474fb50687a683753b ff4b480fa33782a2cc4d752a8e735866ca29d175 c2a218082700c505e53d1907f3f32e3aa761b2774e42b81c5139a4b86ebe2667 Loading...

	32879.2481april2024.com/4/js/233169	17 kB	2024-05-05	2024-05-05
Pretty URL 32879.2481april2024.com/4/js/233169 IP 88.208.22.3 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-05 00:39:25 Times Seen2 Hash 7f699aabd1322945d7778dfd854da2ee 05e7c49379cc0b3dbddf1d27b3a51ca565af656d 7fd7a283418ba4f66b30a2d3d8d413e36a657ba853da0c2e38bad576ea7a8eb4 Loading...

	unknown	247 B	2024-05-05	2024-05-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-05 00:39:25 Times Seen1 Hash ee6ec2feeafd79cbcd0b30a99c0f607c 1c1373e5be5c2bbf784f1f6d6ede33aaec137c27 a4785c1800bf16ae62ef31f3bc875305a52e00af232d9fb49ee4dc60c7218832 Loading...

	mpougdusr.com/get/2020090?zoneid=2020090&jp=_clb5erlveqc90stdwbdlmm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1&freq=0&uf=0	11 kB	2024-05-05	2024-05-05
Pretty URL mpougdusr.com/get/2020090?zoneid=2020090&jp=_clb5erlveqc90stdwbdlmm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1&freq=0&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-05 00:39:25 Times Seen1 Hash e09cb70c5c395e92dc5246289df2cfac 2ac22a4618fabedd5af083c43be6015c0e9a1532 6837cb649fd5c5e022c600b4bb7449fce5c0c88a763dd75de2d164f06023f8eb Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	34 kB	2024-04-27	2024-05-18
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:51:21 Last Seen2024-05-18 12:19:57 Times Seen990 Hash a069fdae233705c69db53cdddf953015 2dcfb71c08faa8c09be0196751a3b7f08afbb2e0 8358b4d2ef244f2c763073105b21a552b4589aafcf9b46e128820b35a34f7d9a Loading...

	b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js	106 kB	2024-05-03	2024-05-09
Pretty URL b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 19:40:35 Last Seen2024-05-09 15:53:33 Times Seen34 Hash 5c1245ce45f7e0a8ff772bf695857a27 fad29ae9877616251044562b679427d9450199f7 9eee888953ac3827e3a1951d646e67fd6c34a47c7f4ff861c8b875218889513b Loading...

	www.amdahost.com/watch.php?id=f86bdb2db9	699 B	2024-05-05	2024-05-05
Pretty URL www.amdahost.com/watch.php?id=f86bdb2db9 IP 104.21.40.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-05 00:39:25 Times Seen1 Hash 7cfcfb2df61489009da1c39b8bb4e079 86ac132d9dd3fefecedefd089b20e722de14c700 0d94a98bc6fc102684b0d0638865a1eed8f6e1462ed930734aacd8c007dd6cd5 Loading...

	mpougdusr.com/bultykh/ipp24/7/bazinga/2020090	158 kB	2024-05-03	2024-05-09
Pretty URL mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 19:40:35 Last Seen2024-05-09 15:53:33 Times Seen37 Hash c6ea5aedb4469e81f7d41b0eec41f409 7d7edc7b87462fb56c5e3c17c86bebad542d1d6f 72ad45cf0dd548c1f9611c35289dec90c22375b45bf1aa33d6a14ac7f896865b Loading...

	js.capndr.com/advertising.js	0 B	2023-03-07	2024-05-18
Pretty URL js.capndr.com/advertising.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 12:31:34 Times Seen37785043 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js	97 kB	2024-04-18	2024-05-07
Pretty URL da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:57:28 Last Seen2024-05-07 05:08:18 Times Seen497 Hash 78b4de711a43c2a7b7e06da3d25cc4ab a5fdc5739214b95d24fffd2600ee204eb75db415 97a18ee59823abe90c1e22b83e292d5ac33da2cdb3555372abd7a7f9989c1ea2 Loading...

	da7b22a400.13199960a1.com/b736a0aa40f2bd510763079b8249450f.js	169 kB	2024-04-25	2024-05-16
Pretty URL da7b22a400.13199960a1.com/b736a0aa40f2bd510763079b8249450f.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 17:48:27 Last Seen2024-05-16 08:49:21 Times Seen1042 Hash e164f0fc509991890121aa763019689d 16f901a89a57f87c90d6cea80cff9f8bd32756dc fdd439b2c8d28676c5e03847afc19252a3d6d88a670ba48db4ac020866c6b6ec Loading...

	js.mbidinp.com/skins/nmain.m.js	470 kB	2024-04-16	2024-05-18
Pretty URL js.mbidinp.com/skins/nmain.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 15:37:10 Last Seen2024-05-18 11:09:44 Times Seen1366 Hash 2902e331e5e735ad63e7510dfc434c5b 8f276d26159f74561fb370144b8cafba8bcc8bd3 26106440376cfc59241a9ef152d26483d436f1c155744bda92a41d3906e60ba2 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js	88 kB	2023-08-31	2024-05-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03:19 Last Seen2024-05-18 12:31:33 Times Seen9696 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	js.mbidadm.com/static/scripts.js	1.7 kB	2024-04-12	2024-05-18
Pretty URL js.mbidadm.com/static/scripts.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 00:52:21 Last Seen2024-05-18 05:25:30 Times Seen62 Hash 7e14d1597d1dd442175d8ee15cb07f07 de55b2463f332f2096d788047f8a7b07a776e437 cf31e107e8cb091c9477fe99de3a57a65486fe87becf0e8f469846949beff9f3 Loading...

	pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js	91 kB	2024-05-05	2024-05-09
Pretty URL pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-09 15:53:35 Times Seen26 Hash e0411427d3a21e45aeedb135ad163c3b fa7604ba1e0c74bb7f8ffb0d229ec10677872813 30e20e87ce0312c597365ca972e0e0bc4470a1ac11b6f6c026d5aa342d6576cd Loading...

	da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js	109 kB	2024-04-24	2024-05-07
Pretty URL da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:00:34 Last Seen2024-05-07 11:41:50 Times Seen663 Hash 41230c1446cb19310867b6c3e10f8bec f600745dccd0143bbd1d83d44bd776c74f69866b 713bc0015ac5ef37f48ad9f49aa4521912b705cf01bf19409f98235b28d41dfe Loading...

	static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387	19 kB	2024-04-24	2024-05-18
Pretty URL static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:56:41 Last Seen2024-05-18 12:10:05 Times Seen2429 Hash 4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192 Loading...

	js.mbidadm.com/static/scripts.m.js	109 kB	2024-04-24	2024-05-07
Pretty URL js.mbidadm.com/static/scripts.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:24:14 Last Seen2024-05-07 06:09:42 Times Seen35 Hash 640e0639269ac2bc53e0323682c29ba0 feae00cfe026f6cb4efa18111dbc0706b3e48f50 6399de682fa9e5b67df365dded9639b7cc64ddb24be38e25e5705b08849d2142 Loading...

	pyknrhm5c.com/get/2025683?p=2025683&jp=_clp5dlb5ub5d92uhcrpe8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&freq=0&uf=0	12 kB	2024-05-05	2024-05-05
Pretty URL pyknrhm5c.com/get/2025683?p=2025683&jp=_clp5dlb5ub5d92uhcrpe8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&freq=0&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-05 00:39:26 Times Seen2 Hash 61caeae1ff311d0db2f9d55b25767b14 143af8c9295612430c792dba787a1a5340abd3e0 e37bde38e34399b0682e4d5d57977238f33dd151a5ac4f621498270ef2ff4801 Loading...

	cdn.tailwindcss.com/	366 kB	2024-03-28	2024-05-18
Pretty URL cdn.tailwindcss.com/ IP 104.22.21.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 05:53:51 Last Seen2024-05-18 10:38:50 Times Seen485 Hash 4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c Loading...

	www.amdahost.com/watch.php?id=f86bdb2db9	6.4 kB	2024-04-21	2024-05-09
Pretty URL www.amdahost.com/watch.php?id=f86bdb2db9 IP 104.21.40.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-21 00:00:40 Last Seen2024-05-09 15:53:33 Times Seen38 Hash 729b602ae59da0a8a578c627f0c8e252 55588035e45b31ca4c5066d0155bd092a6fabcda b5ce04d261257f877cfa642ea13d645c29e8c474ef571d0f300c81900d226302 Loading...

	www.amdahost.com/watch.php?id=f86bdb2db9	1.1 kB	2024-05-05	2024-05-05
Pretty URL www.amdahost.com/watch.php?id=f86bdb2db9 IP 104.21.40.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-05 00:39:25 Times Seen1 Hash 3647074dc665560be259506d62dcb7da 1dc4fa1cad4c708ec4b054ec805c4d557b5c260b e90cc65443cbf287354d989798a39478bf627213f69ab5dd8024c55b647d73a4 Loading...

	b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clbm82hmu5cvgn4n6tfd8u&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1&uf=0	3.2 kB	2024-05-05	2024-05-05
Pretty URL b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clbm82hmu5cvgn4n6tfd8u&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-05 00:39:25 Times Seen1 Hash dd34349289bedc28b540174676b99dad 657cd28f3c46417da8bb2a64799e59348ee17e7c 65050fb8fb3c6b7c7b5a6ed8e5643a3781717dfbbfd5608c5f45048b683eade9 Loading...

	cdn.fluidplayer.com/v3/current/fluidplayer.min.js	233 kB	2024-04-06	2024-05-17
Pretty URL cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 22:07:12 Last Seen2024-05-17 23:49:20 Times Seen147 Hash 9829e8e730a9125e695789512d85177a e20a0d55ab1722ef3ad13741a2b8975413d43909 7c38ede4727de973827091514a83d24a039bda1d0d4cac219eb20571a2cc3698 Loading...

	www.amdahost.com/watch.php?id=f86bdb2db9	109 B	2024-01-26	2024-05-09
Pretty URL www.amdahost.com/watch.php?id=f86bdb2db9 IP 104.21.40.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 19:51:30 Last Seen2024-05-09 15:53:33 Times Seen39 Hash abd3eda1d5f4b0fe7f9c99f43eb150b1 284cfcd4d397568f57e7119072af359d0e9690a0 fa9aeea174a0931635c6509c1484d92671e2adbd83146b79ddce59040cc32760 Loading...

	www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-05	2024-05-05
Pretty URL www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.40.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 00:39:25 Last Seen2024-05-05 00:39:26 Times Seen2 Hash b4ce3f67ab885326cf6836283073c42d 15c86ec7fc4fda119ab0aec727e3f820bcc37245 fded1a23e8d90673cf9082505959392aa1178cea8d6566de938bdfb24a87073b Loading...

	storage.multstorage.com/log/count.html	718 B	2023-09-18	2024-05-18
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19:52 Last Seen2024-05-18 12:19:57 Times Seen5416 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

HTTP Transactions (91)

URL IP Response Size

vjs.zencdn.net/8.10.0/video-js.css

151.101.66.217

200 OK

13 kB

URL GET HTTP/2
vjs.zencdn.net/8.10.0/video-js.css
IP
151.101.66.217:443
ASN
#54113 FASTLY

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17
ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT

File type
ASCII text, with very long lines (7288)
Size
13 kB (12695 bytes)
Hash
27818e70d5704691d9264fe0083c5b08
b4dffd90528e8f63d54ad3a859b749344e6e00ad
92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6

HTTP Headers

GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Sat, 04 May 2024 22:38:47 GMT
x-served-by: cache-hel1410023-HEL
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2

www.amdahost.com/thumbnails/1714713939_94a6dd6472fc047c.jpg

104.21.40.89

200 OK

32 kB

URL GET HTTP/3
www.amdahost.com/thumbnails/1714713939_94a6dd6472fc047c.jpg
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3
Size
32 kB (31489 bytes)
Hash
af62b7d38a6ad2726d59b5bc9009da16
4914a29210434f54d6bc5aca693803a4971a86b9
5f9862b8351eefcdd12e0bced362f1f17e5589cc4c1dd898ebb9fbd5529ebd8e

HTTP Headers

GET /thumbnails/1714713939_94a6dd6472fc047c.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: image/jpeg
content-length: 31489
last-modified: Fri, 03 May 2024 05:25:39 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GXU7lX%2Btr0VuB4AGfHKQOQRiKHoUsakjQi%2Fu1VwN9dR3V75OXk5VspsWQ6jWZtIbe9tOKW04O7tsgqeuGAZmlgeeRke8j47OKC6aKFd1B8yrhhqQjfHHiyKfGpnONFfnSue%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbac5fc3712a-OSL
alt-svc: h3=":443"; ma=86400

cdn.tailwindcss.com/3.4.3

104.22.21.144

200 OK

112 kB

URL GET HTTP/2
cdn.tailwindcss.com/3.4.3
IP
104.22.21.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerCloudflare, Inc.
Subjecttailwindcss.com
Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49
ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (52292)
Size
112 kB (112401 bytes)
Hash
4bdcdace639cc6c0f08a15c295482172
6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31
d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c

HTTP Headers

GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 354415
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbad290556bf-OSL
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (30462 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:27 GMT
expires: Fri, 02 May 2025 01:53:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 247521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css

151.101.129.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text
Size
17 kB (16743 bytes)
Hash
373c68d52e3daa5cd7e1ae058fb6bd70
30a01afb8338555278162655e4a8e7ac57774f35
f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd

HTTP Headers

GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 22:38:48 GMT
age: 4994618
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2

32879.2481april2024.com/4/js/233169

88.208.22.3

200 OK

6.6 kB

URL GET HTTP/2
32879.2481april2024.com/4/js/233169
IP
88.208.22.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subject*.2481april2024.com
FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49
ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT

File type
JavaScript source, ASCII text, with very long lines (16647), with no line terminators
Size
6.6 kB (6575 bytes)
Hash
7f699aabd1322945d7778dfd854da2ee
05e7c49379cc0b3dbddf1d27b3a51ca565af656d
7fd7a283418ba4f66b30a2d3d8d413e36a657ba853da0c2e38bad576ea7a8eb4

HTTP Headers

GET /4/js/233169 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6575
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2

js.mbidadm.com/static/scripts.m.js

45.133.44.53

200 OK

36 kB

URL GET HTTP/2
js.mbidadm.com/static/scripts.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectjs.mbidadm.com
FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80
ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT

File type
gzip compressed data, from Unix
Size
36 kB (36183 bytes)
Hash
05ce41f3adf4094ec81d90e9375376ea
5db7d860f1261b4db198f789442eac52eac03ab2
d23743d48daa8886e5daae05d7f67b608fca2587ee4dbe4fe841d51daf010f5d

HTTP Headers

GET /static/scripts.m.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab3f"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:48 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1

212.117.190.201

200 OK

43 B

URL POST HTTP/2
b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B
ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: UID=2405041738cc3161e17cc2423a83ca3b75e3; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Bungee+Spice&display=swap

142.250.74.106

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Bungee+Spice&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
14 kB (13709 bytes)
Hash
c6319af3fde062dd62a0be21992860aa
2850dfae3c3acb1f09d8719a1ec91213ef16d0e7
186fbe144a77057933920a13cbb38c4f4d4a70a21a6fd3f0926cb775b114519c

HTTP Headers

GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js

212.117.190.201

200 OK

48 kB

URL GET HTTP/2
b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B
ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT

File type
gzip compressed data, max speed, from Unix
Size
48 kB (48495 bytes)
Hash
bf5751640bd7a699a0df9081bff96fbc
7a5b0941666ab589bc30b0c0645f989c16bb36d2
fddedc237329e5377dc6fc9cb35260955a3efd38f5ba16a67d2fce60d7d4cd0a

HTTP Headers

GET /t/9/fret/meow4/2020088/0d68ddef.js HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.40.89

302 Found

0 B

URL GET HTTP/3
www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 22:38:49 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uB9EjS2bw9zGa%2B%2Bdb7VuXuI1IMibjYDLU9AR403Wd6M2RfnIfu9f09xws8VoneM65AAinHeX%2FtGN1U%2FAbZ3Ev9MXZ2Ac3%2FGE8ET8s2Pcyu7wLemIIpPWOO6%2FfwCSeUX7eGMV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb4cd54712a-OSL
alt-svc: h3=":443"; ma=86400

mpougdusr.com/get/2020090?zoneid=2020090&jp=_clb5erlveqc90stdwbdlmm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1&freq=0&uf=0

212.117.190.201

200 OK

16 kB

URL GET HTTP/2
mpougdusr.com/get/2020090?zoneid=2020090&jp=_clb5erlveqc90stdwbdlmm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1&freq=0&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66
ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT

File type
gzip compressed data, from Unix
Size
16 kB (15993 bytes)
Hash
a1ccbd5a51092ac1626a06f5613d9b0b
0e64e1fa95936cb794bdcfe7a1bf5c5d598a77a1
29a3e0a2522a963074abac0137bb76e0f5a8f7b59c22e7d3d66676970589f596

HTTP Headers

GET /get/2020090?zoneid=2020090&jp=_clb5erlveqc90stdwbdlmm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
UID=2405041738c4f1d4f3133f49e1b1b1a32525; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Comic+Neue&display=swap

142.250.74.106

200 OK

43 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Comic+Neue&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
43 kB (43202 bytes)
Hash
40d3f6b05cbc11833292e534c3e769e2
5ffca0371e2ce29ce473cc241347568fdd76baad
6222c6b0665b0bec8deac1d590116b27b43f949be0d9cd38c1baf449cd2b3b96

HTTP Headers

GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif

172.67.25.161

200 OK

143 kB

URL GET HTTP/2
cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif
IP
172.67.25.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectcdn.pncloudfl.com
Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C
ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT

File type
RIFF (little-endian) data, Web/P image
Size
143 kB (142898 bytes)
Hash
a3ef7f4652e064704fb9063bd2c44761
f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3
ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8

HTTP Headers

GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Sun, 05 May 2024 21:58:29 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 88820
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ebfbb65b12b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js

212.117.190.201

200 OK

3.9 MB

URL GET HTTP/2
pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87
ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT

File type
gzip compressed data, max speed, from Unix
Size
3.9 MB (3872828 bytes)
Hash
8e88b8d6f8766260a0d03ad8ec5832a2
289d28ca3a6a10a17476e1914f6056a173e085b5
9205e4cc9cf4405c914204446ace0d2007ad081e978d40cbbf78719631dea0cb

HTTP Headers

GET /q/tdl/95/dnt/2025683/kep.js HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-164ab"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

www.amdahost.com/cdn-cgi/challenge-platform/h/g/jsd/r/87ebfba90c7156be

104.21.40.89

200 OK

0 B

URL POST HTTP/3
www.amdahost.com/cdn-cgi/challenge-platform/h/g/jsd/r/87ebfba90c7156be
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/87ebfba90c7156be HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12190
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw; path=/; expires=Sun, 04-May-25 22:38:49 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Da6MjNsN5QRAJ3%2FYXtXSSRsiuVOvf8ysFcZ5QA1W3dop%2BicY1OqWIx08C9zLPHDlHpTZ3hK5VH62wDScxbAf4pZGXGu1GT6HTvFQu92P7geQ6vgWaYKZ4azxq6BoEEgBldTG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbb74f22712a-OSL
alt-svc: h3=":443"; ma=86400

b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clbm82hmu5cvgn4n6tfd8u&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1&uf=0

212.117.190.201

200 OK

2.3 kB

URL GET HTTP/2
b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clbm82hmu5cvgn4n6tfd8u&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B
ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT

File type
gzip compressed data, from Unix
Size
2.3 kB (2272 bytes)
Hash
ac3f0d74e62b886c46bfe7744de3fbcf
5d32ab08184b44093277fb5d0103d00b45cb0d72
614f7d30f804d69bb268c9e9abf9ddadf167d03c634c345f141cea89ec10d8d9

HTTP Headers

GET /get/2020088?zoneid=2020088&jp=_clbm82hmu5cvgn4n6tfd8u&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1&uf=0 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
UID=2405041738f2d2217dfac0413b88b861837a; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06
ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 04 May 2024 22:43:49 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.amdahost.com/media/apple-touch-icon.png

104.21.40.89

200 OK

40 kB

URL GET HTTP/3
www.amdahost.com/media/apple-touch-icon.png
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
40 kB (40332 bytes)
Hash
3a0b8d799ca52ea360286be206ff8fb3
2dc98f04f62990a7ab58494b8cc4c9d34f88d82b
a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d

HTTP Headers

GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3957
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3u17IPVseMMpbKcOjL6JaUnhJnVTvAnd00r5n0bSi83jjB5razHe1%2F5Nn8A6n2fDJRy%2FUVw33D5Tc5k5TEwT051VOePXKWijRf3XfDcHMQAS9TCNF5OJFt46pyweDE%2BzMAp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb8afc6712a-OSL
alt-svc: h3=":443"; ma=86400

www.amdahost.com/media/favicon-16x16.png

104.21.40.89

200 OK

936 B

URL GET HTTP/3
www.amdahost.com/media/favicon-16x16.png
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
936 B (936 bytes)
Hash
ac0cd4d64276fa91e68993406abcd43d
c9af1132645f2bccfb9295a4e45cc95e8e78b7b6
bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382

HTTP Headers

GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSWaqaU8EynOlncV3LoImHQY1Lbr%2Fdk3AzeCOMg6BAZ2tpSp91v6xrzUoEtM4y3%2B%2BP7Oy58oDw4bqliHv7VObyVk4hWsLFAMn6Wx9t7f2zBHnx5DX35uWS3dtuqfe2Hub2yu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb8afc9712a-OSL
alt-svc: h3=":443"; ma=86400

www.amdahost.com/cdn-cgi/rum?

104.21.40.89

204 No Content

0 B

URL POST HTTP/3
www.amdahost.com/cdn-cgi/rum?
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1075
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 04 May 2024 22:38:50 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87ebfbbb8a93712a-OSL
x-frame-options: DENY
x-content-type-options: nosniff

www.amdahost.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

104.21.40.89

200 OK

6.8 kB

URL GET HTTP/3
www.amdahost.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type
JavaScript source, ASCII text, with very long lines (7828), with no line terminators
Size
6.8 kB (6796 bytes)
Hash
b4ce3f67ab885326cf6836283073c42d
15c86ec7fc4fda119ab0aec727e3f820bcc37245
fded1a23e8d90673cf9082505959392aa1178cea8d6566de938bdfb24a87073b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVbBi%2BbKCbNCBS80VogZzP4yjKdBUWv%2Fxjljo%2FNZfrZhYP09GTJVpckn9bhYFe23i65OqsWRL2Xm0zyr%2F%2BMzUreYc6Gdsvt1ZyzAO6YSsiLuf%2FsjBRO2Lfy0k0m1rcVYJFas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbb5ee0b712a-OSL
alt-svc: h3=":443"; ma=86400

mpougdusr.com/bultykh/ipp24/7/bazinga/2020090

212.117.190.201

200 OK

54 kB

URL GET HTTP/2
mpougdusr.com/bultykh/ipp24/7/bazinga/2020090
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66
ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT

File type
gzip compressed data, max speed, from Unix
Size
54 kB (54074 bytes)
Hash
afbbb160c32928e68df3c22329f54540
b5679512b81a60e717209abf859b6dd52162992b
431f6a4eaf030b294bcf829a0afe4b12528d272d3af4ad17feca369c24b8bb1c

HTTP Headers

GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=179977

157.90.84.242

204 No Content

0 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=179977
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 04 May 2024 22:38:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

893 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A
ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
893 B (893 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: f4b8a9e21265a8911073d361e970b7a1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FR%2FWzW3VkE8evdWJlX8uxoRgYiRuxV3gi0RrlrxKoPa1d6FrfCBEZyhJWZjMJmC8NY594Gdu75Jtb7rXsIf%2BFVubZaKB8Aq1FJ5N8rWo9t4%2BKr2Vv0JtlHAt5Tu%2FlSi2k2T%2Fz%2BiTaMcGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbbbd82e56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=179977

157.90.84.242

204 No Content

58 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=179977
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type
JSON text data
Size
58 B (58 bytes)
Hash
87385fcd2a67fc74d2fa67366ba68ea2
a604cdbb1d31ce257e8643eee9219c9c724c200c
9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995

HTTP Headers

POST /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1835
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 22:38:50 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=14632316738468914492; Expires=Sun, 04 May 2025 22:38:50 GMT; Secure; SameSite=None
Vary: Origin

metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

168.119.25.20

200 OK

0 B

URL GET HTTP/2
metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
168.119.25.20:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 22:38:50 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=161855

157.90.84.242

200 OK

0 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=161855
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 04 May 2024 22:38:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

3fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC42OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

45.133.44.53

200 OK

0 B

URL GET HTTP/2
3fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC42OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subject3fb4026cec.ffbd26c481.com
Fingerprint27:04:EE:66:BA:5B:49:EF:14:C8:8F:A8:F2:D9:35:3D:F6:0F:40:6A
ValidityWed, 01 May 2024 02:50:26 GMT - Tue, 30 Jul 2024 02:50:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC42OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 3fb4026cec.ffbd26c481.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js

45.133.44.53

200 OK

28 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type
gzip compressed data, from Unix
Size
28 kB (27875 bytes)
Hash
06016e710e993ce05aed3eb9c12b5826
bbd9c6ab453873cce770bfc0d30862cd1db6fb26
8c38f1cded5182b77564276d9f91f6ba13c5e2fe6c6448d5b673250cc88b3ff1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /69e850fd67f4bef7c987ce894adc6a8e.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.mbidpsh.com/npc/sdk/push.m.js?v=1

45.133.44.52

200 OK

15 kB

URL GET HTTP/2
js.mbidpsh.com/npc/sdk/push.m.js?v=1
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectjs.mbidpsh.com
FingerprintFB:CB:96:60:36:41:56:0B:E6:D1:90:FE:AB:B3:59:6E:D0:21:67:78
ValidityThu, 18 Apr 2024 03:01:07 GMT - Wed, 17 Jul 2024 03:01:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33497), with no line terminators
Size
15 kB (14981 bytes)
Hash
a069fdae233705c69db53cdddf953015
2dcfb71c08faa8c09be0196751a3b7f08afbb2e0
8358b4d2ef244f2c763073105b21a552b4589aafcf9b46e128820b35a34f7d9a

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.mbidpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

mbdippex.com/in/multy

157.90.84.246

200 OK

0 B

URL POST HTTP/2
mbdippex.com/in/multy
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:50 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

js.mbidpp.com/popunder-admanager/build.m.js

45.133.44.53

200 OK

28 kB

URL GET HTTP/2
js.mbidpp.com/popunder-admanager/build.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectjs.mbidpp.com
Fingerprint5B:B3:95:84:D0:2B:0C:9A:68:98:53:B0:A4:A5:68:88:B2:A5:5F:82
ValidityThu, 18 Apr 2024 03:01:11 GMT - Wed, 17 Jul 2024 03:01:10 GMT

File type
gzip compressed data, from Unix
Size
28 kB (28303 bytes)
Hash
1be09bd94c924feb98f9c8a1358d34d7
46d474040f895835ea48caa3339209c43fc965c1
e7a4ddfad532563a5d5c307dad60fea76f23fa4b3407ecdffe403ed8113cd45e

HTTP Headers

GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.mbidpp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

storage.mbidstorage.com/log/count.html

172.67.164.241

301 Moved Permanently

795 B

URL GET HTTP/3
storage.mbidstorage.com/log/count.html
IP
172.67.164.241:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectmbidstorage.com
Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95
ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT

File type
data
Size
795 B (795 bytes)
Hash
55649b17ceb7afcd888da7146e826310
3c07f1b01398ed8f7332eabce19e1be1a4d86145
11a80147a3a49c4a0f0340ebde92be846cb4f432e696ed3950d97b7f76a349a8

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 22:38:51 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLueXSimGSZ1duDkF8VHrm%2BwQdZLOzdgeeNfITDgXzixmCwoCQaaAg4KGt7clFhzIbT70hURXMUynniXuLpx4DQdvVMNKDcP0JEB2Xm%2BhdxEvUqn2IZaO9dISzCFV4UNCBaNo1B8LZeQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbc0df85b4ed-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzVq30OKTNNS_Se3b2z0bwrospjUNmVIZE4TbgNKcUOLCeg3XA4eAd_W0bhOCKNObJ8Tu7S

74.125.131.84

302 Found

425 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzVq30OKTNNS_Se3b2z0bwrospjUNmVIZE4TbgNKcUOLCeg3XA4eAd_W0bhOCKNObJ8Tu7S
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT

File type
HTML document, ASCII text, with very long lines (404)
Size
425 B (425 bytes)
Hash
ca37f5c87aa8f110b9767d825181a15d
3010354aedf6c72ff39895297b8a4eb4f5e0f274
9e1e496493537bb325f7d804be5f23f36098be929af31471148b5f5d098e0ea1

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzVq30OKTNNS_Se3b2z0bwrospjUNmVIZE4TbgNKcUOLCeg3XA4eAd_W0bhOCKNObJ8Tu7S HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:9uSTbej-r3XbC2Lse29E_9Fy8ox7tg:NrwnTSNRksrHJPf7;Path=/;Expires=Mon, 04-May-2026 22:38:51 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 22:38:51 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx4ePO-1raIkJ7Rz-okgdVSkoQcFw08d0gafMW0uPBVIS40mg3Ure9OTsTNl25Rak__FAj3&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962556525%3A1714862331123026&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-68dInHcMYsckUkdwb3Q8tg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mpougdusr.com/chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=FiMQJOuOvML2PkarooZYJRDTY1XQkP2P-kDnpyicxLAGwWzub9JtLjPCEHXNQSIWT5e2qNqw5bYrdanyLUv-B6V0XlWlYvdifpl154cABNN1XBeneD8FRwlpdTMCfOe2oSs2pKFKJK2LFjK_XP7akR2PMyrLzFFBEHzacHpkp0baiDhsQB5z4fkc3OTcXfOIAN01ptvd1A8dcqa3MFnQlMrF7hzhOm6Mwo-mlGZw6NZWZ4iPR7iSImqRbkRwzkywW8sYk1AehgivX-s50hOTFp6KdGB_AN75mbaVzXN8XTX6Aw7bqxuOn_3nhUxmxzCBbLB5RlTjCM5dLww6BTt-fTM9QNwTI1KSQDN-Qy4ASTXaXDqOoxARXkkrKefiIcoJf3ChNMwC9WMPyfCZkcCyhxBa1jlHwcVhiBHWDv5SUSOwUsREEs2xwr23Lre6XMtZyKhfV45ApYj7ND2d1Et_KHODnQKrz9Dej3wo8k4lqFHYBbxv8nfInCrRc4FvFjfYyiDaxCOw8kEChytjdEJKnHx2diXNEEOmF6G5VBinmllbnFzoJ4nqPq9Hu8r5uqEiHQoJ_Cnf23yP6bE2L3ju0TEnfos1uFmtpZ_KhcsM3d-N3D85GLvgAyU5bktgX5w61QU_3H4Nlm63QQwUZK81FRbg7rmjtzLGI5pcmjFRvNvGkPZreEcFliUuBhSlWTVScIpfvKDLL9eHP3iSNuGUGrxbD2GyJhGb05jPvWbfQyJ9-KYNffKHcd3695cQ5Mf5Su2s5sWhxAjGN2toRBF6JKRa5cnRHNQyYXlWNXycaB3WD44oDHAwbKcOh7qQgeWp_71_PWeWF4x6Z3yHyl1JMA68Rfd-SgtXh8tmXP31k3c46nBgObrDYYZmgBlH0es3Pim8UU4UnctDzlmxfiP7_wrxZw1JVjJHeZfXdqpQJOL5K3Ftt3v7VyNlRTq3ginHSS52ntOJ-CXWzHwVyIQTNHsrFTuyp4-0UDbbMeSHI08WPNaaozksdH26MXZwR6PnT6lWnp6MQIOPsP-8Qd42EEiIpz8ti5d70IIXfXkEnvfXTs1cx_OMAmhJJEudqXspOIsMsviqshcHHflWITdCSbZ0XSbawrwsXrGbgkgo4bpiWaSApZnFdEJnafhZP8GAosZN-B0Yp6ghtNBO_PBRfHfaek9Hu7Gx3OnQWTiwqWnihSp6AHiQNWZ9u04oDFAIJIIoZ4uPCnbhklWlVNDNTo6te-lfIPzXW3DfGzt8KGKODpde0eBdguz65BjP0KrXU5SAVEUktnRAgWcZXIQaAl1v1Kz3n8q9DDJ9NlrVPdo2ee4earFNoOv37zBe8wH5FS0OuRrNVvKF6jEI5cIwcLRqJW2avl1Bd5LpkUshuD6oB4ERzhZ8eQeMdNlc4qsi2eNXyddXLiIeUUQq20HTdXrEzSfwOhnjAtCo0FJHYiQcFJ2lW_vZV7Lpdy1YBAeyXhgVlvelzyP6H9Ilx9oQ_Qpoy017MX7yeMSfitzgAujrtSDRWCqTpmDLBui4bGQmRu8G4Tzt1GRuG5-i4s3NSQ_0yyEIEJqv1jRtCDU3FEBCHJxnqrb9amGN7YJUPP7pPeftSd4fl9gamXCNNYb7dHbD7Sj-hBIZeXs_Djx--yoIc6DUjdO9S4y-jB6Yn7iFZnQ8r-e34SqZ2pQhEbqBXhIplu1n0JPZ5op7Zq6pmaO46mPrP1Vmnc5LpuevzVBIpWio74e6k7lNwgpVmVBUaO3nftxNRkG969e90PWimQLU4H9Q8KS-SWfy9Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1

212.117.190.201

200 OK

43 B

URL GET HTTP/2
mpougdusr.com/chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=FiMQJOuOvML2PkarooZYJRDTY1XQkP2P-kDnpyicxLAGwWzub9JtLjPCEHXNQSIWT5e2qNqw5bYrdanyLUv-B6V0XlWlYvdifpl154cABNN1XBeneD8FRwlpdTMCfOe2oSs2pKFKJK2LFjK_XP7akR2PMyrLzFFBEHzacHpkp0baiDhsQB5z4fkc3OTcXfOIAN01ptvd1A8dcqa3MFnQlMrF7hzhOm6Mwo-mlGZw6NZWZ4iPR7iSImqRbkRwzkywW8sYk1AehgivX-s50hOTFp6KdGB_AN75mbaVzXN8XTX6Aw7bqxuOn_3nhUxmxzCBbLB5RlTjCM5dLww6BTt-fTM9QNwTI1KSQDN-Qy4ASTXaXDqOoxARXkkrKefiIcoJf3ChNMwC9WMPyfCZkcCyhxBa1jlHwcVhiBHWDv5SUSOwUsREEs2xwr23Lre6XMtZyKhfV45ApYj7ND2d1Et_KHODnQKrz9Dej3wo8k4lqFHYBbxv8nfInCrRc4FvFjfYyiDaxCOw8kEChytjdEJKnHx2diXNEEOmF6G5VBinmllbnFzoJ4nqPq9Hu8r5uqEiHQoJ_Cnf23yP6bE2L3ju0TEnfos1uFmtpZ_KhcsM3d-N3D85GLvgAyU5bktgX5w61QU_3H4Nlm63QQwUZK81FRbg7rmjtzLGI5pcmjFRvNvGkPZreEcFliUuBhSlWTVScIpfvKDLL9eHP3iSNuGUGrxbD2GyJhGb05jPvWbfQyJ9-KYNffKHcd3695cQ5Mf5Su2s5sWhxAjGN2toRBF6JKRa5cnRHNQyYXlWNXycaB3WD44oDHAwbKcOh7qQgeWp_71_PWeWF4x6Z3yHyl1JMA68Rfd-SgtXh8tmXP31k3c46nBgObrDYYZmgBlH0es3Pim8UU4UnctDzlmxfiP7_wrxZw1JVjJHeZfXdqpQJOL5K3Ftt3v7VyNlRTq3ginHSS52ntOJ-CXWzHwVyIQTNHsrFTuyp4-0UDbbMeSHI08WPNaaozksdH26MXZwR6PnT6lWnp6MQIOPsP-8Qd42EEiIpz8ti5d70IIXfXkEnvfXTs1cx_OMAmhJJEudqXspOIsMsviqshcHHflWITdCSbZ0XSbawrwsXrGbgkgo4bpiWaSApZnFdEJnafhZP8GAosZN-B0Yp6ghtNBO_PBRfHfaek9Hu7Gx3OnQWTiwqWnihSp6AHiQNWZ9u04oDFAIJIIoZ4uPCnbhklWlVNDNTo6te-lfIPzXW3DfGzt8KGKODpde0eBdguz65BjP0KrXU5SAVEUktnRAgWcZXIQaAl1v1Kz3n8q9DDJ9NlrVPdo2ee4earFNoOv37zBe8wH5FS0OuRrNVvKF6jEI5cIwcLRqJW2avl1Bd5LpkUshuD6oB4ERzhZ8eQeMdNlc4qsi2eNXyddXLiIeUUQq20HTdXrEzSfwOhnjAtCo0FJHYiQcFJ2lW_vZV7Lpdy1YBAeyXhgVlvelzyP6H9Ilx9oQ_Qpoy017MX7yeMSfitzgAujrtSDRWCqTpmDLBui4bGQmRu8G4Tzt1GRuG5-i4s3NSQ_0yyEIEJqv1jRtCDU3FEBCHJxnqrb9amGN7YJUPP7pPeftSd4fl9gamXCNNYb7dHbD7Sj-hBIZeXs_Djx--yoIc6DUjdO9S4y-jB6Yn7iFZnQ8r-e34SqZ2pQhEbqBXhIplu1n0JPZ5op7Zq6pmaO46mPrP1Vmnc5LpuevzVBIpWio74e6k7lNwgpVmVBUaO3nftxNRkG969e90PWimQLU4H9Q8KS-SWfy9Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66
ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=FiMQJOuOvML2PkarooZYJRDTY1XQkP2P-kDnpyicxLAGwWzub9JtLjPCEHXNQSIWT5e2qNqw5bYrdanyLUv-B6V0XlWlYvdifpl154cABNN1XBeneD8FRwlpdTMCfOe2oSs2pKFKJK2LFjK_XP7akR2PMyrLzFFBEHzacHpkp0baiDhsQB5z4fkc3OTcXfOIAN01ptvd1A8dcqa3MFnQlMrF7hzhOm6Mwo-mlGZw6NZWZ4iPR7iSImqRbkRwzkywW8sYk1AehgivX-s50hOTFp6KdGB_AN75mbaVzXN8XTX6Aw7bqxuOn_3nhUxmxzCBbLB5RlTjCM5dLww6BTt-fTM9QNwTI1KSQDN-Qy4ASTXaXDqOoxARXkkrKefiIcoJf3ChNMwC9WMPyfCZkcCyhxBa1jlHwcVhiBHWDv5SUSOwUsREEs2xwr23Lre6XMtZyKhfV45ApYj7ND2d1Et_KHODnQKrz9Dej3wo8k4lqFHYBbxv8nfInCrRc4FvFjfYyiDaxCOw8kEChytjdEJKnHx2diXNEEOmF6G5VBinmllbnFzoJ4nqPq9Hu8r5uqEiHQoJ_Cnf23yP6bE2L3ju0TEnfos1uFmtpZ_KhcsM3d-N3D85GLvgAyU5bktgX5w61QU_3H4Nlm63QQwUZK81FRbg7rmjtzLGI5pcmjFRvNvGkPZreEcFliUuBhSlWTVScIpfvKDLL9eHP3iSNuGUGrxbD2GyJhGb05jPvWbfQyJ9-KYNffKHcd3695cQ5Mf5Su2s5sWhxAjGN2toRBF6JKRa5cnRHNQyYXlWNXycaB3WD44oDHAwbKcOh7qQgeWp_71_PWeWF4x6Z3yHyl1JMA68Rfd-SgtXh8tmXP31k3c46nBgObrDYYZmgBlH0es3Pim8UU4UnctDzlmxfiP7_wrxZw1JVjJHeZfXdqpQJOL5K3Ftt3v7VyNlRTq3ginHSS52ntOJ-CXWzHwVyIQTNHsrFTuyp4-0UDbbMeSHI08WPNaaozksdH26MXZwR6PnT6lWnp6MQIOPsP-8Qd42EEiIpz8ti5d70IIXfXkEnvfXTs1cx_OMAmhJJEudqXspOIsMsviqshcHHflWITdCSbZ0XSbawrwsXrGbgkgo4bpiWaSApZnFdEJnafhZP8GAosZN-B0Yp6ghtNBO_PBRfHfaek9Hu7Gx3OnQWTiwqWnihSp6AHiQNWZ9u04oDFAIJIIoZ4uPCnbhklWlVNDNTo6te-lfIPzXW3DfGzt8KGKODpde0eBdguz65BjP0KrXU5SAVEUktnRAgWcZXIQaAl1v1Kz3n8q9DDJ9NlrVPdo2ee4earFNoOv37zBe8wH5FS0OuRrNVvKF6jEI5cIwcLRqJW2avl1Bd5LpkUshuD6oB4ERzhZ8eQeMdNlc4qsi2eNXyddXLiIeUUQq20HTdXrEzSfwOhnjAtCo0FJHYiQcFJ2lW_vZV7Lpdy1YBAeyXhgVlvelzyP6H9Ilx9oQ_Qpoy017MX7yeMSfitzgAujrtSDRWCqTpmDLBui4bGQmRu8G4Tzt1GRuG5-i4s3NSQ_0yyEIEJqv1jRtCDU3FEBCHJxnqrb9amGN7YJUPP7pPeftSd4fl9gamXCNNYb7dHbD7Sj-hBIZeXs_Djx--yoIc6DUjdO9S4y-jB6Yn7iFZnQ8r-e34SqZ2pQhEbqBXhIplu1n0JPZ5op7Zq6pmaO46mPrP1Vmnc5LpuevzVBIpWio74e6k7lNwgpVmVBUaO3nftxNRkG969e90PWimQLU4H9Q8KS-SWfy9Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405041738c4f1d4f3133f49e1b1b1a32525
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

mbdippex.com/in/multy

157.90.84.246

200 OK

2.5 kB

URL POST HTTP/2
mbdippex.com/in/multy
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type
JSON text data
Size
2.5 kB (2451 bytes)
Hash
8863046efea5e878bd79882a59ec3bfe
0135485b5bfa3d25b2a27a501396bef17dcf2991
202cbeab39d7005ca037466561f0c2914349e27e86b985866df95852499ab0c2

HTTP Headers

POST /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2166
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:51 GMT
content-type: application/json
content-length: 2451
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=SkewakEimefxlmo-BP2omGmNVSLvWcSti4LZpHqvDSfwbnWxBEMGrO9GxSmSFZc1AlNxcaKql8EsjKdhA71V2ffjSNMh2KhXvq1iG0J1T2ilaGnlsdhkwEBAl2FV42shvR0r1ARL9py7XWolvhOVWie4pG0NLvTLaj2RWFXPTHD1B6G9xA&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=efda6aae-37ca-47dc-825c-95799a92dad7&prev_step_diff=1027

157.90.84.246

200 OK

0 B

URL GET HTTP/2
mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=SkewakEimefxlmo-BP2omGmNVSLvWcSti4LZpHqvDSfwbnWxBEMGrO9GxSmSFZc1AlNxcaKql8EsjKdhA71V2ffjSNMh2KhXvq1iG0J1T2ilaGnlsdhkwEBAl2FV42shvR0r1ARL9py7XWolvhOVWie4pG0NLvTLaj2RWFXPTHD1B6G9xA&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=efda6aae-37ca-47dc-825c-95799a92dad7&prev_step_diff=1027
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=SkewakEimefxlmo-BP2omGmNVSLvWcSti4LZpHqvDSfwbnWxBEMGrO9GxSmSFZc1AlNxcaKql8EsjKdhA71V2ffjSNMh2KhXvq1iG0J1T2ilaGnlsdhkwEBAl2FV42shvR0r1ARL9py7XWolvhOVWie4pG0NLvTLaj2RWFXPTHD1B6G9xA&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=efda6aae-37ca-47dc-825c-95799a92dad7&prev_step_diff=1027 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=eAwCXfaULrB6s4eBOr_R3bY8MnmpmQy-oF9o6V55eNdYONZ1ZQl8DaPU5lH2TQcReS6zED1gjISbugv-1pAkooFejWx5MUKFLiseDXq7N1kwJl54B2i53kHqkiQZaW7kZ2BNzSifmRslUbTC_Dva1iapRqEIR5PircUto8NM8MLxGqBfMQ&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=50c8a122-ece7-4743-8003-1ea3fc387772&prev_step_diff=1026

157.90.84.246

200 OK

0 B

URL GET HTTP/2
mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=eAwCXfaULrB6s4eBOr_R3bY8MnmpmQy-oF9o6V55eNdYONZ1ZQl8DaPU5lH2TQcReS6zED1gjISbugv-1pAkooFejWx5MUKFLiseDXq7N1kwJl54B2i53kHqkiQZaW7kZ2BNzSifmRslUbTC_Dva1iapRqEIR5PircUto8NM8MLxGqBfMQ&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=50c8a122-ece7-4743-8003-1ea3fc387772&prev_step_diff=1026
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=eAwCXfaULrB6s4eBOr_R3bY8MnmpmQy-oF9o6V55eNdYONZ1ZQl8DaPU5lH2TQcReS6zED1gjISbugv-1pAkooFejWx5MUKFLiseDXq7N1kwJl54B2i53kHqkiQZaW7kZ2BNzSifmRslUbTC_Dva1iapRqEIR5PircUto8NM8MLxGqBfMQ&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=50c8a122-ece7-4743-8003-1ea3fc387772&prev_step_diff=1026 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.53

200 OK

16 kB

URL GET HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD
ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT

File type
gzip compressed data, from Unix
Size
16 kB (15646 bytes)
Hash
bd99019fe09de7de1a290e171bcff686
def73f8796232f82f4886a80543924a44ac14d25
92f3259becdf09c1cb95e163bfc058bbb9ebf489bedb141e9085e6e20229cf07

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.fluidplayer.com/v3/current/fluidplayer.min.js

185.76.9.14

200 OK

100 kB

URL GET HTTP/2
cdn.fluidplayer.com/v3/current/fluidplayer.min.js
IP
185.76.9.14:443
ASN
#60068 Datacamp Limited

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectfluidplayer.com
FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76
ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT

File type
gzip compressed data, from Unix
Size
100 kB (99729 bytes)
Hash
357a66cb39c894e379ddcba79325c21d
0265c6b6616af6585e52e0630248321ab2f57109
21bb5270f04376d27b5ba1bcd84b450b471030e02a399d642a806f24a10f71f7

HTTP Headers

GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3Hw0AAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: c0a4cc28cf26a6a3f8b8366601a8f706
x-accel-expires: @1714945369
x-accel-date: 1714858969
x-77-cache: HIT
x-77-age: 3359
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 3359
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=8890fccb-862e-4193-89dd-c51a8322e20a&prev_step_diff=1027

45.133.44.25

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=8890fccb-862e-4193-89dd-c51a8322e20a&prev_step_diff=1027
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=8890fccb-862e-4193-89dd-c51a8322e20a&prev_step_diff=1027 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 22:38:51 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.25

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 22:38:51 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=b79f5eca-a9e6-4312-94d5-b876672f686d&prev_step_diff=1025

45.133.44.25

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=b79f5eca-a9e6-4312-94d5-b876672f686d&prev_step_diff=1025
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=b79f5eca-a9e6-4312-94d5-b876672f686d&prev_step_diff=1025 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 22:38:51 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.25

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 22:38:51 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

storage.mbidstorage.com/log/count.html

172.67.164.241

301 Moved Permanently

5.4 kB

URL GET HTTP/3
storage.mbidstorage.com/log/count.html
IP
172.67.164.241:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectmbidstorage.com
Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95
ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT

File type
data
Size
5.4 kB (5424 bytes)
Hash
ca05b21d86db01b4856547c0386f803b
8d3c2cc4c260d66e3a5cf61bf6b8aac9d15f75fb
3b52283ae4027f4d11ed96fb1d48f1ed068e5d73ec5aec92930bfcf2d7df6ac4

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 22:38:50 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cm6msTJUGDjhjCQBfIg9nvngNrJei89JKbze8y2ZZ27iszKsG2kRxxAowcSODruhqsGFzG1dsNNO%2FxxTIIuhP6irpyIu07z3y28zxh469viICJoTMCgK4rP0Sq%2F4VtaMNAwkbYuP5GpHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbc02f0bb4ed-OSL
alt-svc: h3=":443"; ma=86400

storage.mbidstorage.com/log/count.html

172.67.164.241

301 Moved Permanently

4.5 kB

URL GET HTTP/3
storage.mbidstorage.com/log/count.html
IP
172.67.164.241:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectmbidstorage.com
Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95
ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT

File type
HTML document, ASCII text, with very long lines (4305), with CRLF line terminators
Size
4.5 kB (4467 bytes)
Hash
da159a168a87397b9d1fb2d47d1b1410
c4a03caf8baceab12c16cf273e878c32eecedc81
a5049c8d71f2d14b8a486781fcf42b24764be6cfdead0617cb887750b7d9d712

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 22:38:51 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4bDCg0PkelMLJwkLvmdIQF%2FMGY11uTQyqV9%2FK2LOAUP8H9NG2HYaP6XnYxFexJ9mVV3DeEaJnot9NYpCRaoR%2BX1uVC1esgtKqB3JJ%2F3K5a9uGNpqIFJ%2FTKMieYO0Vv64c2EUaxOwihzEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbc2b8dfb4ed-OSL
alt-svc: h3=":443"; ma=86400

mpougdusr.com/chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=zIhXDA-hPA6L3dV5CXkGQuxTc_SAgMa1Ts_w9OSCiRF17HsqLAO0P0fj8SlGmKXoCmxrbsKJHqJDN1Vz0IhtO4CWS-hBuKOTdA5ZvDwnSTiPrshfu-isjUAPUJ4t5mV4_NINoUmPZYcuAiLaHz-vl--464j1lDTAcvIs57cIOS6DhfZQTECEGV94EHUpAgC0jVnJ3zWRRKf3IkyWqnUByNGhasknTF3nl4GDwzOhMi0mvaIyVw4M0Wcs4sFJZhG6VVj7kgNS1rjw2HvoJEbcHkcmRpZSWcjlv1kra-T-wGujC4bh5LRjbqUtPB62JLk4ymU0QpEyMOEpgMBvdBOrCwhpXfpeiovJ8T9vzi4Hpb06FaTyBgMLFgC2bLdUQ5XBljHm6_-PnSlboWPWBNZZgLNLXofuLtskG1L9pdvw0lcfK8V2qctbihloZk1veaHbpSL6OfsGhPycsyqGONnyziYzLkUoDTEGHtk_3NmkDeNfFFxmCrz0lhibwOCPme5Vde3w5h5noj_78RMK0_DhFDe7WNYKYHIjG8pgFALhgvwFyuVD8RLgKc7B0o3Eif7VjZGX9HWoZgsn1j3oAm_kkXi_oS8W8INlchy56pOR4bkfnUSDM319RyYCX_5CQRlEw00z_9kROgiMdmx-y5Q-ggpTBODRwqPUhq-VUgoM2Mbh8J3wJcNqJJcQnYPQvIygStKB1W1_8m5L6NYf_gGcFVikER9CBJLWa3sd8ly88Sj4tIoE_xR6lcscxbQycH290qAcsjjv5JgmQ8Pe3Ukv7PaSu4u-leaNos7QNUpxJ6cMi2eHSIcUD3ZgLTSKIoWx86w2Vjxgg-VEOHNOwBqMDo833082PYJXfCZlsunL3DD5rKK9Z2CIRExc585S0vU685NJ-dVZ_V665WFEbEB_tEAgksb9uM2byGZEZmCe0WPi-h4fVUu9ZrmQYdLCGRQ7ClzisMiTusdD4mIwEHtj_Dda0NBBsIpmCvTvZvWxszrSWn22LrMUPvtMJwAkZ0I4CHIKtjrlACGF5n5xoO2Dw52iDDK5qVyFyUTn7RwonE9rZbjxyiqDBxqxXZifgVjpQMMR7xZOT0XbL4-hDFqiKXiL7dpg1sYYh0o7V74KX0AIqBJejQJ7bqSPgtq-xGcaiJGYeKxNZN1EJl58ZN9YjFHCcOs-1V-j4IZjn8ihZznlsN0fhFvyRE1pO0wZ5A9DEc7bAmiJtZi1eCupJLcpv1CBoEdZUKXzChsyBdedoL490hrsoekSRFd79jh9likDClq4puh3Yovv-RXgBxBpNjq_xUKAO0yMV8Gu5nSAAq8UI-fB_Q9zy5SZ7xoGDRd4yXxkNe2P40c0-JK9tcU7viTqD8XHk4vkyvX2rOv-pUNjY8qeaUA2aMC6xb596EOWHW5BczMbOaCG4_gzzZYaEYwOSazmx71t5v3tgbmB5ezSt4LheVStEjFN4vKFg9ttqxq9yp1jTZRw7LRVdF5CzVB9-qYxTZixGWL9hX_jaItWxdqyuLW5DzSAyH_G4p0G2Dt1a6JuTH-kJKrc-aYjqedJFxFCC5fAHlGq6_NNfGLqwDyNipVnD8km2e6uJgXK3FWr1wgxyO1GLtUsdzUi7Ql4PevebopkY0QFIgzCwSPEgDA8kSYRAexC_Hdi5ZUr4GIdt783iZ-j-TmQmHmEmBg-iH_ih-utLWVxPlePjHUmYh8jwWAI6WUA3b-US5GOUTDd5OxIq5oigAzLU3mLCmPQK7ssfIAZHaAjJkVz47gE3Asiz1t1jkYgkXYAsRa4B8wF5ES4Fc8oPKDeK6OCQ0795SbNbKwa4X3Xsrmx-Nx4w2XFIJoCjF0xAG3PxM-QFB7m3mY1kymZ_Mzc5NTQf8yRx4myEKL7JSRzBdtF7x3GMh-jv7o1oJVONMJBi6bSsNgLgtqlh5HaltHgJmRHMZx1NCXuslgsO-S0YfZ4BaPy4eFOkfzuHULEkt6W2RPsZRxXP0Ruj2Z65jVVWtWjgsdkuloMwV-poFkvnCnPPcuW_BqEyFCuBYP--PTrANZqDLN6vLklGyoRxmn6H99APGGRKshi5ymKIhHw8ImKgNx3tjHB2kv5OT6m_dWJLHmvPnbdyKvFdy74KoRRuUXuPSD6YkVzrJGy8uNZ9gMDQh-nWTwDbOW_kdcv_SfZFp8xHecE_i_q9bD4Q0wTnFKaKVlMXcBEED0fnWsc6IjddkC4ytj5h5EYtWmXDU6KNZkULI8SYmF3WUstd8hzW89_4CqOg00bWwYovyZ71XIyWGYz85qiEDA8l6jekXzEYvodPIScvw9mxJ-F_IOPi8wlH41PaNGlRgfV4yYoc6cNj1tldtqWOG9MKZ79jAHTMVqha6i_rCrTvygaARkg4lWAGekU19RDiptr_GDmz4r4npKIImL--D1AfNZ-bUurFi-GO89yQkzMhAfu6Oxuc_wlbVhU8l1WjpHp311GvVIbpARgbt2pyEw9ahjaIZ5me-ubEXm3yUkXbc_hP9DSVhkMIe35hFtScGYQ_kgHjzNxQxWESowk4BTSNxkkOGjRGgv89nDQMskIn5YxyRCw5QfJi0_dCjE4mKDzx07Knk3A7kAyUIpPBoYM82W4XBFUkoHoLaVkuDLJjMfYls7AKf7ORFkEQn_wNx0AxVBx3VL7YZVLeJ10okSHszjg5NmtB88irCjbuU3Apy5j-KFgEzyynZ3gLMnrC479gtUF_GOISbRWskdOoQtOuMkaN_aex4K3ltfHrGA9086OAUPzTycUwdezdP9uOq4Bml-uNvsvQfzGDmFGFu1qDRtsVvF7b5rpZURHRtMUsZehmD694TVxLliYS8E626hTSfiVIeWJFNWrKWxqv2PmJH7F1xdJv59YouVwf9ui4oZwLmG0cZ22HRWwyBpubfPaAJAjFGMwgkp1Hx7p09rmuxg1elrwPVQZEXXu-DuDQLHgAA19tyNC6NxxxVo6ZJixnRGs_yWIazqZwGRVrSn7Hbl4MB0MDtuc-8mI90x8gSCkNhzZsrb5VwMusoqnp2iKCzfuSOL-fvH__WEgk8PT7aLXuQQcj9IpVVqgHstC5uyVY2evX7Jwp3-mW5ogbjDPPk4y9EAd-PAAGj5mFjKjgNu3LqqnCWPY-ubeG1yVHLZi1W9SpRxT60ESA5n5i9g2_Vi66r0j_F2aTI4Yw48y6z2dktLEFwLrIVyqYWRomqJstik4Yg4_TDqLz3SCGoKX3UrER5CckZ6UfM2wkWFj-kzR9dvFfyZScljXfFuodG0ueIIxjb8P6FHDfnLkzVR8IF6lNEGVaB7ZO7gg3YoOBFcPDUwL-oQUpMd0V1SF0lKQNpTwDZrfCF1wbqIN2dpm8zuYHiTOMwNSE_lQYq6osSD3xceO07gcPPksICP7vD3-eo_rNZWjgrDOcrJ0ddrC8KD5CLjRYo45L21YnMKTze6PuMa-iasNQTY7ncO3GHTxy11IG8p3VtXWe4ahvsmpeHOLj160caPQtmAzUNmcqgyLwhTyOkQGKOod1k6szSz6jdQxCTLND2K0dvbYFnRGhCezO9D5_so2K-8uyAemcZcdNlCthtMYkVACjXp2hItxwjsB9NIN7GpVo3y-d1tKL08w0SCYBPRyDiAOxCDn2vc66PcM74H2cU1TDxPCmnctJgCfZbmUoXk7f0SgQ119oo6l8zLKDVF_1y8F3QznYS8WShdtaQrQWo3J1GcNgOrRI3UpPEz9jgxG6HOZTsnKulQecnx7g8oJSttbb7kNohzShgTBhgLHoEHdhE5WhDZDDySk1PvMtRTlWRaXuhQIiAJbxe4D44AW8y1Zok4h890YynsUWXVEDNjeETj5rQwjiPtmZadaTEMWA6UXJpsFi3H9Gdx2cB9Dp5VlEbXgrXcizSyXPQ_Qje9qNyuPeA9oZmeMs-bPkFohdamUyE1fDp6V_yHZl_vbAbs_p6QvCx22jRESh6khy3SglvrJMjB_BiyQCyoXkYHFFJQSXHUM5NeBgUByyJJnZ90SYtwRyjskxX6Ykh9ais1fQK8ELTsJkB5xGa6Xhh23_LJH9oFfZFyOqjIpXHIR7IYKeC3roZPHed-D8S0qzk70cl7trmlzKv6XNg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1

212.117.190.201

200 OK

43 B

URL GET HTTP/2
mpougdusr.com/chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=zIhXDA-hPA6L3dV5CXkGQuxTc_SAgMa1Ts_w9OSCiRF17HsqLAO0P0fj8SlGmKXoCmxrbsKJHqJDN1Vz0IhtO4CWS-hBuKOTdA5ZvDwnSTiPrshfu-isjUAPUJ4t5mV4_NINoUmPZYcuAiLaHz-vl--464j1lDTAcvIs57cIOS6DhfZQTECEGV94EHUpAgC0jVnJ3zWRRKf3IkyWqnUByNGhasknTF3nl4GDwzOhMi0mvaIyVw4M0Wcs4sFJZhG6VVj7kgNS1rjw2HvoJEbcHkcmRpZSWcjlv1kra-T-wGujC4bh5LRjbqUtPB62JLk4ymU0QpEyMOEpgMBvdBOrCwhpXfpeiovJ8T9vzi4Hpb06FaTyBgMLFgC2bLdUQ5XBljHm6_-PnSlboWPWBNZZgLNLXofuLtskG1L9pdvw0lcfK8V2qctbihloZk1veaHbpSL6OfsGhPycsyqGONnyziYzLkUoDTEGHtk_3NmkDeNfFFxmCrz0lhibwOCPme5Vde3w5h5noj_78RMK0_DhFDe7WNYKYHIjG8pgFALhgvwFyuVD8RLgKc7B0o3Eif7VjZGX9HWoZgsn1j3oAm_kkXi_oS8W8INlchy56pOR4bkfnUSDM319RyYCX_5CQRlEw00z_9kROgiMdmx-y5Q-ggpTBODRwqPUhq-VUgoM2Mbh8J3wJcNqJJcQnYPQvIygStKB1W1_8m5L6NYf_gGcFVikER9CBJLWa3sd8ly88Sj4tIoE_xR6lcscxbQycH290qAcsjjv5JgmQ8Pe3Ukv7PaSu4u-leaNos7QNUpxJ6cMi2eHSIcUD3ZgLTSKIoWx86w2Vjxgg-VEOHNOwBqMDo833082PYJXfCZlsunL3DD5rKK9Z2CIRExc585S0vU685NJ-dVZ_V665WFEbEB_tEAgksb9uM2byGZEZmCe0WPi-h4fVUu9ZrmQYdLCGRQ7ClzisMiTusdD4mIwEHtj_Dda0NBBsIpmCvTvZvWxszrSWn22LrMUPvtMJwAkZ0I4CHIKtjrlACGF5n5xoO2Dw52iDDK5qVyFyUTn7RwonE9rZbjxyiqDBxqxXZifgVjpQMMR7xZOT0XbL4-hDFqiKXiL7dpg1sYYh0o7V74KX0AIqBJejQJ7bqSPgtq-xGcaiJGYeKxNZN1EJl58ZN9YjFHCcOs-1V-j4IZjn8ihZznlsN0fhFvyRE1pO0wZ5A9DEc7bAmiJtZi1eCupJLcpv1CBoEdZUKXzChsyBdedoL490hrsoekSRFd79jh9likDClq4puh3Yovv-RXgBxBpNjq_xUKAO0yMV8Gu5nSAAq8UI-fB_Q9zy5SZ7xoGDRd4yXxkNe2P40c0-JK9tcU7viTqD8XHk4vkyvX2rOv-pUNjY8qeaUA2aMC6xb596EOWHW5BczMbOaCG4_gzzZYaEYwOSazmx71t5v3tgbmB5ezSt4LheVStEjFN4vKFg9ttqxq9yp1jTZRw7LRVdF5CzVB9-qYxTZixGWL9hX_jaItWxdqyuLW5DzSAyH_G4p0G2Dt1a6JuTH-kJKrc-aYjqedJFxFCC5fAHlGq6_NNfGLqwDyNipVnD8km2e6uJgXK3FWr1wgxyO1GLtUsdzUi7Ql4PevebopkY0QFIgzCwSPEgDA8kSYRAexC_Hdi5ZUr4GIdt783iZ-j-TmQmHmEmBg-iH_ih-utLWVxPlePjHUmYh8jwWAI6WUA3b-US5GOUTDd5OxIq5oigAzLU3mLCmPQK7ssfIAZHaAjJkVz47gE3Asiz1t1jkYgkXYAsRa4B8wF5ES4Fc8oPKDeK6OCQ0795SbNbKwa4X3Xsrmx-Nx4w2XFIJoCjF0xAG3PxM-QFB7m3mY1kymZ_Mzc5NTQf8yRx4myEKL7JSRzBdtF7x3GMh-jv7o1oJVONMJBi6bSsNgLgtqlh5HaltHgJmRHMZx1NCXuslgsO-S0YfZ4BaPy4eFOkfzuHULEkt6W2RPsZRxXP0Ruj2Z65jVVWtWjgsdkuloMwV-poFkvnCnPPcuW_BqEyFCuBYP--PTrANZqDLN6vLklGyoRxmn6H99APGGRKshi5ymKIhHw8ImKgNx3tjHB2kv5OT6m_dWJLHmvPnbdyKvFdy74KoRRuUXuPSD6YkVzrJGy8uNZ9gMDQh-nWTwDbOW_kdcv_SfZFp8xHecE_i_q9bD4Q0wTnFKaKVlMXcBEED0fnWsc6IjddkC4ytj5h5EYtWmXDU6KNZkULI8SYmF3WUstd8hzW89_4CqOg00bWwYovyZ71XIyWGYz85qiEDA8l6jekXzEYvodPIScvw9mxJ-F_IOPi8wlH41PaNGlRgfV4yYoc6cNj1tldtqWOG9MKZ79jAHTMVqha6i_rCrTvygaARkg4lWAGekU19RDiptr_GDmz4r4npKIImL--D1AfNZ-bUurFi-GO89yQkzMhAfu6Oxuc_wlbVhU8l1WjpHp311GvVIbpARgbt2pyEw9ahjaIZ5me-ubEXm3yUkXbc_hP9DSVhkMIe35hFtScGYQ_kgHjzNxQxWESowk4BTSNxkkOGjRGgv89nDQMskIn5YxyRCw5QfJi0_dCjE4mKDzx07Knk3A7kAyUIpPBoYM82W4XBFUkoHoLaVkuDLJjMfYls7AKf7ORFkEQn_wNx0AxVBx3VL7YZVLeJ10okSHszjg5NmtB88irCjbuU3Apy5j-KFgEzyynZ3gLMnrC479gtUF_GOISbRWskdOoQtOuMkaN_aex4K3ltfHrGA9086OAUPzTycUwdezdP9uOq4Bml-uNvsvQfzGDmFGFu1qDRtsVvF7b5rpZURHRtMUsZehmD694TVxLliYS8E626hTSfiVIeWJFNWrKWxqv2PmJH7F1xdJv59YouVwf9ui4oZwLmG0cZ22HRWwyBpubfPaAJAjFGMwgkp1Hx7p09rmuxg1elrwPVQZEXXu-DuDQLHgAA19tyNC6NxxxVo6ZJixnRGs_yWIazqZwGRVrSn7Hbl4MB0MDtuc-8mI90x8gSCkNhzZsrb5VwMusoqnp2iKCzfuSOL-fvH__WEgk8PT7aLXuQQcj9IpVVqgHstC5uyVY2evX7Jwp3-mW5ogbjDPPk4y9EAd-PAAGj5mFjKjgNu3LqqnCWPY-ubeG1yVHLZi1W9SpRxT60ESA5n5i9g2_Vi66r0j_F2aTI4Yw48y6z2dktLEFwLrIVyqYWRomqJstik4Yg4_TDqLz3SCGoKX3UrER5CckZ6UfM2wkWFj-kzR9dvFfyZScljXfFuodG0ueIIxjb8P6FHDfnLkzVR8IF6lNEGVaB7ZO7gg3YoOBFcPDUwL-oQUpMd0V1SF0lKQNpTwDZrfCF1wbqIN2dpm8zuYHiTOMwNSE_lQYq6osSD3xceO07gcPPksICP7vD3-eo_rNZWjgrDOcrJ0ddrC8KD5CLjRYo45L21YnMKTze6PuMa-iasNQTY7ncO3GHTxy11IG8p3VtXWe4ahvsmpeHOLj160caPQtmAzUNmcqgyLwhTyOkQGKOod1k6szSz6jdQxCTLND2K0dvbYFnRGhCezO9D5_so2K-8uyAemcZcdNlCthtMYkVACjXp2hItxwjsB9NIN7GpVo3y-d1tKL08w0SCYBPRyDiAOxCDn2vc66PcM74H2cU1TDxPCmnctJgCfZbmUoXk7f0SgQ119oo6l8zLKDVF_1y8F3QznYS8WShdtaQrQWo3J1GcNgOrRI3UpPEz9jgxG6HOZTsnKulQecnx7g8oJSttbb7kNohzShgTBhgLHoEHdhE5WhDZDDySk1PvMtRTlWRaXuhQIiAJbxe4D44AW8y1Zok4h890YynsUWXVEDNjeETj5rQwjiPtmZadaTEMWA6UXJpsFi3H9Gdx2cB9Dp5VlEbXgrXcizSyXPQ_Qje9qNyuPeA9oZmeMs-bPkFohdamUyE1fDp6V_yHZl_vbAbs_p6QvCx22jRESh6khy3SglvrJMjB_BiyQCyoXkYHFFJQSXHUM5NeBgUByyJJnZ90SYtwRyjskxX6Ykh9ais1fQK8ELTsJkB5xGa6Xhh23_LJH9oFfZFyOqjIpXHIR7IYKeC3roZPHed-D8S0qzk70cl7trmlzKv6XNg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66
ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=zIhXDA-hPA6L3dV5CXkGQuxTc_SAgMa1Ts_w9OSCiRF17HsqLAO0P0fj8SlGmKXoCmxrbsKJHqJDN1Vz0IhtO4CWS-hBuKOTdA5ZvDwnSTiPrshfu-isjUAPUJ4t5mV4_NINoUmPZYcuAiLaHz-vl--464j1lDTAcvIs57cIOS6DhfZQTECEGV94EHUpAgC0jVnJ3zWRRKf3IkyWqnUByNGhasknTF3nl4GDwzOhMi0mvaIyVw4M0Wcs4sFJZhG6VVj7kgNS1rjw2HvoJEbcHkcmRpZSWcjlv1kra-T-wGujC4bh5LRjbqUtPB62JLk4ymU0QpEyMOEpgMBvdBOrCwhpXfpeiovJ8T9vzi4Hpb06FaTyBgMLFgC2bLdUQ5XBljHm6_-PnSlboWPWBNZZgLNLXofuLtskG1L9pdvw0lcfK8V2qctbihloZk1veaHbpSL6OfsGhPycsyqGONnyziYzLkUoDTEGHtk_3NmkDeNfFFxmCrz0lhibwOCPme5Vde3w5h5noj_78RMK0_DhFDe7WNYKYHIjG8pgFALhgvwFyuVD8RLgKc7B0o3Eif7VjZGX9HWoZgsn1j3oAm_kkXi_oS8W8INlchy56pOR4bkfnUSDM319RyYCX_5CQRlEw00z_9kROgiMdmx-y5Q-ggpTBODRwqPUhq-VUgoM2Mbh8J3wJcNqJJcQnYPQvIygStKB1W1_8m5L6NYf_gGcFVikER9CBJLWa3sd8ly88Sj4tIoE_xR6lcscxbQycH290qAcsjjv5JgmQ8Pe3Ukv7PaSu4u-leaNos7QNUpxJ6cMi2eHSIcUD3ZgLTSKIoWx86w2Vjxgg-VEOHNOwBqMDo833082PYJXfCZlsunL3DD5rKK9Z2CIRExc585S0vU685NJ-dVZ_V665WFEbEB_tEAgksb9uM2byGZEZmCe0WPi-h4fVUu9ZrmQYdLCGRQ7ClzisMiTusdD4mIwEHtj_Dda0NBBsIpmCvTvZvWxszrSWn22LrMUPvtMJwAkZ0I4CHIKtjrlACGF5n5xoO2Dw52iDDK5qVyFyUTn7RwonE9rZbjxyiqDBxqxXZifgVjpQMMR7xZOT0XbL4-hDFqiKXiL7dpg1sYYh0o7V74KX0AIqBJejQJ7bqSPgtq-xGcaiJGYeKxNZN1EJl58ZN9YjFHCcOs-1V-j4IZjn8ihZznlsN0fhFvyRE1pO0wZ5A9DEc7bAmiJtZi1eCupJLcpv1CBoEdZUKXzChsyBdedoL490hrsoekSRFd79jh9likDClq4puh3Yovv-RXgBxBpNjq_xUKAO0yMV8Gu5nSAAq8UI-fB_Q9zy5SZ7xoGDRd4yXxkNe2P40c0-JK9tcU7viTqD8XHk4vkyvX2rOv-pUNjY8qeaUA2aMC6xb596EOWHW5BczMbOaCG4_gzzZYaEYwOSazmx71t5v3tgbmB5ezSt4LheVStEjFN4vKFg9ttqxq9yp1jTZRw7LRVdF5CzVB9-qYxTZixGWL9hX_jaItWxdqyuLW5DzSAyH_G4p0G2Dt1a6JuTH-kJKrc-aYjqedJFxFCC5fAHlGq6_NNfGLqwDyNipVnD8km2e6uJgXK3FWr1wgxyO1GLtUsdzUi7Ql4PevebopkY0QFIgzCwSPEgDA8kSYRAexC_Hdi5ZUr4GIdt783iZ-j-TmQmHmEmBg-iH_ih-utLWVxPlePjHUmYh8jwWAI6WUA3b-US5GOUTDd5OxIq5oigAzLU3mLCmPQK7ssfIAZHaAjJkVz47gE3Asiz1t1jkYgkXYAsRa4B8wF5ES4Fc8oPKDeK6OCQ0795SbNbKwa4X3Xsrmx-Nx4w2XFIJoCjF0xAG3PxM-QFB7m3mY1kymZ_Mzc5NTQf8yRx4myEKL7JSRzBdtF7x3GMh-jv7o1oJVONMJBi6bSsNgLgtqlh5HaltHgJmRHMZx1NCXuslgsO-S0YfZ4BaPy4eFOkfzuHULEkt6W2RPsZRxXP0Ruj2Z65jVVWtWjgsdkuloMwV-poFkvnCnPPcuW_BqEyFCuBYP--PTrANZqDLN6vLklGyoRxmn6H99APGGRKshi5ymKIhHw8ImKgNx3tjHB2kv5OT6m_dWJLHmvPnbdyKvFdy74KoRRuUXuPSD6YkVzrJGy8uNZ9gMDQh-nWTwDbOW_kdcv_SfZFp8xHecE_i_q9bD4Q0wTnFKaKVlMXcBEED0fnWsc6IjddkC4ytj5h5EYtWmXDU6KNZkULI8SYmF3WUstd8hzW89_4CqOg00bWwYovyZ71XIyWGYz85qiEDA8l6jekXzEYvodPIScvw9mxJ-F_IOPi8wlH41PaNGlRgfV4yYoc6cNj1tldtqWOG9MKZ79jAHTMVqha6i_rCrTvygaARkg4lWAGekU19RDiptr_GDmz4r4npKIImL--D1AfNZ-bUurFi-GO89yQkzMhAfu6Oxuc_wlbVhU8l1WjpHp311GvVIbpARgbt2pyEw9ahjaIZ5me-ubEXm3yUkXbc_hP9DSVhkMIe35hFtScGYQ_kgHjzNxQxWESowk4BTSNxkkOGjRGgv89nDQMskIn5YxyRCw5QfJi0_dCjE4mKDzx07Knk3A7kAyUIpPBoYM82W4XBFUkoHoLaVkuDLJjMfYls7AKf7ORFkEQn_wNx0AxVBx3VL7YZVLeJ10okSHszjg5NmtB88irCjbuU3Apy5j-KFgEzyynZ3gLMnrC479gtUF_GOISbRWskdOoQtOuMkaN_aex4K3ltfHrGA9086OAUPzTycUwdezdP9uOq4Bml-uNvsvQfzGDmFGFu1qDRtsVvF7b5rpZURHRtMUsZehmD694TVxLliYS8E626hTSfiVIeWJFNWrKWxqv2PmJH7F1xdJv59YouVwf9ui4oZwLmG0cZ22HRWwyBpubfPaAJAjFGMwgkp1Hx7p09rmuxg1elrwPVQZEXXu-DuDQLHgAA19tyNC6NxxxVo6ZJixnRGs_yWIazqZwGRVrSn7Hbl4MB0MDtuc-8mI90x8gSCkNhzZsrb5VwMusoqnp2iKCzfuSOL-fvH__WEgk8PT7aLXuQQcj9IpVVqgHstC5uyVY2evX7Jwp3-mW5ogbjDPPk4y9EAd-PAAGj5mFjKjgNu3LqqnCWPY-ubeG1yVHLZi1W9SpRxT60ESA5n5i9g2_Vi66r0j_F2aTI4Yw48y6z2dktLEFwLrIVyqYWRomqJstik4Yg4_TDqLz3SCGoKX3UrER5CckZ6UfM2wkWFj-kzR9dvFfyZScljXfFuodG0ueIIxjb8P6FHDfnLkzVR8IF6lNEGVaB7ZO7gg3YoOBFcPDUwL-oQUpMd0V1SF0lKQNpTwDZrfCF1wbqIN2dpm8zuYHiTOMwNSE_lQYq6osSD3xceO07gcPPksICP7vD3-eo_rNZWjgrDOcrJ0ddrC8KD5CLjRYo45L21YnMKTze6PuMa-iasNQTY7ncO3GHTxy11IG8p3VtXWe4ahvsmpeHOLj160caPQtmAzUNmcqgyLwhTyOkQGKOod1k6szSz6jdQxCTLND2K0dvbYFnRGhCezO9D5_so2K-8uyAemcZcdNlCthtMYkVACjXp2hItxwjsB9NIN7GpVo3y-d1tKL08w0SCYBPRyDiAOxCDn2vc66PcM74H2cU1TDxPCmnctJgCfZbmUoXk7f0SgQ119oo6l8zLKDVF_1y8F3QznYS8WShdtaQrQWo3J1GcNgOrRI3UpPEz9jgxG6HOZTsnKulQecnx7g8oJSttbb7kNohzShgTBhgLHoEHdhE5WhDZDDySk1PvMtRTlWRaXuhQIiAJbxe4D44AW8y1Zok4h890YynsUWXVEDNjeETj5rQwjiPtmZadaTEMWA6UXJpsFi3H9Gdx2cB9Dp5VlEbXgrXcizSyXPQ_Qje9qNyuPeA9oZmeMs-bPkFohdamUyE1fDp6V_yHZl_vbAbs_p6QvCx22jRESh6khy3SglvrJMjB_BiyQCyoXkYHFFJQSXHUM5NeBgUByyJJnZ90SYtwRyjskxX6Ykh9ais1fQK8ELTsJkB5xGa6Xhh23_LJH9oFfZFyOqjIpXHIR7IYKeC3roZPHed-D8S0qzk70cl7trmlzKv6XNg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405041738c4f1d4f3133f49e1b1b1a32525
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:52 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Mon, 03 Jun 2024 22:38:52 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABmNq%2Fg; Path=/; Expires=Mon, 03 Jun 2024 22:38:52 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

pyknrhm5c.com/chicken.gif?z=2025683&pb=c4fe6c9d7b3b2ec1809bed4f518731611714869529&psp=y1--HcoFHzCKQwxZfU38zA-yNbbxFdRZ3LCbnvJmX1hUs9dEBxJyehyaiKpTsjA89VLSinLjP_SZvZfvLLW5t4P0kYhP0qUaTHhPBw0Z0t8fpTd--W3OPId8x_xf9dOm1K1FB22FH238zGT_Z8WF0UlKrzu2fepl7Hofr7nspmZnaRTMByHljHhF22L-O5MtplS8K2PdaUeYDaVg041H-O0Q_i0ua82yeMn34jNypjeyDjPtDvi82lF1jHmXsPft8SQFgANe8EDlsxemcrP_8Ac3K9TF7WIs1_0h1SWdaBoXWegrvUjf02vNSh3dsWaiNAyKeOWxO6EwPJp07tgwisnmsdJDqQdw03JWHHmIPu01VMlXRwGOd8LTbR7CsIxW4XbjZAVBSrgX4Q4xWNgg_mK5WuzGKt1gNewcNXQFpno-INYWZM9UbQWigcAZ-KSetRY7cWDSojT0oGIJeMIJV5ZJM-XoqofjG0wa__-BTp2rMWk_5UJDer5U_3Jnle0tvWvRsgq5BOdtdyMRSCF0BjoXAQZBYurWQDTLCHIZp-BBa_BQ-z9FE97E9PUNPwAlRz6zO-BQo_XWlyxPNg_SIrMPQ_-wLsmqNRLStp1vMOc5X1oUS2lUfo1T7uboM_sr-8p5Ev9MSLYeg0Hw5fu_XNYZ1f1RX9E1PSzEedliR2Ii_jMmpNhvofxffyFWD-oVN6Ekr2ei6KLxMGJSI9eLYNzeUtWi8sbvGZCcWkLDWMA0bQ==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&_=0.8380125798262864

212.117.190.201

200 OK

43 B

URL GET HTTP/2
pyknrhm5c.com/chicken.gif?z=2025683&pb=c4fe6c9d7b3b2ec1809bed4f518731611714869529&psp=y1--HcoFHzCKQwxZfU38zA-yNbbxFdRZ3LCbnvJmX1hUs9dEBxJyehyaiKpTsjA89VLSinLjP_SZvZfvLLW5t4P0kYhP0qUaTHhPBw0Z0t8fpTd--W3OPId8x_xf9dOm1K1FB22FH238zGT_Z8WF0UlKrzu2fepl7Hofr7nspmZnaRTMByHljHhF22L-O5MtplS8K2PdaUeYDaVg041H-O0Q_i0ua82yeMn34jNypjeyDjPtDvi82lF1jHmXsPft8SQFgANe8EDlsxemcrP_8Ac3K9TF7WIs1_0h1SWdaBoXWegrvUjf02vNSh3dsWaiNAyKeOWxO6EwPJp07tgwisnmsdJDqQdw03JWHHmIPu01VMlXRwGOd8LTbR7CsIxW4XbjZAVBSrgX4Q4xWNgg_mK5WuzGKt1gNewcNXQFpno-INYWZM9UbQWigcAZ-KSetRY7cWDSojT0oGIJeMIJV5ZJM-XoqofjG0wa__-BTp2rMWk_5UJDer5U_3Jnle0tvWvRsgq5BOdtdyMRSCF0BjoXAQZBYurWQDTLCHIZp-BBa_BQ-z9FE97E9PUNPwAlRz6zO-BQo_XWlyxPNg_SIrMPQ_-wLsmqNRLStp1vMOc5X1oUS2lUfo1T7uboM_sr-8p5Ev9MSLYeg0Hw5fu_XNYZ1f1RX9E1PSzEedliR2Ii_jMmpNhvofxffyFWD-oVN6Ekr2ei6KLxMGJSI9eLYNzeUtWi8sbvGZCcWkLDWMA0bQ==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&_=0.8380125798262864
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87
ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=2025683&pb=c4fe6c9d7b3b2ec1809bed4f518731611714869529&psp=y1--HcoFHzCKQwxZfU38zA-yNbbxFdRZ3LCbnvJmX1hUs9dEBxJyehyaiKpTsjA89VLSinLjP_SZvZfvLLW5t4P0kYhP0qUaTHhPBw0Z0t8fpTd--W3OPId8x_xf9dOm1K1FB22FH238zGT_Z8WF0UlKrzu2fepl7Hofr7nspmZnaRTMByHljHhF22L-O5MtplS8K2PdaUeYDaVg041H-O0Q_i0ua82yeMn34jNypjeyDjPtDvi82lF1jHmXsPft8SQFgANe8EDlsxemcrP_8Ac3K9TF7WIs1_0h1SWdaBoXWegrvUjf02vNSh3dsWaiNAyKeOWxO6EwPJp07tgwisnmsdJDqQdw03JWHHmIPu01VMlXRwGOd8LTbR7CsIxW4XbjZAVBSrgX4Q4xWNgg_mK5WuzGKt1gNewcNXQFpno-INYWZM9UbQWigcAZ-KSetRY7cWDSojT0oGIJeMIJV5ZJM-XoqofjG0wa__-BTp2rMWk_5UJDer5U_3Jnle0tvWvRsgq5BOdtdyMRSCF0BjoXAQZBYurWQDTLCHIZp-BBa_BQ-z9FE97E9PUNPwAlRz6zO-BQo_XWlyxPNg_SIrMPQ_-wLsmqNRLStp1vMOc5X1oUS2lUfo1T7uboM_sr-8p5Ev9MSLYeg0Hw5fu_XNYZ1f1RX9E1PSzEedliR2Ii_jMmpNhvofxffyFWD-oVN6Ekr2ei6KLxMGJSI9eLYNzeUtWi8sbvGZCcWkLDWMA0bQ==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&_=0.8380125798262864 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405041738d0ec3b7a5d1441e09512bf86b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

nereserv.com/in/dip?site=native-push&wl=1&event_id=db242caa-7083-4ab6-b0bd-fa365151ca82&subid=1511354673&sid=979707475&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1

157.90.84.246

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=db242caa-7083-4ab6-b0bd-fa365151ca82&subid=1511354673&sid=979707475&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=db242caa-7083-4ab6-b0bd-fa365151ca82&subid=1511354673&sid=979707475&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:55 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans

142.250.74.106

200 OK

1.5 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1572)
Size
1.5 kB (1498 bytes)
Hash
c840a8efa9639ba51ffff865a6d5b3ed
00c77da03ddcfa49cc08a7229ba8fa3f9afccc38
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4

HTTP Headers

GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:54 GMT
date: Sat, 04 May 2024 22:38:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

storage.mbidstorage.com/log/count.html

172.67.164.241

301 Moved Permanently

4.4 kB

URL GET HTTP/3
storage.mbidstorage.com/log/count.html
IP
172.67.164.241:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectmbidstorage.com
Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95
ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT

File type
data
Size
4.4 kB (4390 bytes)
Hash
a11ccbaf0aa53e88f69f2881e97b49c2
318a181b7023a1cfa7a444967b1ae5afa0e57dd3
76f0c6ef286c13c651ea4e888ed4c23d93865a87a436379cdbd9cda080dd1041

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 22:38:51 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvCwdsXj%2B%2F9UfKDVxi9z8gwrZIPCszDacQfKFYA7rNVJsamusy9aUvBS2uegEH%2B%2BXHAweGQXGLZhzUGKE%2FsH%2FHkaPepPWZI7rZFe9F6tXSzWNBTiTlgW0bjDJ66D9773CyqwwBcW4EH6nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbc2489ab4ed-OSL
alt-svc: h3=":443"; ma=86400

5d39fe7c75.2ac4fce9b8.com/in/multy

168.119.25.102

204 No Content

4.3 kB

URL OPTIONS HTTP/2
5d39fe7c75.2ac4fce9b8.com/in/multy
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subject2ac4fce9b8.com
Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1
ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT

File type
JSON text data
Size
4.3 kB (4275 bytes)
Hash
a3539d4f9272d0287afb62166666d3b7
1e7e8fb534c4c7b79623bef95da3a49c42f35a70
d6a6dd0a5635e5b385d1513fb89e15b7b04c64ec3433785849c8ad44c7c9bcab

HTTP Headers

POST /in/multy HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2381
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 22:38:55 GMT
content-type: application/json
content-length: 4275
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=2344fefe-1bfd-49bd-a40a-db92fed0ec74&prev_step_diff=661

45.133.44.25

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=2344fefe-1bfd-49bd-a40a-db92fed0ec74&prev_step_diff=661
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=2344fefe-1bfd-49bd-a40a-db92fed0ec74&prev_step_diff=661 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:56 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 22:38:56 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.25

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:56 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 22:38:56 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=3fNFxGcThDZSzOD7YxgqPQNRwS5qlIgIZ2XxCaRXwho3LyYnTFFZ1PFwFKhlrARGJJWcFRB5_xcVq7erM35C0r-td293Rp6QzUmuWC_Gxoaszog-SvZfpK3G5wqa4pIEGohuQUaL2SYYD0E4NCODab0f-N8ygF0vgSzuuDlPKCzL0zIngA&ext_cid=0&px_id=529500&min_cpm=0.035407381907124155&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.013331582460933229&cpm=0&verify_hash=cde4062abc404b205c62b69cd27d75ba&is_native=4&real_bid=0.0010347304162459084&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3558ea11-5912-4e17-9568-a5f9808b6187&prev_step_diff=661

168.119.25.102

200 OK

0 B

URL GET HTTP/2
5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=3fNFxGcThDZSzOD7YxgqPQNRwS5qlIgIZ2XxCaRXwho3LyYnTFFZ1PFwFKhlrARGJJWcFRB5_xcVq7erM35C0r-td293Rp6QzUmuWC_Gxoaszog-SvZfpK3G5wqa4pIEGohuQUaL2SYYD0E4NCODab0f-N8ygF0vgSzuuDlPKCzL0zIngA&ext_cid=0&px_id=529500&min_cpm=0.035407381907124155&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.013331582460933229&cpm=0&verify_hash=cde4062abc404b205c62b69cd27d75ba&is_native=4&real_bid=0.0010347304162459084&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3558ea11-5912-4e17-9568-a5f9808b6187&prev_step_diff=661
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subject2ac4fce9b8.com
Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1
ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=3fNFxGcThDZSzOD7YxgqPQNRwS5qlIgIZ2XxCaRXwho3LyYnTFFZ1PFwFKhlrARGJJWcFRB5_xcVq7erM35C0r-td293Rp6QzUmuWC_Gxoaszog-SvZfpK3G5wqa4pIEGohuQUaL2SYYD0E4NCODab0f-N8ygF0vgSzuuDlPKCzL0zIngA&ext_cid=0&px_id=529500&min_cpm=0.035407381907124155&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.013331582460933229&cpm=0&verify_hash=cde4062abc404b205c62b69cd27d75ba&is_native=4&real_bid=0.0010347304162459084&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3558ea11-5912-4e17-9568-a5f9808b6187&prev_step_diff=661 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 22:38:56 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DN2Lm2YqutTSy9l215ckWAOFGJ23bp9Gc6HzejzYfaSBNbfuiilkxuXdmVYZzW9XCKNoBSwNoHHEh6N_82lZN90M0u9fQRewtH4IJMe4fcvWjvq6jtO3xlvGnw8nDm4xZ5rf8AEt6GfDI9aGwU0Sm9XLQ-X6R3Ov0yOCT1mUtwZX_xe14NvPx1TIhn_C7tztgU3SCkWoMDEDGg_BWWIoUrUgb0BRj_EFO2kmSaiaKZHhpnYagHTP6StxmPt3zFHCoKoWrYuANpGqfAPtJSmfpHJ06a57Iax3JgvEeZsf6MmGr-_R81zL1dCY0uPeSoNUYgLjz1oieUuxZhIBKCdv737ExelTfrPRGGWoRyY4PfGpJpbXzxvml78RzMbvDWdeGm2DgluGBJuedbjn8DaNE__XfSfHWe_WmoEWQ95WEASnL6xd4drSruqv33qkUiQYcMh9V0_lctD8_QSmWR0XyIl_ifevd6CVMeHUg39vj8tfB9r-oZH1gKSQKnsR4hMxVvfaz_Fy8cOkR-s5p8HFkWDhXDPiUzD68zLx5Sc0nftl5AE0-hKIoWrVlMJGUzoz8_caz9WY%3D&icons=aKiYceNEvjQy5xQfEA5hLjwrd0CilcRcSBUemHhZbeaa3iSWtWe9R1uj-xUhYptNvvBC2znDk-XYhWAfTVVZC522Gkk6BFBtHGDq0-k7Dd3wptz8AOUxPmXmqxGS6wAyY3oUfkg6ha09jIgaR9JI1ZTBiU1VqZwqVs-wJpPJ10VCRNg9NrISDeQ_K2S6CskWedEhHdNAs6zcrfvtLwjE3WHxBWQ5d5U6ogtsstQXhJcjdWhRlVfYj73zP7EhlKGjPP2IiMlFLBV85xVJSO6pIU0vA8utArCSytYY0ffFz7c5bZBreYvI0TiC7_lXg5R2lao_ealDxWCBcDThXemNJyfs7vggPN-R-5YgiTIzvJhZiFd-14zC61Z5oI52IQ9LScA76gM49OPwo4k11aQXh-87-HmOuQvvX0LoFGcuuWfFngQ5hf4aPNUN_U3I7r6WQ845NYAh_yosAF9Y1_ixip01_BWQPAI7VFVDvJLQx_sIldbmlEs3kOtK1IeKHN24V4m_3NOJx8pPoRtgOVs_VxWeBhITx_Muj-DEEkDBJQGbdZvgXwKWimaRVuaN3KO8H7PzvbujHWe8Rx4uLAbOZ9SgISNEXrsMw1V8l7Zd6axJh5i8M74Ai3dEXWJnrxpDmMaKkSwdOnCW1VusE6F7rXrUesMjcGBiy7_hjrOYPc685lwimtEYP6qCQXBHCvbnFg&ext_cid=0&px_id=31529500&min_cpm=0.05728262856033143&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.06646409029828809&cpm=0&verify_hash=28127bacb7b8dfeff891813cff20d099&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93,81&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714919935&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F36870469%2F551816_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=b905ebdc-65ad-44b1-84c8-e9f73c9150c4&prev_step_diff=661

168.119.25.102

200 OK

0 B

URL GET HTTP/2
5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DN2Lm2YqutTSy9l215ckWAOFGJ23bp9Gc6HzejzYfaSBNbfuiilkxuXdmVYZzW9XCKNoBSwNoHHEh6N_82lZN90M0u9fQRewtH4IJMe4fcvWjvq6jtO3xlvGnw8nDm4xZ5rf8AEt6GfDI9aGwU0Sm9XLQ-X6R3Ov0yOCT1mUtwZX_xe14NvPx1TIhn_C7tztgU3SCkWoMDEDGg_BWWIoUrUgb0BRj_EFO2kmSaiaKZHhpnYagHTP6StxmPt3zFHCoKoWrYuANpGqfAPtJSmfpHJ06a57Iax3JgvEeZsf6MmGr-_R81zL1dCY0uPeSoNUYgLjz1oieUuxZhIBKCdv737ExelTfrPRGGWoRyY4PfGpJpbXzxvml78RzMbvDWdeGm2DgluGBJuedbjn8DaNE__XfSfHWe_WmoEWQ95WEASnL6xd4drSruqv33qkUiQYcMh9V0_lctD8_QSmWR0XyIl_ifevd6CVMeHUg39vj8tfB9r-oZH1gKSQKnsR4hMxVvfaz_Fy8cOkR-s5p8HFkWDhXDPiUzD68zLx5Sc0nftl5AE0-hKIoWrVlMJGUzoz8_caz9WY%3D&icons=aKiYceNEvjQy5xQfEA5hLjwrd0CilcRcSBUemHhZbeaa3iSWtWe9R1uj-xUhYptNvvBC2znDk-XYhWAfTVVZC522Gkk6BFBtHGDq0-k7Dd3wptz8AOUxPmXmqxGS6wAyY3oUfkg6ha09jIgaR9JI1ZTBiU1VqZwqVs-wJpPJ10VCRNg9NrISDeQ_K2S6CskWedEhHdNAs6zcrfvtLwjE3WHxBWQ5d5U6ogtsstQXhJcjdWhRlVfYj73zP7EhlKGjPP2IiMlFLBV85xVJSO6pIU0vA8utArCSytYY0ffFz7c5bZBreYvI0TiC7_lXg5R2lao_ealDxWCBcDThXemNJyfs7vggPN-R-5YgiTIzvJhZiFd-14zC61Z5oI52IQ9LScA76gM49OPwo4k11aQXh-87-HmOuQvvX0LoFGcuuWfFngQ5hf4aPNUN_U3I7r6WQ845NYAh_yosAF9Y1_ixip01_BWQPAI7VFVDvJLQx_sIldbmlEs3kOtK1IeKHN24V4m_3NOJx8pPoRtgOVs_VxWeBhITx_Muj-DEEkDBJQGbdZvgXwKWimaRVuaN3KO8H7PzvbujHWe8Rx4uLAbOZ9SgISNEXrsMw1V8l7Zd6axJh5i8M74Ai3dEXWJnrxpDmMaKkSwdOnCW1VusE6F7rXrUesMjcGBiy7_hjrOYPc685lwimtEYP6qCQXBHCvbnFg&ext_cid=0&px_id=31529500&min_cpm=0.05728262856033143&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.06646409029828809&cpm=0&verify_hash=28127bacb7b8dfeff891813cff20d099&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93,81&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714919935&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F36870469%2F551816_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=b905ebdc-65ad-44b1-84c8-e9f73c9150c4&prev_step_diff=661
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subject2ac4fce9b8.com
Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1
ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DN2Lm2YqutTSy9l215ckWAOFGJ23bp9Gc6HzejzYfaSBNbfuiilkxuXdmVYZzW9XCKNoBSwNoHHEh6N_82lZN90M0u9fQRewtH4IJMe4fcvWjvq6jtO3xlvGnw8nDm4xZ5rf8AEt6GfDI9aGwU0Sm9XLQ-X6R3Ov0yOCT1mUtwZX_xe14NvPx1TIhn_C7tztgU3SCkWoMDEDGg_BWWIoUrUgb0BRj_EFO2kmSaiaKZHhpnYagHTP6StxmPt3zFHCoKoWrYuANpGqfAPtJSmfpHJ06a57Iax3JgvEeZsf6MmGr-_R81zL1dCY0uPeSoNUYgLjz1oieUuxZhIBKCdv737ExelTfrPRGGWoRyY4PfGpJpbXzxvml78RzMbvDWdeGm2DgluGBJuedbjn8DaNE__XfSfHWe_WmoEWQ95WEASnL6xd4drSruqv33qkUiQYcMh9V0_lctD8_QSmWR0XyIl_ifevd6CVMeHUg39vj8tfB9r-oZH1gKSQKnsR4hMxVvfaz_Fy8cOkR-s5p8HFkWDhXDPiUzD68zLx5Sc0nftl5AE0-hKIoWrVlMJGUzoz8_caz9WY%3D&icons=aKiYceNEvjQy5xQfEA5hLjwrd0CilcRcSBUemHhZbeaa3iSWtWe9R1uj-xUhYptNvvBC2znDk-XYhWAfTVVZC522Gkk6BFBtHGDq0-k7Dd3wptz8AOUxPmXmqxGS6wAyY3oUfkg6ha09jIgaR9JI1ZTBiU1VqZwqVs-wJpPJ10VCRNg9NrISDeQ_K2S6CskWedEhHdNAs6zcrfvtLwjE3WHxBWQ5d5U6ogtsstQXhJcjdWhRlVfYj73zP7EhlKGjPP2IiMlFLBV85xVJSO6pIU0vA8utArCSytYY0ffFz7c5bZBreYvI0TiC7_lXg5R2lao_ealDxWCBcDThXemNJyfs7vggPN-R-5YgiTIzvJhZiFd-14zC61Z5oI52IQ9LScA76gM49OPwo4k11aQXh-87-HmOuQvvX0LoFGcuuWfFngQ5hf4aPNUN_U3I7r6WQ845NYAh_yosAF9Y1_ixip01_BWQPAI7VFVDvJLQx_sIldbmlEs3kOtK1IeKHN24V4m_3NOJx8pPoRtgOVs_VxWeBhITx_Muj-DEEkDBJQGbdZvgXwKWimaRVuaN3KO8H7PzvbujHWe8Rx4uLAbOZ9SgISNEXrsMw1V8l7Zd6axJh5i8M74Ai3dEXWJnrxpDmMaKkSwdOnCW1VusE6F7rXrUesMjcGBiy7_hjrOYPc685lwimtEYP6qCQXBHCvbnFg&ext_cid=0&px_id=31529500&min_cpm=0.05728262856033143&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.06646409029828809&cpm=0&verify_hash=28127bacb7b8dfeff891813cff20d099&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93,81&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714919935&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F36870469%2F551816_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=b905ebdc-65ad-44b1-84c8-e9f73c9150c4&prev_step_diff=661 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 22:38:56 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

imgsdn.com/ie?v=4&c=To0aV43KlmdFBLZHOxEuYTBgouhKOQ9MwPKmVgDayrCa6SQ7vHUtg_rpwoATGdmJVc1naxN6qbmsFlBR2u_Cly6kUwmwQw0fjPiy1mmpToMYJnvWzYISE9aiSg3piRnm9MHW4KPIRyOWLdy-9RdNYg9Byur3VH3J0hKVWgx35eVqf62M2P7Z19-zHkr8cyP6FtedHdafKy1i3-6jnD-QnsM4TsPZOhYnVeSKfjZai0b3v54uh4T4EriCRt0UsLVNu8TcW6dR0XF0zDTtRBo5N-LkQC_A6c8fuyItd9COsxhp7FYvOc3V17HzNyL9SpwUtV6oPSkU5JnQfBvgwKHm5TF_yoYEnmJoMqT7ok70uEOtAWTPxSKYprLjtcx3VlFC0CHbNn9h_C3dDs9q5gNMdF0cp9408-1LEcZHFB4Wf3PGhNLMQxAY32YJhq1d&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=7fc80cf7-a5c1-40ef-bfc8-e58386ecf8fb&prev_step_diff=661

138.201.194.90

301 Moved Permanently

0 B

URL GET HTTP/1.1
imgsdn.com/ie?v=4&c=To0aV43KlmdFBLZHOxEuYTBgouhKOQ9MwPKmVgDayrCa6SQ7vHUtg_rpwoATGdmJVc1naxN6qbmsFlBR2u_Cly6kUwmwQw0fjPiy1mmpToMYJnvWzYISE9aiSg3piRnm9MHW4KPIRyOWLdy-9RdNYg9Byur3VH3J0hKVWgx35eVqf62M2P7Z19-zHkr8cyP6FtedHdafKy1i3-6jnD-QnsM4TsPZOhYnVeSKfjZai0b3v54uh4T4EriCRt0UsLVNu8TcW6dR0XF0zDTtRBo5N-LkQC_A6c8fuyItd9COsxhp7FYvOc3V17HzNyL9SpwUtV6oPSkU5JnQfBvgwKHm5TF_yoYEnmJoMqT7ok70uEOtAWTPxSKYprLjtcx3VlFC0CHbNn9h_C3dDs9q5gNMdF0cp9408-1LEcZHFB4Wf3PGhNLMQxAY32YJhq1d&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=7fc80cf7-a5c1-40ef-bfc8-e58386ecf8fb&prev_step_diff=661
IP
138.201.194.90:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnimrute.com
FingerprintFE:11:FD:FB:69:FC:E9:22:01:AE:4B:9D:F5:85:C9:1C:FF:4D:44:D4
ValidityMon, 12 Feb 2024 14:13:04 GMT - Sun, 12 May 2024 14:13:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ie?v=4&c=To0aV43KlmdFBLZHOxEuYTBgouhKOQ9MwPKmVgDayrCa6SQ7vHUtg_rpwoATGdmJVc1naxN6qbmsFlBR2u_Cly6kUwmwQw0fjPiy1mmpToMYJnvWzYISE9aiSg3piRnm9MHW4KPIRyOWLdy-9RdNYg9Byur3VH3J0hKVWgx35eVqf62M2P7Z19-zHkr8cyP6FtedHdafKy1i3-6jnD-QnsM4TsPZOhYnVeSKfjZai0b3v54uh4T4EriCRt0UsLVNu8TcW6dR0XF0zDTtRBo5N-LkQC_A6c8fuyItd9COsxhp7FYvOc3V17HzNyL9SpwUtV6oPSkU5JnQfBvgwKHm5TF_yoYEnmJoMqT7ok70uEOtAWTPxSKYprLjtcx3VlFC0CHbNn9h_C3dDs9q5gNMdF0cp9408-1LEcZHFB4Wf3PGhNLMQxAY32YJhq1d&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=7fc80cf7-a5c1-40ef-bfc8-e58386ecf8fb&prev_step_diff=661 HTTP/1.1
Host: imgsdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Sat, 04 May 2024 22:38:55 GMT
content-length: 0
location: https://img.vmmcdn.com/get/19802132/551816_icon.png
x-app-id: 14

img.vmmcdn.com/get/36870469/551816_image.jpg

138.201.51.142

200 OK

12 kB

URL GET HTTP/1.1
img.vmmcdn.com/get/36870469/551816_image.jpg
IP
138.201.51.142:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectimg.vmmcdn.com
FingerprintA8:37:00:E2:01:F9:B8:25:04:DA:47:64:57:0E:0B:64:E3:8A:0B:C7
ValidityFri, 12 Apr 2024 20:58:24 GMT - Thu, 11 Jul 2024 20:58:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3
Size
12 kB (12075 bytes)
Hash
ee921bcd225785444d8ab128ca1d0941
e92f5588c738df6912e3658d883aeb66b486560b
4da4a312766a4b2e3cb69b5d7188a4b073e757ae350687ac22b3dfa81fccf15c

HTTP Headers

GET /get/36870469/551816_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 May 2024 22:38:56 GMT
Content-Type: image/jpeg
Content-Length: 12075
Connection: keep-alive
Last-Modified: Wed, 27 Mar 2024 08:33:26 GMT
Cache-Control: public, max-age=604800
ETag: "6603d9d6-2f2b"
X-Proxy-Cache: HIT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Request-Headers: x-requested-with
Access-Control-Allow-Headers: x-requested-with
Accept-Ranges: bytes

img.vmmcdn.com/get/19802132/551816_icon.png

138.201.51.142

200 OK

23 kB

URL GET HTTP/1.1
img.vmmcdn.com/get/19802132/551816_icon.png
IP
138.201.51.142:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectimg.vmmcdn.com
FingerprintA8:37:00:E2:01:F9:B8:25:04:DA:47:64:57:0E:0B:64:E3:8A:0B:C7
ValidityFri, 12 Apr 2024 20:58:24 GMT - Thu, 11 Jul 2024 20:58:23 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
23 kB (23172 bytes)
Hash
4d5759f010e127f070785e4925447047
22919607ad63be452b8a5aa4324a7d1c2855b074
6d1b78db1808b279554f122373ff2fd4e448313c41d199d92a929e31d2825931

HTTP Headers

GET /get/19802132/551816_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 May 2024 22:38:56 GMT
Content-Type: image/png
Content-Length: 23172
Connection: keep-alive
Last-Modified: Wed, 27 Mar 2024 08:33:26 GMT
Cache-Control: public, max-age=604800
ETag: "6603d9d6-5a84"
X-Proxy-Cache: HIT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Request-Headers: x-requested-with
Access-Control-Allow-Headers: x-requested-with
Accept-Ranges: bytes

www.amdahost.com/cdn-cgi/rum?

104.21.40.89

204 No Content

0 B

URL POST HTTP/3
www.amdahost.com/cdn-cgi/rum?
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 492
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Sat, 04 May 2024 22:39:13 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87ebfc4d3acb712a-OSL
x-frame-options: DENY
x-content-type-options: nosniff

static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

104.16.80.73

200 OK

19 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
JavaScript source, ASCII text, with very long lines (19189), with no line terminators
Size
19 kB (19189 bytes)
Hash
4c980ee97cb5c001b4d19e2895fa5603
2c6fe998aa7486c4becd74cf253bdd82666a64c3
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

HTTP Headers

GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbad88cab4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/161855?version_name=c

45.133.44.53

200 OK

3.0 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/161855?version_name=c
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3443), with no line terminators
Size
3.0 kB (3048 bytes)
Hash
539c3474e240aacb5a461d2e54d5991b
480a1ee3a1b9d9d8be4df0fd585dde70505a869e
402b709d153292680ed433ef6e7fb637ede41d83c2a8054291dd7f369811dfeb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /22802538876b351854c895125b33cfd1/161855?version_name=c HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sat, 04 May 2024 22:43:49 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

32879.2481april2024.com/jiBPDIwzPArkZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKlu7uKcwkfTrVOmbCzIzjTvyOkvVcyxSaV9w?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2022%3A38%3A48%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1

88.208.22.3

200 OK

1.5 kB

URL GET HTTP/2
32879.2481april2024.com/jiBPDIwzPArkZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKlu7uKcwkfTrVOmbCzIzjTvyOkvVcyxSaV9w?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2022%3A38%3A48%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
IP
88.208.22.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subject*.2481april2024.com
FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49
ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT

File type
ASCII text, with very long lines (1489), with no line terminators
Size
1.5 kB (1489 bytes)
Hash
d211c5ed4a87f08b48bf7f7fc6b28b15
4f8597f124fd17ac9f4f7dfa2f957c635ad925ca
1e55b21914ffeb04e9afb2ac393829b1c56dd7400c244aa21e51138ec44f7015

HTTP Headers

GET /jiBPDIwzPArkZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKlu7uKcwkfTrVOmbCzIzjTvyOkvVcyxSaV9w?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2022%3A38%3A48%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:51 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Sat, 04 May 2024 22:38:51 UTC
expires: Sat, 04 May 2024 22:38:51 UTC
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png

172.67.25.161

200 OK

43 kB

URL GET HTTP/2
cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png
IP
172.67.25.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectcdn.pncloudfl.com
Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C
ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT

File type
RIFF (little-endian) data, Web/P image
Size
43 kB (42912 bytes)
Hash
bec3572ed077c92240ef0dd7dc17231d
e278cd647e65b5f04ba1d582d05f76d5dfafd125
eb304641419d09e779018fe3bf31596d3ed3ad0d4ab05c716ce626152aa417ec

HTTP Headers

GET /pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: image/webp
content-length: 42912
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=66221
content-disposition: inline; filename="082d6d41f9bd3220a660f2a4108986b2b367f0e4.webp"
etag: 20c64ca88091db62ea69001a7382f005
expires: Sun, 05 May 2024 21:59:26 GMT
last-modified: Mon, 23 Dec 2019 08:43:03 GMT
vary: Accept
x-openstack-request-id: tx9d94ab9f187b4137bb135-0061b079d0
x-proxy-cache: HIT
x-timestamp: 1577090582.49776
x-trans-id: tx9d94ab9f187b4137bb135-0061b079d0
cf-cache-status: HIT
age: 88764
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ebfbb65b17b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.98

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.98:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B
ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Sat, 04 May 2024 22:38:50 GMT
expires: Sat, 04 May 2024 22:38:50 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 1961270074205215145
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.mbidinp.com/npc/sdk/wpu/npush.m.js

45.133.44.53

200 OK

169 kB

URL GET HTTP/2
js.mbidinp.com/npc/sdk/wpu/npush.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectjs.mbidinp.com
FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C
ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT

File type

Size
169 kB (168568 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.tailwindcss.com/

104.22.21.144

302 Found

366 kB

URL GET HTTP/2
cdn.tailwindcss.com/
IP
104.22.21.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerCloudflare, Inc.
Subjecttailwindcss.com
Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49
ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT

File type

Size
366 kB (365681 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 22:38:47 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::4cswk-1714861931140-791e9582e972
cf-cache-status: HIT
age: 9
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbad08ec56bf-OSL
X-Firefox-Spdy: h2

www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4

104.21.40.89

206 Partial Content

1.9 MB

URL GET HTTP/3
www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type

Size
1.9 MB (1851966 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videos/1714713599_dbc1610a8469486c.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Sat, 04 May 2024 22:38:48 GMT
content-type: video/mp4
content-length: 189123842
last-modified: Fri, 03 May 2024 05:25:37 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-189123841/189123842
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2BJ21cFGv8fMgNKl0oh44lv4e3GbHd%2BG6S0XxAU5BfqPhum%2FMwEMC5LRH1J2Ox0Pehe%2Fp%2FaTpv8C9ElDKumPmXkdnS%2Bi9xhXqTimvGfvEALGyXj6C9KMN1tLuhiPo0ys7ba4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb2db91712a-OSL
alt-svc: h3=":443"; ma=86400

bid.mbidtg.com/tags/179977?version_name=c

45.133.44.25

200 OK

2.8 kB

URL GET HTTP/2
bid.mbidtg.com/tags/179977?version_name=c
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectbid.mbidtg.com
Fingerprint62:EA:1B:EE:02:E5:88:CC:26:72:9B:BA:BF:B3:B6:2B:67:14:74:67
ValidityWed, 01 May 2024 03:00:45 GMT - Tue, 30 Jul 2024 03:00:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3188), with no line terminators
Size
2.8 kB (2820 bytes)
Hash
e46f947075e1eaff4765d646793d013d
7173f9a61abbfc9c8800bb98a31f9a39ae377cfe
3cf6c174f21fc37a4aa615d0620938cd6dd5f1983239b4137f6a7ea87093d513

HTTP Headers

GET /tags/179977?version_name=c HTTP/1.1
Host: bid.mbidtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Bebas+Neue&display=swap

142.250.74.106

200 OK

799 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Bebas+Neue&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (817), with no line terminators
Size
799 B (799 bytes)
Hash
c493231efba2219e3348f16e938d7380
95b2c3d6221a58cbd7e96f2c05c40d03f53fb16c
ff65de3252fffb1650fca0c23a1a87351bf5b2385dc11e35e19b94c3495e4cf0

HTTP Headers

GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mcpuwpsh.com/get/

94.130.197.240

200 OK

4.3 kB

URL POST HTTP/2
mcpuwpsh.com/get/
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (4309), with no line terminators
Size
4.3 kB (4293 bytes)
Hash
10d5bcd3eb5da6b4c019d477db438d79
bc4add93889d4091f829e66a38bce503dd828015
d05e8f8facf25a910cfccb803fdd050876afcf261e9cd91afbd587ba51611c85

HTTP Headers

POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1401
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 04 May 2024 22:38:52 GMT
content-type: application/json
content-length: 4293
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx4ePO-1raIkJ7Rz-okgdVSkoQcFw08d0gafMW0uPBVIS40mg3Ure9OTsTNl25Rak__FAj3&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962556525%3A1714862331123026&theme=mn&ddm=0

74.125.131.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx4ePO-1raIkJ7Rz-okgdVSkoQcFw08d0gafMW0uPBVIS40mg3Ure9OTsTNl25Rak__FAj3&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962556525%3A1714862331123026&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx4ePO-1raIkJ7Rz-okgdVSkoQcFw08d0gafMW0uPBVIS40mg3Ure9OTsTNl25Rak__FAj3&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962556525%3A1714862331123026&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 22:38:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-Q-dEKwAKeROoDTXEZpLdgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

js.mbidadm.com/static/scripts.js

45.133.44.53

200 OK

1.7 kB

URL GET HTTP/2
js.mbidadm.com/static/scripts.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectjs.mbidadm.com
FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80
ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT

File type
JavaScript source, ASCII text, with very long lines (1884), with no line terminators
Size
1.7 kB (1732 bytes)
Hash
920f349834adf2faa94a7c6047814e52
34557304112fe9d61f23b8f89ceead6db43b98d4
2ddd6ffb00a0971092562d2c424678425e8496d315e38967a4ca2e26fdcfeafc

HTTP Headers

GET /static/scripts.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:14 GMT
etag: W/"6627832a-6c4"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:48 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

pyknrhm5c.com/get/2025683?p=2025683&jp=_clp5dlb5ub5d92uhcrpe8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&freq=0&uf=0

212.117.190.201

200 OK

12 kB

URL GET HTTP/2
pyknrhm5c.com/get/2025683?p=2025683&jp=_clp5dlb5ub5d92uhcrpe8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&freq=0&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87
ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT

File type
ASCII text, with very long lines (11665), with no line terminators
Size
12 kB (11665 bytes)
Hash
61caeae1ff311d0db2f9d55b25767b14
143af8c9295612430c792dba787a1a5340abd3e0
e37bde38e34399b0682e4d5d57977238f33dd151a5ac4f621498270ef2ff4801

HTTP Headers

GET /get/2025683?p=2025683&jp=_clp5dlb5ub5d92uhcrpe8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:49 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 22:38:49 GMT; Secure; SameSite=None
UID=2405041738d0ec3b7a5d1441e09512bf86b2; Path=/; Expires=Sat, 07 Jun 2025 22:38:49 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg

185.76.9.14

200 OK

19 kB

URL GET HTTP/2
cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg
IP
185.76.9.14:443
ASN
#60068 Datacamp Limited

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectfluidplayer.com
FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76
ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT

File type
SVG Scalable Vector Graphics image
Size
19 kB (18560 bytes)
Hash
805524b1fa0e091076d7afbf68e31133
ab696de0e85a7ce728cbe9b4131f5f4d528fb788
ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd

HTTP Headers

GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3ZwwAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: c0a4cc28cf26a6a3f8b836666bd9162c
x-accel-expires: @1714945553
x-accel-date: 1714859153
x-77-cache: HIT
x-77-age: 3175
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 3175
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:A0S8TDN8SbVDHYtscP1Grlcsd4jR6A:kMWkdBHXZaWA6kRO; Expires=Mon, 04-May-2026 22:38:51 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 22:38:51 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzVq30OKTNNS_Se3b2z0bwrospjUNmVIZE4TbgNKcUOLCeg3XA4eAd_W0bhOCKNObJ8Tu7S
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-6Vgh44LBYGsHrL8MES7Umg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js

45.133.44.53

200 OK

109 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type

Size
109 kB (109340 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0ae085698cad0960a86703ca969164ab.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:49 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

da7b22a400.13199960a1.com/b736a0aa40f2bd510763079b8249450f.js

45.133.44.53

200 OK

169 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/b736a0aa40f2bd510763079b8249450f.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type

Size
169 kB (168568 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b736a0aa40f2bd510763079b8249450f.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4

104.21.40.89

206 Partial Content

1.8 MB

URL GET HTTP/3
www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type

Size
1.8 MB (1756418 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videos/1714713599_dbc1610a8469486c.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=187367424-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Sat, 04 May 2024 22:38:49 GMT
content-type: video/mp4
content-length: 1756418
last-modified: Fri, 03 May 2024 05:25:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
content-range: bytes 187367424-189123841/189123842
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQug4LRvy6Mgt1Hym8og6zA19Q32npPuwvKLQHn6GNX3LILNNBfW7rFUhHcthOJqI9%2FdCoNkFWpKJt1aSV2bejctwI9HIjq0%2FsHeqehuTg2Y2GCY0YJ1%2F7KGe0b9A%2Fd%2B%2B2H9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb5ee0a712a-OSL
alt-svc: h3=":443"; ma=86400

mcpuwpsh.com/get/

94.130.197.240

200 OK

4.3 kB

URL POST HTTP/2
mcpuwpsh.com/get/
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (4321), with no line terminators
Size
4.3 kB (4305 bytes)
Hash
37ba19a594cb32d94b9baeda9e2a436e
1c14eaeae98628903f44e893cbb801b80300316b
1ca46f4642a05e429d1a36bb18eae3429b837a80c0772a0ac05d019d7c5b81e8

HTTP Headers

POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1402
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 04 May 2024 22:38:52 GMT
content-type: application/json
content-length: 4305
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Archivo+Black&display=swap

142.250.74.106

200 OK

819 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Archivo+Black&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (837), with no line terminators
Size
819 B (819 bytes)
Hash
fa0b91b21b81c25b4d2bb89c6d9d84fb
1788d71d75cf429352999edca5573800814aba3f
5385a711b1675e90eb76b002d80f1c53e71449889caf26b5ee6ec34f3df23fa7

HTTP Headers

GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mbddip.com/in/dip?site=native-push&wl=1&event_id=020c8d99-f952-408e-a3c8-818afed58fbf&subid=1211831614&sid=2414309017&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1

157.90.84.246

200 OK

0 B

URL GET HTTP/2
mbddip.com/in/dip?site=native-push&wl=1&event_id=020c8d99-f952-408e-a3c8-818afed58fbf&subid=1211831614&sid=2414309017&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=020c8d99-f952-408e-a3c8-818afed58fbf&subid=1211831614&sid=2414309017&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: mbddip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:50 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

www.amdahost.com/watch.php?id=f86bdb2db9

104.21.40.89

200 OK

12 kB

URL User Request GET HTTP/2
www.amdahost.com/watch.php?id=f86bdb2db9
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type
HTML document, ASCII text, with very long lines (6442), with CRLF, LF line terminators
Size
12 kB (11588 bytes)
Hash
44cbbcb3c17b4459520d661dce4e194a
8a55538a8be86175209ef55e52d317dbb46619d5
a523b145c0674db44874a7afebcdf5d862598268110414e54d66bb940de59f64

HTTP Headers

GET /watch.php?id=f86bdb2db9 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; path=/; domain=.amdahost.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8E0Z8YAgzEoY9nqBz%2FMPSvh9Sp%2BGo3fAcwYNW8TFI6zKwNbgyxGI2Ltzj7eMOpApXAHp83%2BZFaLTUWtsS9Js8ilSuIvYKRHq9f4gpatqU7%2B2WRpFdzbxn8I7Blp6MA%2BZjjZk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfba90c7156be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lobster&display=swap

142.250.74.106

200 OK

1.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Lobster&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1825), with no line terminators
Size
1.8 kB (1780 bytes)
Hash
785af4cad14c8087afd0b4ca069742ba
b81dc83d9ec505a925e3da6bac340491a13460af
dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274

HTTP Headers

GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:47 GMT
date: Sat, 04 May 2024 22:38:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap

142.250.74.106

200 OK

789 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (807), with no line terminators
Size
789 B (789 bytes)
Hash
6f717af0e726a10479b7e8bed93e5142
a115121febff939512aba08376c87856e8eb7d81
3f2d568b6fb6321a2e59f992275a60a22c904f5e8d84b7c6e43b1bb702ae86db

HTTP Headers

GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4

104.21.40.89

206 Partial Content

1.3 MB

URL GET HTTP/3
www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type
data
Size
1.3 MB (1322589 bytes)
Hash
ae545fc8df08a64af7672ce65fecb19c
d476978190cac477f87c69de27b8759b05afa1df
ca98385488433e4884d1b640c51bce74a94929df41b8c352dca9888f1e6c2cb5

HTTP Headers

GET /videos/1714713599_dbc1610a8469486c.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1048576-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Sat, 04 May 2024 22:38:49 GMT
content-type: video/mp4
content-length: 188075266
last-modified: Fri, 03 May 2024 05:25:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
content-range: bytes 1048576-189123841/189123842
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31fK4VxC1z%2FMRbaHHQ85nXY7ttI%2FlPK%2BJS8Q1NSbdkcMppmfd2cI%2B%2Fmixsckdjv%2BAk%2FQijnqTQDyjSvDDBCAvnKYpNse8BO7K708FAxuHXvl561PvBArSqLHfaVVK7uR9ejD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb82f80712a-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Karla&display=swap

142.250.74.106

200 OK

802 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Karla&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (820), with no line terminators
Size
802 B (802 bytes)
Hash
19b781ab6f09786f5d9e86ac26de083d
11ca72183489143542fafe4efb122b11f9b4c1d9
e17e04ca3c38fa955e6789b4818c7c24ffd3a99eae0830a01ca51ed8e968db8a

HTTP Headers

GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.amdahost.com/css/root.css

104.21.40.89

200 OK

3.2 kB

URL GET HTTP/3
www.amdahost.com/css/root.css
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type
ASCII text, with very long lines (3175), with no line terminators
Size
3.2 kB (3175 bytes)
Hash
b29e82a0b6fab49b186f1878409b49cf
632d7a94b851c7c879e29825bee06920d7b5cb99
5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf

HTTP Headers

GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5284
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbpI%2BVRH5dpX63NJLTntBHApSUtODA7hTCfKfz%2BPVSMpBfBJD6t%2B%2BXEzB3UUwlf%2Fr%2BtQ5zDXw9%2FAd3EjIjoc0YwlI955qkU3pSojBygs%2FVQl4KIm8PFsnAnKVnv2qWw3ZyoR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbac5fc2712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

js.mbidinp.com/skins/nmain.m.js

45.133.44.53

200 OK

470 kB

URL GET HTTP/2
js.mbidinp.com/skins/nmain.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerLet's Encrypt
Subjectjs.mbidinp.com
FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C
ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT

File type

Size
470 kB (470121 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/nmain.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.amdahost.com/includes/update_visits.php

104.21.40.89

200 OK

0 B

URL POST HTTP/3
www.amdahost.com/includes/update_visits.php
IP
104.21.40.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.amdahost.com/watch.php?id=f86bdb2db9
Certificate
IssuerGoogle Trust Services LLC
Subjectamdahost.com
Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF
ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 53
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 22:39:05 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vHzL%2BQo9%2FP6RaLpfuWEsYR60TU8lNdv96I55xOwL%2BqkxNxL6lPP%2Fnx3XEc4B7MpuCqZr9J7Ugts0S70NIwFfD9BWic9x6WwSgtLnSpqia51ihv30WgTi7ovheGiOix9fW7jm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfc155aac712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL