| vjs.zencdn.net/8.10.0/video-js.css | 151.101.66.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.66.217:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Sat, 04 May 2024 22:38:47 GMT
x-served-by: cache-hel1410023-HEL
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/thumbnails/1714713939_94a6dd6472fc047c.jpg | 104.21.40.89 | 200 OK | 32 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1714713939_94a6dd6472fc047c.jpg IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hashaf62b7d38a6ad2726d59b5bc9009da16 4914a29210434f54d6bc5aca693803a4971a86b9 5f9862b8351eefcdd12e0bced362f1f17e5589cc4c1dd898ebb9fbd5529ebd8e
GET /thumbnails/1714713939_94a6dd6472fc047c.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: image/jpeg
content-length: 31489
last-modified: Fri, 03 May 2024 05:25:39 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GXU7lX%2Btr0VuB4AGfHKQOQRiKHoUsakjQi%2Fu1VwN9dR3V75OXk5VspsWQ6jWZtIbe9tOKW04O7tsgqeuGAZmlgeeRke8j47OKC6aKFd1B8yrhhqQjfHHiyKfGpnONFfnSue%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbac5fc3712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.tailwindcss.com/3.4.3 | 104.22.21.144 | 200 OK | 112 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP104.22.21.144:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size112 kB (112401 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 354415
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbad290556bf-OSL
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 142.250.74.138 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP142.250.74.138:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:27 GMT
expires: Fri, 02 May 2025 01:53:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 247521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.129.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.129.229:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 22:38:48 GMT
age: 4994618
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/4/js/233169 | 88.208.22.3 | 200 OK | 6.6 kB |
URL GET HTTP/232879.2481april2024.com/4/js/233169 IP88.208.22.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeJavaScript source, ASCII text, with very long lines (16647), with no line terminators Hash7f699aabd1322945d7778dfd854da2ee 05e7c49379cc0b3dbddf1d27b3a51ca565af656d 7fd7a283418ba4f66b30a2d3d8d413e36a657ba853da0c2e38bad576ea7a8eb4
GET /4/js/233169 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6575
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
|
|
| js.mbidadm.com/static/scripts.m.js | 45.133.44.53 | 200 OK | 36 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
File typegzip compressed data, from Unix Hash05ce41f3adf4094ec81d90e9375376ea 5db7d860f1261b4db198f789442eac52eac03ab2 d23743d48daa8886e5daae05d7f67b608fca2587ee4dbe4fe841d51daf010f5d
GET /static/scripts.m.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab3f"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:48 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: UID=2405041738cc3161e17cc2423a83ca3b75e3; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.106 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashc6319af3fde062dd62a0be21992860aa 2850dfae3c3acb1f09d8719a1ec91213ef16d0e7 186fbe144a77057933920a13cbb38c4f4d4a70a21a6fd3f0926cb775b114519c
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js | 212.117.190.201 | 200 OK | 48 kB |
URL GET HTTP/2b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, max speed, from Unix Hashbf5751640bd7a699a0df9081bff96fbc 7a5b0941666ab589bc30b0c0645f989c16bb36d2 fddedc237329e5377dc6fc9cb35260955a3efd38f5ba16a67d2fce60d7d4cd0a
GET /t/9/fret/meow4/2020088/0d68ddef.js HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.40.89 | 302 Found | 0 B |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 04 May 2024 22:38:49 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uB9EjS2bw9zGa%2B%2Bdb7VuXuI1IMibjYDLU9AR403Wd6M2RfnIfu9f09xws8VoneM65AAinHeX%2FtGN1U%2FAbZ3Ev9MXZ2Ac3%2FGE8ET8s2Pcyu7wLemIIpPWOO6%2FfwCSeUX7eGMV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb4cd54712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mpougdusr.com/get/2020090?zoneid=2020090&jp=_clb5erlveqc90stdwbdlmm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 16 kB |
URL GET HTTP/2mpougdusr.com/get/2020090?zoneid=2020090&jp=_clb5erlveqc90stdwbdlmm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, from Unix Hasha1ccbd5a51092ac1626a06f5613d9b0b 0e64e1fa95936cb794bdcfe7a1bf5c5d598a77a1 29a3e0a2522a963074abac0137bb76e0f5a8f7b59c22e7d3d66676970589f596
GET /get/2020090?zoneid=2020090&jp=_clb5erlveqc90stdwbdlmm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
UID=2405041738c4f1d4f3133f49e1b1b1a32525; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.106 | 200 OK | 43 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash40d3f6b05cbc11833292e534c3e769e2 5ffca0371e2ce29ce473cc241347568fdd76baad 6222c6b0665b0bec8deac1d590116b27b43f949be0d9cd38c1baf449cd2b3b96
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif | 172.67.25.161 | 200 OK | 143 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif IP172.67.25.161:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Size143 kB (142898 bytes) Hasha3ef7f4652e064704fb9063bd2c44761 f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3 ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Sun, 05 May 2024 21:58:29 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 88820
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ebfbb65b12b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js | 212.117.190.201 | 200 OK | 3.9 MB |
URL GET HTTP/2pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typegzip compressed data, max speed, from Unix Size3.9 MB (3872828 bytes) Hash8e88b8d6f8766260a0d03ad8ec5832a2 289d28ca3a6a10a17476e1914f6056a173e085b5 9205e4cc9cf4405c914204446ace0d2007ad081e978d40cbbf78719631dea0cb
GET /q/tdl/95/dnt/2025683/kep.js HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-164ab"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/g/jsd/r/87ebfba90c7156be | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/g/jsd/r/87ebfba90c7156be IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/g/jsd/r/87ebfba90c7156be HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12190
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw; path=/; expires=Sun, 04-May-25 22:38:49 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Da6MjNsN5QRAJ3%2FYXtXSSRsiuVOvf8ysFcZ5QA1W3dop%2BicY1OqWIx08C9zLPHDlHpTZ3hK5VH62wDScxbAf4pZGXGu1GT6HTvFQu92P7geQ6vgWaYKZ4azxq6BoEEgBldTG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbb74f22712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clbm82hmu5cvgn4n6tfd8u&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 2.3 kB |
URL GET HTTP/2b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clbm82hmu5cvgn4n6tfd8u&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, from Unix Hashac3f0d74e62b886c46bfe7744de3fbcf 5d32ab08184b44093277fb5d0103d00b45cb0d72 614f7d30f804d69bb268c9e9abf9ddadf167d03c634c345f141cea89ec10d8d9
GET /get/2020088?zoneid=2020088&jp=_clbm82hmu5cvgn4n6tfd8u&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2364185031228928&eclog=0&im=1&uf=0 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
UID=2405041738f2d2217dfac0413b88b861837a; Path=/; Expires=Sat, 07 Jun 2025 22:38:48 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 04 May 2024 22:43:49 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/apple-touch-icon.png | 104.21.40.89 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3957
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3u17IPVseMMpbKcOjL6JaUnhJnVTvAnd00r5n0bSi83jjB5razHe1%2F5Nn8A6n2fDJRy%2FUVw33D5Tc5k5TEwT051VOePXKWijRf3XfDcHMQAS9TCNF5OJFt46pyweDE%2BzMAp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb8afc6712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/media/favicon-16x16.png | 104.21.40.89 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSWaqaU8EynOlncV3LoImHQY1Lbr%2Fdk3AzeCOMg6BAZ2tpSp91v6xrzUoEtM4y3%2B%2BP7Oy58oDw4bqliHv7VObyVk4hWsLFAMn6Wx9t7f2zBHnx5DX35uWS3dtuqfe2Hub2yu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb8afc9712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1075
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 04 May 2024 22:38:50 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87ebfbbb8a93712a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js | 104.21.40.89 | 200 OK | 6.8 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7828), with no line terminators Hashb4ce3f67ab885326cf6836283073c42d 15c86ec7fc4fda119ab0aec727e3f820bcc37245 fded1a23e8d90673cf9082505959392aa1178cea8d6566de938bdfb24a87073b
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVbBi%2BbKCbNCBS80VogZzP4yjKdBUWv%2Fxjljo%2FNZfrZhYP09GTJVpckn9bhYFe23i65OqsWRL2Xm0zyr%2F%2BMzUreYc6Gdsvt1ZyzAO6YSsiLuf%2FsjBRO2Lfy0k0m1rcVYJFas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbb5ee0b712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.201 | 200 OK | 54 kB |
URL GET HTTP/2mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, max speed, from Unix Hashafbbb160c32928e68df3c22329f54540 b5679512b81a60e717209abf859b6dd52162992b 431f6a4eaf030b294bcf829a0afe4b12528d272d3af4ad17feca369c24b8bb1c
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 04 May 2024 22:38:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 893 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: f4b8a9e21265a8911073d361e970b7a1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FR%2FWzW3VkE8evdWJlX8uxoRgYiRuxV3gi0RrlrxKoPa1d6FrfCBEZyhJWZjMJmC8NY594Gdu75Jtb7rXsIf%2BFVubZaKB8Aq1FJ5N8rWo9t4%2BKr2Vv0JtlHAt5Tu%2FlSi2k2T%2Fz%2BiTaMcGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbbbd82e56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1835
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 22:38:50 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=14632316738468914492; Expires=Sun, 04 May 2025 22:38:50 GMT; Secure; SameSite=None
Vary: Origin
|
|
| metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 168.119.25.20 | 200 OK | 0 B |
URL GET HTTP/2metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP168.119.25.20:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 22:38:50 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 04 May 2024 22:38:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| 3fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC42OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/23fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC42OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subject3fb4026cec.ffbd26c481.com Fingerprint27:04:EE:66:BA:5B:49:EF:14:C8:8F:A8:F2:D9:35:3D:F6:0F:40:6A ValidityWed, 01 May 2024 02:50:26 GMT - Tue, 30 Jul 2024 02:50:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAwOTIxMjMxMjg2ODEwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC42OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 3fb4026cec.ffbd26c481.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js | 45.133.44.53 | 200 OK | 28 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
File typegzip compressed data, from Unix Hash06016e710e993ce05aed3eb9c12b5826 bbd9c6ab453873cce770bfc0d30862cd1db6fb26 8c38f1cded5182b77564276d9f91f6ba13c5e2fe6c6448d5b673250cc88b3ff1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /69e850fd67f4bef7c987ce894adc6a8e.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| js.mbidpsh.com/npc/sdk/push.m.js?v=1 | 45.133.44.52 | 200 OK | 15 kB |
URL GET HTTP/2js.mbidpsh.com/npc/sdk/push.m.js?v=1 IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectjs.mbidpsh.com FingerprintFB:CB:96:60:36:41:56:0B:E6:D1:90:FE:AB:B3:59:6E:D0:21:67:78 ValidityThu, 18 Apr 2024 03:01:07 GMT - Wed, 17 Jul 2024 03:01:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33497), with no line terminators Hasha069fdae233705c69db53cdddf953015 2dcfb71c08faa8c09be0196751a3b7f08afbb2e0 8358b4d2ef244f2c763073105b21a552b4589aafcf9b46e128820b35a34f7d9a
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.mbidpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/multy | 157.90.84.246 | 200 OK | 0 B |
IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:50 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| js.mbidpp.com/popunder-admanager/build.m.js | 45.133.44.53 | 200 OK | 28 kB |
URL GET HTTP/2js.mbidpp.com/popunder-admanager/build.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectjs.mbidpp.com Fingerprint5B:B3:95:84:D0:2B:0C:9A:68:98:53:B0:A4:A5:68:88:B2:A5:5F:82 ValidityThu, 18 Apr 2024 03:01:11 GMT - Wed, 17 Jul 2024 03:01:10 GMT
File typegzip compressed data, from Unix Hash1be09bd94c924feb98f9c8a1358d34d7 46d474040f895835ea48caa3339209c43fc965c1 e7a4ddfad532563a5d5c307dad60fea76f23fa4b3407ecdffe403ed8113cd45e
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.mbidpp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 795 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hash55649b17ceb7afcd888da7146e826310 3c07f1b01398ed8f7332eabce19e1be1a4d86145 11a80147a3a49c4a0f0340ebde92be846cb4f432e696ed3950d97b7f76a349a8
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 22:38:51 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLueXSimGSZ1duDkF8VHrm%2BwQdZLOzdgeeNfITDgXzixmCwoCQaaAg4KGt7clFhzIbT70hURXMUynniXuLpx4DQdvVMNKDcP0JEB2Xm%2BhdxEvUqn2IZaO9dISzCFV4UNCBaNo1B8LZeQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbc0df85b4ed-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzVq30OKTNNS_Se3b2z0bwrospjUNmVIZE4TbgNKcUOLCeg3XA4eAd_W0bhOCKNObJ8Tu7S | 74.125.131.84 | 302 Found | 425 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzVq30OKTNNS_Se3b2z0bwrospjUNmVIZE4TbgNKcUOLCeg3XA4eAd_W0bhOCKNObJ8Tu7S IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67 ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
File typeHTML document, ASCII text, with very long lines (404) Hashca37f5c87aa8f110b9767d825181a15d 3010354aedf6c72ff39895297b8a4eb4f5e0f274 9e1e496493537bb325f7d804be5f23f36098be929af31471148b5f5d098e0ea1
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzVq30OKTNNS_Se3b2z0bwrospjUNmVIZE4TbgNKcUOLCeg3XA4eAd_W0bhOCKNObJ8Tu7S HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:9uSTbej-r3XbC2Lse29E_9Fy8ox7tg:NrwnTSNRksrHJPf7;Path=/;Expires=Mon, 04-May-2026 22:38:51 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 22:38:51 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx4ePO-1raIkJ7Rz-okgdVSkoQcFw08d0gafMW0uPBVIS40mg3Ure9OTsTNl25Rak__FAj3&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962556525%3A1714862331123026&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-68dInHcMYsckUkdwb3Q8tg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mpougdusr.com/chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=FiMQJOuOvML2PkarooZYJRDTY1XQkP2P-kDnpyicxLAGwWzub9JtLjPCEHXNQSIWT5e2qNqw5bYrdanyLUv-B6V0XlWlYvdifpl154cABNN1XBeneD8FRwlpdTMCfOe2oSs2pKFKJK2LFjK_XP7akR2PMyrLzFFBEHzacHpkp0baiDhsQB5z4fkc3OTcXfOIAN01ptvd1A8dcqa3MFnQlMrF7hzhOm6Mwo-mlGZw6NZWZ4iPR7iSImqRbkRwzkywW8sYk1AehgivX-s50hOTFp6KdGB_AN75mbaVzXN8XTX6Aw7bqxuOn_3nhUxmxzCBbLB5RlTjCM5dLww6BTt-fTM9QNwTI1KSQDN-Qy4ASTXaXDqOoxARXkkrKefiIcoJf3ChNMwC9WMPyfCZkcCyhxBa1jlHwcVhiBHWDv5SUSOwUsREEs2xwr23Lre6XMtZyKhfV45ApYj7ND2d1Et_KHODnQKrz9Dej3wo8k4lqFHYBbxv8nfInCrRc4FvFjfYyiDaxCOw8kEChytjdEJKnHx2diXNEEOmF6G5VBinmllbnFzoJ4nqPq9Hu8r5uqEiHQoJ_Cnf23yP6bE2L3ju0TEnfos1uFmtpZ_KhcsM3d-N3D85GLvgAyU5bktgX5w61QU_3H4Nlm63QQwUZK81FRbg7rmjtzLGI5pcmjFRvNvGkPZreEcFliUuBhSlWTVScIpfvKDLL9eHP3iSNuGUGrxbD2GyJhGb05jPvWbfQyJ9-KYNffKHcd3695cQ5Mf5Su2s5sWhxAjGN2toRBF6JKRa5cnRHNQyYXlWNXycaB3WD44oDHAwbKcOh7qQgeWp_71_PWeWF4x6Z3yHyl1JMA68Rfd-SgtXh8tmXP31k3c46nBgObrDYYZmgBlH0es3Pim8UU4UnctDzlmxfiP7_wrxZw1JVjJHeZfXdqpQJOL5K3Ftt3v7VyNlRTq3ginHSS52ntOJ-CXWzHwVyIQTNHsrFTuyp4-0UDbbMeSHI08WPNaaozksdH26MXZwR6PnT6lWnp6MQIOPsP-8Qd42EEiIpz8ti5d70IIXfXkEnvfXTs1cx_OMAmhJJEudqXspOIsMsviqshcHHflWITdCSbZ0XSbawrwsXrGbgkgo4bpiWaSApZnFdEJnafhZP8GAosZN-B0Yp6ghtNBO_PBRfHfaek9Hu7Gx3OnQWTiwqWnihSp6AHiQNWZ9u04oDFAIJIIoZ4uPCnbhklWlVNDNTo6te-lfIPzXW3DfGzt8KGKODpde0eBdguz65BjP0KrXU5SAVEUktnRAgWcZXIQaAl1v1Kz3n8q9DDJ9NlrVPdo2ee4earFNoOv37zBe8wH5FS0OuRrNVvKF6jEI5cIwcLRqJW2avl1Bd5LpkUshuD6oB4ERzhZ8eQeMdNlc4qsi2eNXyddXLiIeUUQq20HTdXrEzSfwOhnjAtCo0FJHYiQcFJ2lW_vZV7Lpdy1YBAeyXhgVlvelzyP6H9Ilx9oQ_Qpoy017MX7yeMSfitzgAujrtSDRWCqTpmDLBui4bGQmRu8G4Tzt1GRuG5-i4s3NSQ_0yyEIEJqv1jRtCDU3FEBCHJxnqrb9amGN7YJUPP7pPeftSd4fl9gamXCNNYb7dHbD7Sj-hBIZeXs_Djx--yoIc6DUjdO9S4y-jB6Yn7iFZnQ8r-e34SqZ2pQhEbqBXhIplu1n0JPZ5op7Zq6pmaO46mPrP1Vmnc5LpuevzVBIpWio74e6k7lNwgpVmVBUaO3nftxNRkG969e90PWimQLU4H9Q8KS-SWfy9Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2mpougdusr.com/chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=FiMQJOuOvML2PkarooZYJRDTY1XQkP2P-kDnpyicxLAGwWzub9JtLjPCEHXNQSIWT5e2qNqw5bYrdanyLUv-B6V0XlWlYvdifpl154cABNN1XBeneD8FRwlpdTMCfOe2oSs2pKFKJK2LFjK_XP7akR2PMyrLzFFBEHzacHpkp0baiDhsQB5z4fkc3OTcXfOIAN01ptvd1A8dcqa3MFnQlMrF7hzhOm6Mwo-mlGZw6NZWZ4iPR7iSImqRbkRwzkywW8sYk1AehgivX-s50hOTFp6KdGB_AN75mbaVzXN8XTX6Aw7bqxuOn_3nhUxmxzCBbLB5RlTjCM5dLww6BTt-fTM9QNwTI1KSQDN-Qy4ASTXaXDqOoxARXkkrKefiIcoJf3ChNMwC9WMPyfCZkcCyhxBa1jlHwcVhiBHWDv5SUSOwUsREEs2xwr23Lre6XMtZyKhfV45ApYj7ND2d1Et_KHODnQKrz9Dej3wo8k4lqFHYBbxv8nfInCrRc4FvFjfYyiDaxCOw8kEChytjdEJKnHx2diXNEEOmF6G5VBinmllbnFzoJ4nqPq9Hu8r5uqEiHQoJ_Cnf23yP6bE2L3ju0TEnfos1uFmtpZ_KhcsM3d-N3D85GLvgAyU5bktgX5w61QU_3H4Nlm63QQwUZK81FRbg7rmjtzLGI5pcmjFRvNvGkPZreEcFliUuBhSlWTVScIpfvKDLL9eHP3iSNuGUGrxbD2GyJhGb05jPvWbfQyJ9-KYNffKHcd3695cQ5Mf5Su2s5sWhxAjGN2toRBF6JKRa5cnRHNQyYXlWNXycaB3WD44oDHAwbKcOh7qQgeWp_71_PWeWF4x6Z3yHyl1JMA68Rfd-SgtXh8tmXP31k3c46nBgObrDYYZmgBlH0es3Pim8UU4UnctDzlmxfiP7_wrxZw1JVjJHeZfXdqpQJOL5K3Ftt3v7VyNlRTq3ginHSS52ntOJ-CXWzHwVyIQTNHsrFTuyp4-0UDbbMeSHI08WPNaaozksdH26MXZwR6PnT6lWnp6MQIOPsP-8Qd42EEiIpz8ti5d70IIXfXkEnvfXTs1cx_OMAmhJJEudqXspOIsMsviqshcHHflWITdCSbZ0XSbawrwsXrGbgkgo4bpiWaSApZnFdEJnafhZP8GAosZN-B0Yp6ghtNBO_PBRfHfaek9Hu7Gx3OnQWTiwqWnihSp6AHiQNWZ9u04oDFAIJIIoZ4uPCnbhklWlVNDNTo6te-lfIPzXW3DfGzt8KGKODpde0eBdguz65BjP0KrXU5SAVEUktnRAgWcZXIQaAl1v1Kz3n8q9DDJ9NlrVPdo2ee4earFNoOv37zBe8wH5FS0OuRrNVvKF6jEI5cIwcLRqJW2avl1Bd5LpkUshuD6oB4ERzhZ8eQeMdNlc4qsi2eNXyddXLiIeUUQq20HTdXrEzSfwOhnjAtCo0FJHYiQcFJ2lW_vZV7Lpdy1YBAeyXhgVlvelzyP6H9Ilx9oQ_Qpoy017MX7yeMSfitzgAujrtSDRWCqTpmDLBui4bGQmRu8G4Tzt1GRuG5-i4s3NSQ_0yyEIEJqv1jRtCDU3FEBCHJxnqrb9amGN7YJUPP7pPeftSd4fl9gamXCNNYb7dHbD7Sj-hBIZeXs_Djx--yoIc6DUjdO9S4y-jB6Yn7iFZnQ8r-e34SqZ2pQhEbqBXhIplu1n0JPZ5op7Zq6pmaO46mPrP1Vmnc5LpuevzVBIpWio74e6k7lNwgpVmVBUaO3nftxNRkG969e90PWimQLU4H9Q8KS-SWfy9Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=FiMQJOuOvML2PkarooZYJRDTY1XQkP2P-kDnpyicxLAGwWzub9JtLjPCEHXNQSIWT5e2qNqw5bYrdanyLUv-B6V0XlWlYvdifpl154cABNN1XBeneD8FRwlpdTMCfOe2oSs2pKFKJK2LFjK_XP7akR2PMyrLzFFBEHzacHpkp0baiDhsQB5z4fkc3OTcXfOIAN01ptvd1A8dcqa3MFnQlMrF7hzhOm6Mwo-mlGZw6NZWZ4iPR7iSImqRbkRwzkywW8sYk1AehgivX-s50hOTFp6KdGB_AN75mbaVzXN8XTX6Aw7bqxuOn_3nhUxmxzCBbLB5RlTjCM5dLww6BTt-fTM9QNwTI1KSQDN-Qy4ASTXaXDqOoxARXkkrKefiIcoJf3ChNMwC9WMPyfCZkcCyhxBa1jlHwcVhiBHWDv5SUSOwUsREEs2xwr23Lre6XMtZyKhfV45ApYj7ND2d1Et_KHODnQKrz9Dej3wo8k4lqFHYBbxv8nfInCrRc4FvFjfYyiDaxCOw8kEChytjdEJKnHx2diXNEEOmF6G5VBinmllbnFzoJ4nqPq9Hu8r5uqEiHQoJ_Cnf23yP6bE2L3ju0TEnfos1uFmtpZ_KhcsM3d-N3D85GLvgAyU5bktgX5w61QU_3H4Nlm63QQwUZK81FRbg7rmjtzLGI5pcmjFRvNvGkPZreEcFliUuBhSlWTVScIpfvKDLL9eHP3iSNuGUGrxbD2GyJhGb05jPvWbfQyJ9-KYNffKHcd3695cQ5Mf5Su2s5sWhxAjGN2toRBF6JKRa5cnRHNQyYXlWNXycaB3WD44oDHAwbKcOh7qQgeWp_71_PWeWF4x6Z3yHyl1JMA68Rfd-SgtXh8tmXP31k3c46nBgObrDYYZmgBlH0es3Pim8UU4UnctDzlmxfiP7_wrxZw1JVjJHeZfXdqpQJOL5K3Ftt3v7VyNlRTq3ginHSS52ntOJ-CXWzHwVyIQTNHsrFTuyp4-0UDbbMeSHI08WPNaaozksdH26MXZwR6PnT6lWnp6MQIOPsP-8Qd42EEiIpz8ti5d70IIXfXkEnvfXTs1cx_OMAmhJJEudqXspOIsMsviqshcHHflWITdCSbZ0XSbawrwsXrGbgkgo4bpiWaSApZnFdEJnafhZP8GAosZN-B0Yp6ghtNBO_PBRfHfaek9Hu7Gx3OnQWTiwqWnihSp6AHiQNWZ9u04oDFAIJIIoZ4uPCnbhklWlVNDNTo6te-lfIPzXW3DfGzt8KGKODpde0eBdguz65BjP0KrXU5SAVEUktnRAgWcZXIQaAl1v1Kz3n8q9DDJ9NlrVPdo2ee4earFNoOv37zBe8wH5FS0OuRrNVvKF6jEI5cIwcLRqJW2avl1Bd5LpkUshuD6oB4ERzhZ8eQeMdNlc4qsi2eNXyddXLiIeUUQq20HTdXrEzSfwOhnjAtCo0FJHYiQcFJ2lW_vZV7Lpdy1YBAeyXhgVlvelzyP6H9Ilx9oQ_Qpoy017MX7yeMSfitzgAujrtSDRWCqTpmDLBui4bGQmRu8G4Tzt1GRuG5-i4s3NSQ_0yyEIEJqv1jRtCDU3FEBCHJxnqrb9amGN7YJUPP7pPeftSd4fl9gamXCNNYb7dHbD7Sj-hBIZeXs_Djx--yoIc6DUjdO9S4y-jB6Yn7iFZnQ8r-e34SqZ2pQhEbqBXhIplu1n0JPZ5op7Zq6pmaO46mPrP1Vmnc5LpuevzVBIpWio74e6k7lNwgpVmVBUaO3nftxNRkG969e90PWimQLU4H9Q8KS-SWfy9Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405041738c4f1d4f3133f49e1b1b1a32525
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/multy | 157.90.84.246 | 200 OK | 2.5 kB |
IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash8863046efea5e878bd79882a59ec3bfe 0135485b5bfa3d25b2a27a501396bef17dcf2991 202cbeab39d7005ca037466561f0c2914349e27e86b985866df95852499ab0c2
POST /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2166
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:51 GMT
content-type: application/json
content-length: 2451
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=SkewakEimefxlmo-BP2omGmNVSLvWcSti4LZpHqvDSfwbnWxBEMGrO9GxSmSFZc1AlNxcaKql8EsjKdhA71V2ffjSNMh2KhXvq1iG0J1T2ilaGnlsdhkwEBAl2FV42shvR0r1ARL9py7XWolvhOVWie4pG0NLvTLaj2RWFXPTHD1B6G9xA&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=efda6aae-37ca-47dc-825c-95799a92dad7&prev_step_diff=1027 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=SkewakEimefxlmo-BP2omGmNVSLvWcSti4LZpHqvDSfwbnWxBEMGrO9GxSmSFZc1AlNxcaKql8EsjKdhA71V2ffjSNMh2KhXvq1iG0J1T2ilaGnlsdhkwEBAl2FV42shvR0r1ARL9py7XWolvhOVWie4pG0NLvTLaj2RWFXPTHD1B6G9xA&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=efda6aae-37ca-47dc-825c-95799a92dad7&prev_step_diff=1027 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=SkewakEimefxlmo-BP2omGmNVSLvWcSti4LZpHqvDSfwbnWxBEMGrO9GxSmSFZc1AlNxcaKql8EsjKdhA71V2ffjSNMh2KhXvq1iG0J1T2ilaGnlsdhkwEBAl2FV42shvR0r1ARL9py7XWolvhOVWie4pG0NLvTLaj2RWFXPTHD1B6G9xA&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=efda6aae-37ca-47dc-825c-95799a92dad7&prev_step_diff=1027 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=eAwCXfaULrB6s4eBOr_R3bY8MnmpmQy-oF9o6V55eNdYONZ1ZQl8DaPU5lH2TQcReS6zED1gjISbugv-1pAkooFejWx5MUKFLiseDXq7N1kwJl54B2i53kHqkiQZaW7kZ2BNzSifmRslUbTC_Dva1iapRqEIR5PircUto8NM8MLxGqBfMQ&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=50c8a122-ece7-4743-8003-1ea3fc387772&prev_step_diff=1026 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=eAwCXfaULrB6s4eBOr_R3bY8MnmpmQy-oF9o6V55eNdYONZ1ZQl8DaPU5lH2TQcReS6zED1gjISbugv-1pAkooFejWx5MUKFLiseDXq7N1kwJl54B2i53kHqkiQZaW7kZ2BNzSifmRslUbTC_Dva1iapRqEIR5PircUto8NM8MLxGqBfMQ&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=50c8a122-ece7-4743-8003-1ea3fc387772&prev_step_diff=1026 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862330&subid=1211831614&sid=2414309017&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=eAwCXfaULrB6s4eBOr_R3bY8MnmpmQy-oF9o6V55eNdYONZ1ZQl8DaPU5lH2TQcReS6zED1gjISbugv-1pAkooFejWx5MUKFLiseDXq7N1kwJl54B2i53kHqkiQZaW7kZ2BNzSifmRslUbTC_Dva1iapRqEIR5PircUto8NM8MLxGqBfMQ&ext_cid=0&px_id=560190&min_cpm=0.10778139376896982&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3315569928670315573&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.022363694158244393&cpm=0&verify_hash=8ff4138591b2331f96ac7dc2fff602a4&is_native=4&real_bid=0.0005702155762325474&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999993&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=50c8a122-ece7-4743-8003-1ea3fc387772&prev_step_diff=1026 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| js.wpshsdk.com/npc/sdk/push.m.js?v=1 | 45.133.44.53 | 200 OK | 16 kB |
URL GET HTTP/2js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectjs.wpshsdk.com Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT
File typegzip compressed data, from Unix Hashbd99019fe09de7de1a290e171bcff686 def73f8796232f82f4886a80543924a44ac14d25 92f3259becdf09c1cb95e163bfc058bbb9ebf489bedb141e9085e6e20229cf07
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.14 | 200 OK | 100 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typegzip compressed data, from Unix Hash357a66cb39c894e379ddcba79325c21d 0265c6b6616af6585e52e0630248321ab2f57109 21bb5270f04376d27b5ba1bcd84b450b471030e02a399d642a806f24a10f71f7
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3Hw0AAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: c0a4cc28cf26a6a3f8b8366601a8f706
x-accel-expires: @1714945369
x-accel-date: 1714858969
x-77-cache: HIT
x-77-age: 3359
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 3359
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=8890fccb-862e-4193-89dd-c51a8322e20a&prev_step_diff=1027 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=8890fccb-862e-4193-89dd-c51a8322e20a&prev_step_diff=1027 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=8890fccb-862e-4193-89dd-c51a8322e20a&prev_step_diff=1027 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 22:38:51 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 22:38:51 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=b79f5eca-a9e6-4312-94d5-b876672f686d&prev_step_diff=1025 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=b79f5eca-a9e6-4312-94d5-b876672f686d&prev_step_diff=1025 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.04&cpa=b79f5eca-a9e6-4312-94d5-b876672f686d&prev_step_diff=1025 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 22:38:51 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:51 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 22:38:51 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 5.4 kB |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashca05b21d86db01b4856547c0386f803b 8d3c2cc4c260d66e3a5cf61bf6b8aac9d15f75fb 3b52283ae4027f4d11ed96fb1d48f1ed068e5d73ec5aec92930bfcf2d7df6ac4
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 22:38:50 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cm6msTJUGDjhjCQBfIg9nvngNrJei89JKbze8y2ZZ27iszKsG2kRxxAowcSODruhqsGFzG1dsNNO%2FxxTIIuhP6irpyIu07z3y28zxh469viICJoTMCgK4rP0Sq%2F4VtaMNAwkbYuP5GpHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbc02f0bb4ed-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 4.5 kB |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
File typeHTML document, ASCII text, with very long lines (4305), with CRLF line terminators Hashda159a168a87397b9d1fb2d47d1b1410 c4a03caf8baceab12c16cf273e878c32eecedc81 a5049c8d71f2d14b8a486781fcf42b24764be6cfdead0617cb887750b7d9d712
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 22:38:51 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4bDCg0PkelMLJwkLvmdIQF%2FMGY11uTQyqV9%2FK2LOAUP8H9NG2HYaP6XnYxFexJ9mVV3DeEaJnot9NYpCRaoR%2BX1uVC1esgtKqB3JJ%2F3K5a9uGNpqIFJ%2FTKMieYO0Vv64c2EUaxOwihzEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbc2b8dfb4ed-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mpougdusr.com/chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=zIhXDA-hPA6L3dV5CXkGQuxTc_SAgMa1Ts_w9OSCiRF17HsqLAO0P0fj8SlGmKXoCmxrbsKJHqJDN1Vz0IhtO4CWS-hBuKOTdA5ZvDwnSTiPrshfu-isjUAPUJ4t5mV4_NINoUmPZYcuAiLaHz-vl--464j1lDTAcvIs57cIOS6DhfZQTECEGV94EHUpAgC0jVnJ3zWRRKf3IkyWqnUByNGhasknTF3nl4GDwzOhMi0mvaIyVw4M0Wcs4sFJZhG6VVj7kgNS1rjw2HvoJEbcHkcmRpZSWcjlv1kra-T-wGujC4bh5LRjbqUtPB62JLk4ymU0QpEyMOEpgMBvdBOrCwhpXfpeiovJ8T9vzi4Hpb06FaTyBgMLFgC2bLdUQ5XBljHm6_-PnSlboWPWBNZZgLNLXofuLtskG1L9pdvw0lcfK8V2qctbihloZk1veaHbpSL6OfsGhPycsyqGONnyziYzLkUoDTEGHtk_3NmkDeNfFFxmCrz0lhibwOCPme5Vde3w5h5noj_78RMK0_DhFDe7WNYKYHIjG8pgFALhgvwFyuVD8RLgKc7B0o3Eif7VjZGX9HWoZgsn1j3oAm_kkXi_oS8W8INlchy56pOR4bkfnUSDM319RyYCX_5CQRlEw00z_9kROgiMdmx-y5Q-ggpTBODRwqPUhq-VUgoM2Mbh8J3wJcNqJJcQnYPQvIygStKB1W1_8m5L6NYf_gGcFVikER9CBJLWa3sd8ly88Sj4tIoE_xR6lcscxbQycH290qAcsjjv5JgmQ8Pe3Ukv7PaSu4u-leaNos7QNUpxJ6cMi2eHSIcUD3ZgLTSKIoWx86w2Vjxgg-VEOHNOwBqMDo833082PYJXfCZlsunL3DD5rKK9Z2CIRExc585S0vU685NJ-dVZ_V665WFEbEB_tEAgksb9uM2byGZEZmCe0WPi-h4fVUu9ZrmQYdLCGRQ7ClzisMiTusdD4mIwEHtj_Dda0NBBsIpmCvTvZvWxszrSWn22LrMUPvtMJwAkZ0I4CHIKtjrlACGF5n5xoO2Dw52iDDK5qVyFyUTn7RwonE9rZbjxyiqDBxqxXZifgVjpQMMR7xZOT0XbL4-hDFqiKXiL7dpg1sYYh0o7V74KX0AIqBJejQJ7bqSPgtq-xGcaiJGYeKxNZN1EJl58ZN9YjFHCcOs-1V-j4IZjn8ihZznlsN0fhFvyRE1pO0wZ5A9DEc7bAmiJtZi1eCupJLcpv1CBoEdZUKXzChsyBdedoL490hrsoekSRFd79jh9likDClq4puh3Yovv-RXgBxBpNjq_xUKAO0yMV8Gu5nSAAq8UI-fB_Q9zy5SZ7xoGDRd4yXxkNe2P40c0-JK9tcU7viTqD8XHk4vkyvX2rOv-pUNjY8qeaUA2aMC6xb596EOWHW5BczMbOaCG4_gzzZYaEYwOSazmx71t5v3tgbmB5ezSt4LheVStEjFN4vKFg9ttqxq9yp1jTZRw7LRVdF5CzVB9-qYxTZixGWL9hX_jaItWxdqyuLW5DzSAyH_G4p0G2Dt1a6JuTH-kJKrc-aYjqedJFxFCC5fAHlGq6_NNfGLqwDyNipVnD8km2e6uJgXK3FWr1wgxyO1GLtUsdzUi7Ql4PevebopkY0QFIgzCwSPEgDA8kSYRAexC_Hdi5ZUr4GIdt783iZ-j-TmQmHmEmBg-iH_ih-utLWVxPlePjHUmYh8jwWAI6WUA3b-US5GOUTDd5OxIq5oigAzLU3mLCmPQK7ssfIAZHaAjJkVz47gE3Asiz1t1jkYgkXYAsRa4B8wF5ES4Fc8oPKDeK6OCQ0795SbNbKwa4X3Xsrmx-Nx4w2XFIJoCjF0xAG3PxM-QFB7m3mY1kymZ_Mzc5NTQf8yRx4myEKL7JSRzBdtF7x3GMh-jv7o1oJVONMJBi6bSsNgLgtqlh5HaltHgJmRHMZx1NCXuslgsO-S0YfZ4BaPy4eFOkfzuHULEkt6W2RPsZRxXP0Ruj2Z65jVVWtWjgsdkuloMwV-poFkvnCnPPcuW_BqEyFCuBYP--PTrANZqDLN6vLklGyoRxmn6H99APGGRKshi5ymKIhHw8ImKgNx3tjHB2kv5OT6m_dWJLHmvPnbdyKvFdy74KoRRuUXuPSD6YkVzrJGy8uNZ9gMDQh-nWTwDbOW_kdcv_SfZFp8xHecE_i_q9bD4Q0wTnFKaKVlMXcBEED0fnWsc6IjddkC4ytj5h5EYtWmXDU6KNZkULI8SYmF3WUstd8hzW89_4CqOg00bWwYovyZ71XIyWGYz85qiEDA8l6jekXzEYvodPIScvw9mxJ-F_IOPi8wlH41PaNGlRgfV4yYoc6cNj1tldtqWOG9MKZ79jAHTMVqha6i_rCrTvygaARkg4lWAGekU19RDiptr_GDmz4r4npKIImL--D1AfNZ-bUurFi-GO89yQkzMhAfu6Oxuc_wlbVhU8l1WjpHp311GvVIbpARgbt2pyEw9ahjaIZ5me-ubEXm3yUkXbc_hP9DSVhkMIe35hFtScGYQ_kgHjzNxQxWESowk4BTSNxkkOGjRGgv89nDQMskIn5YxyRCw5QfJi0_dCjE4mKDzx07Knk3A7kAyUIpPBoYM82W4XBFUkoHoLaVkuDLJjMfYls7AKf7ORFkEQn_wNx0AxVBx3VL7YZVLeJ10okSHszjg5NmtB88irCjbuU3Apy5j-KFgEzyynZ3gLMnrC479gtUF_GOISbRWskdOoQtOuMkaN_aex4K3ltfHrGA9086OAUPzTycUwdezdP9uOq4Bml-uNvsvQfzGDmFGFu1qDRtsVvF7b5rpZURHRtMUsZehmD694TVxLliYS8E626hTSfiVIeWJFNWrKWxqv2PmJH7F1xdJv59YouVwf9ui4oZwLmG0cZ22HRWwyBpubfPaAJAjFGMwgkp1Hx7p09rmuxg1elrwPVQZEXXu-DuDQLHgAA19tyNC6NxxxVo6ZJixnRGs_yWIazqZwGRVrSn7Hbl4MB0MDtuc-8mI90x8gSCkNhzZsrb5VwMusoqnp2iKCzfuSOL-fvH__WEgk8PT7aLXuQQcj9IpVVqgHstC5uyVY2evX7Jwp3-mW5ogbjDPPk4y9EAd-PAAGj5mFjKjgNu3LqqnCWPY-ubeG1yVHLZi1W9SpRxT60ESA5n5i9g2_Vi66r0j_F2aTI4Yw48y6z2dktLEFwLrIVyqYWRomqJstik4Yg4_TDqLz3SCGoKX3UrER5CckZ6UfM2wkWFj-kzR9dvFfyZScljXfFuodG0ueIIxjb8P6FHDfnLkzVR8IF6lNEGVaB7ZO7gg3YoOBFcPDUwL-oQUpMd0V1SF0lKQNpTwDZrfCF1wbqIN2dpm8zuYHiTOMwNSE_lQYq6osSD3xceO07gcPPksICP7vD3-eo_rNZWjgrDOcrJ0ddrC8KD5CLjRYo45L21YnMKTze6PuMa-iasNQTY7ncO3GHTxy11IG8p3VtXWe4ahvsmpeHOLj160caPQtmAzUNmcqgyLwhTyOkQGKOod1k6szSz6jdQxCTLND2K0dvbYFnRGhCezO9D5_so2K-8uyAemcZcdNlCthtMYkVACjXp2hItxwjsB9NIN7GpVo3y-d1tKL08w0SCYBPRyDiAOxCDn2vc66PcM74H2cU1TDxPCmnctJgCfZbmUoXk7f0SgQ119oo6l8zLKDVF_1y8F3QznYS8WShdtaQrQWo3J1GcNgOrRI3UpPEz9jgxG6HOZTsnKulQecnx7g8oJSttbb7kNohzShgTBhgLHoEHdhE5WhDZDDySk1PvMtRTlWRaXuhQIiAJbxe4D44AW8y1Zok4h890YynsUWXVEDNjeETj5rQwjiPtmZadaTEMWA6UXJpsFi3H9Gdx2cB9Dp5VlEbXgrXcizSyXPQ_Qje9qNyuPeA9oZmeMs-bPkFohdamUyE1fDp6V_yHZl_vbAbs_p6QvCx22jRESh6khy3SglvrJMjB_BiyQCyoXkYHFFJQSXHUM5NeBgUByyJJnZ90SYtwRyjskxX6Ykh9ais1fQK8ELTsJkB5xGa6Xhh23_LJH9oFfZFyOqjIpXHIR7IYKeC3roZPHed-D8S0qzk70cl7trmlzKv6XNg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2mpougdusr.com/chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=zIhXDA-hPA6L3dV5CXkGQuxTc_SAgMa1Ts_w9OSCiRF17HsqLAO0P0fj8SlGmKXoCmxrbsKJHqJDN1Vz0IhtO4CWS-hBuKOTdA5ZvDwnSTiPrshfu-isjUAPUJ4t5mV4_NINoUmPZYcuAiLaHz-vl--464j1lDTAcvIs57cIOS6DhfZQTECEGV94EHUpAgC0jVnJ3zWRRKf3IkyWqnUByNGhasknTF3nl4GDwzOhMi0mvaIyVw4M0Wcs4sFJZhG6VVj7kgNS1rjw2HvoJEbcHkcmRpZSWcjlv1kra-T-wGujC4bh5LRjbqUtPB62JLk4ymU0QpEyMOEpgMBvdBOrCwhpXfpeiovJ8T9vzi4Hpb06FaTyBgMLFgC2bLdUQ5XBljHm6_-PnSlboWPWBNZZgLNLXofuLtskG1L9pdvw0lcfK8V2qctbihloZk1veaHbpSL6OfsGhPycsyqGONnyziYzLkUoDTEGHtk_3NmkDeNfFFxmCrz0lhibwOCPme5Vde3w5h5noj_78RMK0_DhFDe7WNYKYHIjG8pgFALhgvwFyuVD8RLgKc7B0o3Eif7VjZGX9HWoZgsn1j3oAm_kkXi_oS8W8INlchy56pOR4bkfnUSDM319RyYCX_5CQRlEw00z_9kROgiMdmx-y5Q-ggpTBODRwqPUhq-VUgoM2Mbh8J3wJcNqJJcQnYPQvIygStKB1W1_8m5L6NYf_gGcFVikER9CBJLWa3sd8ly88Sj4tIoE_xR6lcscxbQycH290qAcsjjv5JgmQ8Pe3Ukv7PaSu4u-leaNos7QNUpxJ6cMi2eHSIcUD3ZgLTSKIoWx86w2Vjxgg-VEOHNOwBqMDo833082PYJXfCZlsunL3DD5rKK9Z2CIRExc585S0vU685NJ-dVZ_V665WFEbEB_tEAgksb9uM2byGZEZmCe0WPi-h4fVUu9ZrmQYdLCGRQ7ClzisMiTusdD4mIwEHtj_Dda0NBBsIpmCvTvZvWxszrSWn22LrMUPvtMJwAkZ0I4CHIKtjrlACGF5n5xoO2Dw52iDDK5qVyFyUTn7RwonE9rZbjxyiqDBxqxXZifgVjpQMMR7xZOT0XbL4-hDFqiKXiL7dpg1sYYh0o7V74KX0AIqBJejQJ7bqSPgtq-xGcaiJGYeKxNZN1EJl58ZN9YjFHCcOs-1V-j4IZjn8ihZznlsN0fhFvyRE1pO0wZ5A9DEc7bAmiJtZi1eCupJLcpv1CBoEdZUKXzChsyBdedoL490hrsoekSRFd79jh9likDClq4puh3Yovv-RXgBxBpNjq_xUKAO0yMV8Gu5nSAAq8UI-fB_Q9zy5SZ7xoGDRd4yXxkNe2P40c0-JK9tcU7viTqD8XHk4vkyvX2rOv-pUNjY8qeaUA2aMC6xb596EOWHW5BczMbOaCG4_gzzZYaEYwOSazmx71t5v3tgbmB5ezSt4LheVStEjFN4vKFg9ttqxq9yp1jTZRw7LRVdF5CzVB9-qYxTZixGWL9hX_jaItWxdqyuLW5DzSAyH_G4p0G2Dt1a6JuTH-kJKrc-aYjqedJFxFCC5fAHlGq6_NNfGLqwDyNipVnD8km2e6uJgXK3FWr1wgxyO1GLtUsdzUi7Ql4PevebopkY0QFIgzCwSPEgDA8kSYRAexC_Hdi5ZUr4GIdt783iZ-j-TmQmHmEmBg-iH_ih-utLWVxPlePjHUmYh8jwWAI6WUA3b-US5GOUTDd5OxIq5oigAzLU3mLCmPQK7ssfIAZHaAjJkVz47gE3Asiz1t1jkYgkXYAsRa4B8wF5ES4Fc8oPKDeK6OCQ0795SbNbKwa4X3Xsrmx-Nx4w2XFIJoCjF0xAG3PxM-QFB7m3mY1kymZ_Mzc5NTQf8yRx4myEKL7JSRzBdtF7x3GMh-jv7o1oJVONMJBi6bSsNgLgtqlh5HaltHgJmRHMZx1NCXuslgsO-S0YfZ4BaPy4eFOkfzuHULEkt6W2RPsZRxXP0Ruj2Z65jVVWtWjgsdkuloMwV-poFkvnCnPPcuW_BqEyFCuBYP--PTrANZqDLN6vLklGyoRxmn6H99APGGRKshi5ymKIhHw8ImKgNx3tjHB2kv5OT6m_dWJLHmvPnbdyKvFdy74KoRRuUXuPSD6YkVzrJGy8uNZ9gMDQh-nWTwDbOW_kdcv_SfZFp8xHecE_i_q9bD4Q0wTnFKaKVlMXcBEED0fnWsc6IjddkC4ytj5h5EYtWmXDU6KNZkULI8SYmF3WUstd8hzW89_4CqOg00bWwYovyZ71XIyWGYz85qiEDA8l6jekXzEYvodPIScvw9mxJ-F_IOPi8wlH41PaNGlRgfV4yYoc6cNj1tldtqWOG9MKZ79jAHTMVqha6i_rCrTvygaARkg4lWAGekU19RDiptr_GDmz4r4npKIImL--D1AfNZ-bUurFi-GO89yQkzMhAfu6Oxuc_wlbVhU8l1WjpHp311GvVIbpARgbt2pyEw9ahjaIZ5me-ubEXm3yUkXbc_hP9DSVhkMIe35hFtScGYQ_kgHjzNxQxWESowk4BTSNxkkOGjRGgv89nDQMskIn5YxyRCw5QfJi0_dCjE4mKDzx07Knk3A7kAyUIpPBoYM82W4XBFUkoHoLaVkuDLJjMfYls7AKf7ORFkEQn_wNx0AxVBx3VL7YZVLeJ10okSHszjg5NmtB88irCjbuU3Apy5j-KFgEzyynZ3gLMnrC479gtUF_GOISbRWskdOoQtOuMkaN_aex4K3ltfHrGA9086OAUPzTycUwdezdP9uOq4Bml-uNvsvQfzGDmFGFu1qDRtsVvF7b5rpZURHRtMUsZehmD694TVxLliYS8E626hTSfiVIeWJFNWrKWxqv2PmJH7F1xdJv59YouVwf9ui4oZwLmG0cZ22HRWwyBpubfPaAJAjFGMwgkp1Hx7p09rmuxg1elrwPVQZEXXu-DuDQLHgAA19tyNC6NxxxVo6ZJixnRGs_yWIazqZwGRVrSn7Hbl4MB0MDtuc-8mI90x8gSCkNhzZsrb5VwMusoqnp2iKCzfuSOL-fvH__WEgk8PT7aLXuQQcj9IpVVqgHstC5uyVY2evX7Jwp3-mW5ogbjDPPk4y9EAd-PAAGj5mFjKjgNu3LqqnCWPY-ubeG1yVHLZi1W9SpRxT60ESA5n5i9g2_Vi66r0j_F2aTI4Yw48y6z2dktLEFwLrIVyqYWRomqJstik4Yg4_TDqLz3SCGoKX3UrER5CckZ6UfM2wkWFj-kzR9dvFfyZScljXfFuodG0ueIIxjb8P6FHDfnLkzVR8IF6lNEGVaB7ZO7gg3YoOBFcPDUwL-oQUpMd0V1SF0lKQNpTwDZrfCF1wbqIN2dpm8zuYHiTOMwNSE_lQYq6osSD3xceO07gcPPksICP7vD3-eo_rNZWjgrDOcrJ0ddrC8KD5CLjRYo45L21YnMKTze6PuMa-iasNQTY7ncO3GHTxy11IG8p3VtXWe4ahvsmpeHOLj160caPQtmAzUNmcqgyLwhTyOkQGKOod1k6szSz6jdQxCTLND2K0dvbYFnRGhCezO9D5_so2K-8uyAemcZcdNlCthtMYkVACjXp2hItxwjsB9NIN7GpVo3y-d1tKL08w0SCYBPRyDiAOxCDn2vc66PcM74H2cU1TDxPCmnctJgCfZbmUoXk7f0SgQ119oo6l8zLKDVF_1y8F3QznYS8WShdtaQrQWo3J1GcNgOrRI3UpPEz9jgxG6HOZTsnKulQecnx7g8oJSttbb7kNohzShgTBhgLHoEHdhE5WhDZDDySk1PvMtRTlWRaXuhQIiAJbxe4D44AW8y1Zok4h890YynsUWXVEDNjeETj5rQwjiPtmZadaTEMWA6UXJpsFi3H9Gdx2cB9Dp5VlEbXgrXcizSyXPQ_Qje9qNyuPeA9oZmeMs-bPkFohdamUyE1fDp6V_yHZl_vbAbs_p6QvCx22jRESh6khy3SglvrJMjB_BiyQCyoXkYHFFJQSXHUM5NeBgUByyJJnZ90SYtwRyjskxX6Ykh9ais1fQK8ELTsJkB5xGa6Xhh23_LJH9oFfZFyOqjIpXHIR7IYKeC3roZPHed-D8S0qzk70cl7trmlzKv6XNg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=6ec27eaf87a2833e9e1684bd5c0145f11714869528&psp=zIhXDA-hPA6L3dV5CXkGQuxTc_SAgMa1Ts_w9OSCiRF17HsqLAO0P0fj8SlGmKXoCmxrbsKJHqJDN1Vz0IhtO4CWS-hBuKOTdA5ZvDwnSTiPrshfu-isjUAPUJ4t5mV4_NINoUmPZYcuAiLaHz-vl--464j1lDTAcvIs57cIOS6DhfZQTECEGV94EHUpAgC0jVnJ3zWRRKf3IkyWqnUByNGhasknTF3nl4GDwzOhMi0mvaIyVw4M0Wcs4sFJZhG6VVj7kgNS1rjw2HvoJEbcHkcmRpZSWcjlv1kra-T-wGujC4bh5LRjbqUtPB62JLk4ymU0QpEyMOEpgMBvdBOrCwhpXfpeiovJ8T9vzi4Hpb06FaTyBgMLFgC2bLdUQ5XBljHm6_-PnSlboWPWBNZZgLNLXofuLtskG1L9pdvw0lcfK8V2qctbihloZk1veaHbpSL6OfsGhPycsyqGONnyziYzLkUoDTEGHtk_3NmkDeNfFFxmCrz0lhibwOCPme5Vde3w5h5noj_78RMK0_DhFDe7WNYKYHIjG8pgFALhgvwFyuVD8RLgKc7B0o3Eif7VjZGX9HWoZgsn1j3oAm_kkXi_oS8W8INlchy56pOR4bkfnUSDM319RyYCX_5CQRlEw00z_9kROgiMdmx-y5Q-ggpTBODRwqPUhq-VUgoM2Mbh8J3wJcNqJJcQnYPQvIygStKB1W1_8m5L6NYf_gGcFVikER9CBJLWa3sd8ly88Sj4tIoE_xR6lcscxbQycH290qAcsjjv5JgmQ8Pe3Ukv7PaSu4u-leaNos7QNUpxJ6cMi2eHSIcUD3ZgLTSKIoWx86w2Vjxgg-VEOHNOwBqMDo833082PYJXfCZlsunL3DD5rKK9Z2CIRExc585S0vU685NJ-dVZ_V665WFEbEB_tEAgksb9uM2byGZEZmCe0WPi-h4fVUu9ZrmQYdLCGRQ7ClzisMiTusdD4mIwEHtj_Dda0NBBsIpmCvTvZvWxszrSWn22LrMUPvtMJwAkZ0I4CHIKtjrlACGF5n5xoO2Dw52iDDK5qVyFyUTn7RwonE9rZbjxyiqDBxqxXZifgVjpQMMR7xZOT0XbL4-hDFqiKXiL7dpg1sYYh0o7V74KX0AIqBJejQJ7bqSPgtq-xGcaiJGYeKxNZN1EJl58ZN9YjFHCcOs-1V-j4IZjn8ihZznlsN0fhFvyRE1pO0wZ5A9DEc7bAmiJtZi1eCupJLcpv1CBoEdZUKXzChsyBdedoL490hrsoekSRFd79jh9likDClq4puh3Yovv-RXgBxBpNjq_xUKAO0yMV8Gu5nSAAq8UI-fB_Q9zy5SZ7xoGDRd4yXxkNe2P40c0-JK9tcU7viTqD8XHk4vkyvX2rOv-pUNjY8qeaUA2aMC6xb596EOWHW5BczMbOaCG4_gzzZYaEYwOSazmx71t5v3tgbmB5ezSt4LheVStEjFN4vKFg9ttqxq9yp1jTZRw7LRVdF5CzVB9-qYxTZixGWL9hX_jaItWxdqyuLW5DzSAyH_G4p0G2Dt1a6JuTH-kJKrc-aYjqedJFxFCC5fAHlGq6_NNfGLqwDyNipVnD8km2e6uJgXK3FWr1wgxyO1GLtUsdzUi7Ql4PevebopkY0QFIgzCwSPEgDA8kSYRAexC_Hdi5ZUr4GIdt783iZ-j-TmQmHmEmBg-iH_ih-utLWVxPlePjHUmYh8jwWAI6WUA3b-US5GOUTDd5OxIq5oigAzLU3mLCmPQK7ssfIAZHaAjJkVz47gE3Asiz1t1jkYgkXYAsRa4B8wF5ES4Fc8oPKDeK6OCQ0795SbNbKwa4X3Xsrmx-Nx4w2XFIJoCjF0xAG3PxM-QFB7m3mY1kymZ_Mzc5NTQf8yRx4myEKL7JSRzBdtF7x3GMh-jv7o1oJVONMJBi6bSsNgLgtqlh5HaltHgJmRHMZx1NCXuslgsO-S0YfZ4BaPy4eFOkfzuHULEkt6W2RPsZRxXP0Ruj2Z65jVVWtWjgsdkuloMwV-poFkvnCnPPcuW_BqEyFCuBYP--PTrANZqDLN6vLklGyoRxmn6H99APGGRKshi5ymKIhHw8ImKgNx3tjHB2kv5OT6m_dWJLHmvPnbdyKvFdy74KoRRuUXuPSD6YkVzrJGy8uNZ9gMDQh-nWTwDbOW_kdcv_SfZFp8xHecE_i_q9bD4Q0wTnFKaKVlMXcBEED0fnWsc6IjddkC4ytj5h5EYtWmXDU6KNZkULI8SYmF3WUstd8hzW89_4CqOg00bWwYovyZ71XIyWGYz85qiEDA8l6jekXzEYvodPIScvw9mxJ-F_IOPi8wlH41PaNGlRgfV4yYoc6cNj1tldtqWOG9MKZ79jAHTMVqha6i_rCrTvygaARkg4lWAGekU19RDiptr_GDmz4r4npKIImL--D1AfNZ-bUurFi-GO89yQkzMhAfu6Oxuc_wlbVhU8l1WjpHp311GvVIbpARgbt2pyEw9ahjaIZ5me-ubEXm3yUkXbc_hP9DSVhkMIe35hFtScGYQ_kgHjzNxQxWESowk4BTSNxkkOGjRGgv89nDQMskIn5YxyRCw5QfJi0_dCjE4mKDzx07Knk3A7kAyUIpPBoYM82W4XBFUkoHoLaVkuDLJjMfYls7AKf7ORFkEQn_wNx0AxVBx3VL7YZVLeJ10okSHszjg5NmtB88irCjbuU3Apy5j-KFgEzyynZ3gLMnrC479gtUF_GOISbRWskdOoQtOuMkaN_aex4K3ltfHrGA9086OAUPzTycUwdezdP9uOq4Bml-uNvsvQfzGDmFGFu1qDRtsVvF7b5rpZURHRtMUsZehmD694TVxLliYS8E626hTSfiVIeWJFNWrKWxqv2PmJH7F1xdJv59YouVwf9ui4oZwLmG0cZ22HRWwyBpubfPaAJAjFGMwgkp1Hx7p09rmuxg1elrwPVQZEXXu-DuDQLHgAA19tyNC6NxxxVo6ZJixnRGs_yWIazqZwGRVrSn7Hbl4MB0MDtuc-8mI90x8gSCkNhzZsrb5VwMusoqnp2iKCzfuSOL-fvH__WEgk8PT7aLXuQQcj9IpVVqgHstC5uyVY2evX7Jwp3-mW5ogbjDPPk4y9EAd-PAAGj5mFjKjgNu3LqqnCWPY-ubeG1yVHLZi1W9SpRxT60ESA5n5i9g2_Vi66r0j_F2aTI4Yw48y6z2dktLEFwLrIVyqYWRomqJstik4Yg4_TDqLz3SCGoKX3UrER5CckZ6UfM2wkWFj-kzR9dvFfyZScljXfFuodG0ueIIxjb8P6FHDfnLkzVR8IF6lNEGVaB7ZO7gg3YoOBFcPDUwL-oQUpMd0V1SF0lKQNpTwDZrfCF1wbqIN2dpm8zuYHiTOMwNSE_lQYq6osSD3xceO07gcPPksICP7vD3-eo_rNZWjgrDOcrJ0ddrC8KD5CLjRYo45L21YnMKTze6PuMa-iasNQTY7ncO3GHTxy11IG8p3VtXWe4ahvsmpeHOLj160caPQtmAzUNmcqgyLwhTyOkQGKOod1k6szSz6jdQxCTLND2K0dvbYFnRGhCezO9D5_so2K-8uyAemcZcdNlCthtMYkVACjXp2hItxwjsB9NIN7GpVo3y-d1tKL08w0SCYBPRyDiAOxCDn2vc66PcM74H2cU1TDxPCmnctJgCfZbmUoXk7f0SgQ119oo6l8zLKDVF_1y8F3QznYS8WShdtaQrQWo3J1GcNgOrRI3UpPEz9jgxG6HOZTsnKulQecnx7g8oJSttbb7kNohzShgTBhgLHoEHdhE5WhDZDDySk1PvMtRTlWRaXuhQIiAJbxe4D44AW8y1Zok4h890YynsUWXVEDNjeETj5rQwjiPtmZadaTEMWA6UXJpsFi3H9Gdx2cB9Dp5VlEbXgrXcizSyXPQ_Qje9qNyuPeA9oZmeMs-bPkFohdamUyE1fDp6V_yHZl_vbAbs_p6QvCx22jRESh6khy3SglvrJMjB_BiyQCyoXkYHFFJQSXHUM5NeBgUByyJJnZ90SYtwRyjskxX6Ykh9ais1fQK8ELTsJkB5xGa6Xhh23_LJH9oFfZFyOqjIpXHIR7IYKeC3roZPHed-D8S0qzk70cl7trmlzKv6XNg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208609961392128&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405041738c4f1d4f3133f49e1b1b1a32525
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:52 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Mon, 03 Jun 2024 22:38:52 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABmNq%2Fg; Path=/; Expires=Mon, 03 Jun 2024 22:38:52 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/chicken.gif?z=2025683&pb=c4fe6c9d7b3b2ec1809bed4f518731611714869529&psp=y1--HcoFHzCKQwxZfU38zA-yNbbxFdRZ3LCbnvJmX1hUs9dEBxJyehyaiKpTsjA89VLSinLjP_SZvZfvLLW5t4P0kYhP0qUaTHhPBw0Z0t8fpTd--W3OPId8x_xf9dOm1K1FB22FH238zGT_Z8WF0UlKrzu2fepl7Hofr7nspmZnaRTMByHljHhF22L-O5MtplS8K2PdaUeYDaVg041H-O0Q_i0ua82yeMn34jNypjeyDjPtDvi82lF1jHmXsPft8SQFgANe8EDlsxemcrP_8Ac3K9TF7WIs1_0h1SWdaBoXWegrvUjf02vNSh3dsWaiNAyKeOWxO6EwPJp07tgwisnmsdJDqQdw03JWHHmIPu01VMlXRwGOd8LTbR7CsIxW4XbjZAVBSrgX4Q4xWNgg_mK5WuzGKt1gNewcNXQFpno-INYWZM9UbQWigcAZ-KSetRY7cWDSojT0oGIJeMIJV5ZJM-XoqofjG0wa__-BTp2rMWk_5UJDer5U_3Jnle0tvWvRsgq5BOdtdyMRSCF0BjoXAQZBYurWQDTLCHIZp-BBa_BQ-z9FE97E9PUNPwAlRz6zO-BQo_XWlyxPNg_SIrMPQ_-wLsmqNRLStp1vMOc5X1oUS2lUfo1T7uboM_sr-8p5Ev9MSLYeg0Hw5fu_XNYZ1f1RX9E1PSzEedliR2Ii_jMmpNhvofxffyFWD-oVN6Ekr2ei6KLxMGJSI9eLYNzeUtWi8sbvGZCcWkLDWMA0bQ==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&_=0.8380125798262864 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2pyknrhm5c.com/chicken.gif?z=2025683&pb=c4fe6c9d7b3b2ec1809bed4f518731611714869529&psp=y1--HcoFHzCKQwxZfU38zA-yNbbxFdRZ3LCbnvJmX1hUs9dEBxJyehyaiKpTsjA89VLSinLjP_SZvZfvLLW5t4P0kYhP0qUaTHhPBw0Z0t8fpTd--W3OPId8x_xf9dOm1K1FB22FH238zGT_Z8WF0UlKrzu2fepl7Hofr7nspmZnaRTMByHljHhF22L-O5MtplS8K2PdaUeYDaVg041H-O0Q_i0ua82yeMn34jNypjeyDjPtDvi82lF1jHmXsPft8SQFgANe8EDlsxemcrP_8Ac3K9TF7WIs1_0h1SWdaBoXWegrvUjf02vNSh3dsWaiNAyKeOWxO6EwPJp07tgwisnmsdJDqQdw03JWHHmIPu01VMlXRwGOd8LTbR7CsIxW4XbjZAVBSrgX4Q4xWNgg_mK5WuzGKt1gNewcNXQFpno-INYWZM9UbQWigcAZ-KSetRY7cWDSojT0oGIJeMIJV5ZJM-XoqofjG0wa__-BTp2rMWk_5UJDer5U_3Jnle0tvWvRsgq5BOdtdyMRSCF0BjoXAQZBYurWQDTLCHIZp-BBa_BQ-z9FE97E9PUNPwAlRz6zO-BQo_XWlyxPNg_SIrMPQ_-wLsmqNRLStp1vMOc5X1oUS2lUfo1T7uboM_sr-8p5Ev9MSLYeg0Hw5fu_XNYZ1f1RX9E1PSzEedliR2Ii_jMmpNhvofxffyFWD-oVN6Ekr2ei6KLxMGJSI9eLYNzeUtWi8sbvGZCcWkLDWMA0bQ==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&_=0.8380125798262864 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2025683&pb=c4fe6c9d7b3b2ec1809bed4f518731611714869529&psp=y1--HcoFHzCKQwxZfU38zA-yNbbxFdRZ3LCbnvJmX1hUs9dEBxJyehyaiKpTsjA89VLSinLjP_SZvZfvLLW5t4P0kYhP0qUaTHhPBw0Z0t8fpTd--W3OPId8x_xf9dOm1K1FB22FH238zGT_Z8WF0UlKrzu2fepl7Hofr7nspmZnaRTMByHljHhF22L-O5MtplS8K2PdaUeYDaVg041H-O0Q_i0ua82yeMn34jNypjeyDjPtDvi82lF1jHmXsPft8SQFgANe8EDlsxemcrP_8Ac3K9TF7WIs1_0h1SWdaBoXWegrvUjf02vNSh3dsWaiNAyKeOWxO6EwPJp07tgwisnmsdJDqQdw03JWHHmIPu01VMlXRwGOd8LTbR7CsIxW4XbjZAVBSrgX4Q4xWNgg_mK5WuzGKt1gNewcNXQFpno-INYWZM9UbQWigcAZ-KSetRY7cWDSojT0oGIJeMIJV5ZJM-XoqofjG0wa__-BTp2rMWk_5UJDer5U_3Jnle0tvWvRsgq5BOdtdyMRSCF0BjoXAQZBYurWQDTLCHIZp-BBa_BQ-z9FE97E9PUNPwAlRz6zO-BQo_XWlyxPNg_SIrMPQ_-wLsmqNRLStp1vMOc5X1oUS2lUfo1T7uboM_sr-8p5Ev9MSLYeg0Hw5fu_XNYZ1f1RX9E1PSzEedliR2Ii_jMmpNhvofxffyFWD-oVN6Ekr2ei6KLxMGJSI9eLYNzeUtWi8sbvGZCcWkLDWMA0bQ==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&_=0.8380125798262864 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405041738d0ec3b7a5d1441e09512bf86b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=db242caa-7083-4ab6-b0bd-fa365151ca82&subid=1511354673&sid=979707475&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=db242caa-7083-4ab6-b0bd-fa365151ca82&subid=1511354673&sid=979707475&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=db242caa-7083-4ab6-b0bd-fa365151ca82&subid=1511354673&sid=979707475&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:55 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans | 142.250.74.106 | 200 OK | 1.5 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1572) Hashc840a8efa9639ba51ffff865a6d5b3ed 00c77da03ddcfa49cc08a7229ba8fa3f9afccc38 c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:54 GMT
date: Sat, 04 May 2024 22:38:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 4.4 kB |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hasha11ccbaf0aa53e88f69f2881e97b49c2 318a181b7023a1cfa7a444967b1ae5afa0e57dd3 76f0c6ef286c13c651ea4e888ed4c23d93865a87a436379cdbd9cda080dd1041
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 22:38:51 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvCwdsXj%2B%2F9UfKDVxi9z8gwrZIPCszDacQfKFYA7rNVJsamusy9aUvBS2uegEH%2B%2BXHAweGQXGLZhzUGKE%2FsH%2FHkaPepPWZI7rZFe9F6tXSzWNBTiTlgW0bjDJ66D9773CyqwwBcW4EH6nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbc2489ab4ed-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/multy | 168.119.25.102 | 204 No Content | 4.3 kB |
URL OPTIONS HTTP/25d39fe7c75.2ac4fce9b8.com/in/multy IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hasha3539d4f9272d0287afb62166666d3b7 1e7e8fb534c4c7b79623bef95da3a49c42f35a70 d6a6dd0a5635e5b385d1513fb89e15b7b04c64ec3433785849c8ad44c7c9bcab
POST /in/multy HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2381
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 22:38:55 GMT
content-type: application/json
content-length: 4275
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=2344fefe-1bfd-49bd-a40a-db92fed0ec74&prev_step_diff=661 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=2344fefe-1bfd-49bd-a40a-db92fed0ec74&prev_step_diff=661 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=2344fefe-1bfd-49bd-a40a-db92fed0ec74&prev_step_diff=661 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:56 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 22:38:56 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:56 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 22:38:56 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=3fNFxGcThDZSzOD7YxgqPQNRwS5qlIgIZ2XxCaRXwho3LyYnTFFZ1PFwFKhlrARGJJWcFRB5_xcVq7erM35C0r-td293Rp6QzUmuWC_Gxoaszog-SvZfpK3G5wqa4pIEGohuQUaL2SYYD0E4NCODab0f-N8ygF0vgSzuuDlPKCzL0zIngA&ext_cid=0&px_id=529500&min_cpm=0.035407381907124155&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.013331582460933229&cpm=0&verify_hash=cde4062abc404b205c62b69cd27d75ba&is_native=4&real_bid=0.0010347304162459084&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3558ea11-5912-4e17-9568-a5f9808b6187&prev_step_diff=661 | 168.119.25.102 | 200 OK | 0 B |
URL GET HTTP/25d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=3fNFxGcThDZSzOD7YxgqPQNRwS5qlIgIZ2XxCaRXwho3LyYnTFFZ1PFwFKhlrARGJJWcFRB5_xcVq7erM35C0r-td293Rp6QzUmuWC_Gxoaszog-SvZfpK3G5wqa4pIEGohuQUaL2SYYD0E4NCODab0f-N8ygF0vgSzuuDlPKCzL0zIngA&ext_cid=0&px_id=529500&min_cpm=0.035407381907124155&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.013331582460933229&cpm=0&verify_hash=cde4062abc404b205c62b69cd27d75ba&is_native=4&real_bid=0.0010347304162459084&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3558ea11-5912-4e17-9568-a5f9808b6187&prev_step_diff=661 IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&icons=3fNFxGcThDZSzOD7YxgqPQNRwS5qlIgIZ2XxCaRXwho3LyYnTFFZ1PFwFKhlrARGJJWcFRB5_xcVq7erM35C0r-td293Rp6QzUmuWC_Gxoaszog-SvZfpK3G5wqa4pIEGohuQUaL2SYYD0E4NCODab0f-N8ygF0vgSzuuDlPKCzL0zIngA&ext_cid=0&px_id=529500&min_cpm=0.035407381907124155&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.013331582460933229&cpm=0&verify_hash=cde4062abc404b205c62b69cd27d75ba&is_native=4&real_bid=0.0010347304162459084&original_bid_usd=0.0027481429999999998&original_bid=0.0027481429999999998&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027481429999999998&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027481429999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3558ea11-5912-4e17-9568-a5f9808b6187&prev_step_diff=661 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 22:38:56 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DN2Lm2YqutTSy9l215ckWAOFGJ23bp9Gc6HzejzYfaSBNbfuiilkxuXdmVYZzW9XCKNoBSwNoHHEh6N_82lZN90M0u9fQRewtH4IJMe4fcvWjvq6jtO3xlvGnw8nDm4xZ5rf8AEt6GfDI9aGwU0Sm9XLQ-X6R3Ov0yOCT1mUtwZX_xe14NvPx1TIhn_C7tztgU3SCkWoMDEDGg_BWWIoUrUgb0BRj_EFO2kmSaiaKZHhpnYagHTP6StxmPt3zFHCoKoWrYuANpGqfAPtJSmfpHJ06a57Iax3JgvEeZsf6MmGr-_R81zL1dCY0uPeSoNUYgLjz1oieUuxZhIBKCdv737ExelTfrPRGGWoRyY4PfGpJpbXzxvml78RzMbvDWdeGm2DgluGBJuedbjn8DaNE__XfSfHWe_WmoEWQ95WEASnL6xd4drSruqv33qkUiQYcMh9V0_lctD8_QSmWR0XyIl_ifevd6CVMeHUg39vj8tfB9r-oZH1gKSQKnsR4hMxVvfaz_Fy8cOkR-s5p8HFkWDhXDPiUzD68zLx5Sc0nftl5AE0-hKIoWrVlMJGUzoz8_caz9WY%3D&icons=aKiYceNEvjQy5xQfEA5hLjwrd0CilcRcSBUemHhZbeaa3iSWtWe9R1uj-xUhYptNvvBC2znDk-XYhWAfTVVZC522Gkk6BFBtHGDq0-k7Dd3wptz8AOUxPmXmqxGS6wAyY3oUfkg6ha09jIgaR9JI1ZTBiU1VqZwqVs-wJpPJ10VCRNg9NrISDeQ_K2S6CskWedEhHdNAs6zcrfvtLwjE3WHxBWQ5d5U6ogtsstQXhJcjdWhRlVfYj73zP7EhlKGjPP2IiMlFLBV85xVJSO6pIU0vA8utArCSytYY0ffFz7c5bZBreYvI0TiC7_lXg5R2lao_ealDxWCBcDThXemNJyfs7vggPN-R-5YgiTIzvJhZiFd-14zC61Z5oI52IQ9LScA76gM49OPwo4k11aQXh-87-HmOuQvvX0LoFGcuuWfFngQ5hf4aPNUN_U3I7r6WQ845NYAh_yosAF9Y1_ixip01_BWQPAI7VFVDvJLQx_sIldbmlEs3kOtK1IeKHN24V4m_3NOJx8pPoRtgOVs_VxWeBhITx_Muj-DEEkDBJQGbdZvgXwKWimaRVuaN3KO8H7PzvbujHWe8Rx4uLAbOZ9SgISNEXrsMw1V8l7Zd6axJh5i8M74Ai3dEXWJnrxpDmMaKkSwdOnCW1VusE6F7rXrUesMjcGBiy7_hjrOYPc685lwimtEYP6qCQXBHCvbnFg&ext_cid=0&px_id=31529500&min_cpm=0.05728262856033143&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.06646409029828809&cpm=0&verify_hash=28127bacb7b8dfeff891813cff20d099&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93,81&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714919935&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F36870469%2F551816_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=b905ebdc-65ad-44b1-84c8-e9f73c9150c4&prev_step_diff=661 | 168.119.25.102 | 200 OK | 0 B |
URL GET HTTP/25d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DN2Lm2YqutTSy9l215ckWAOFGJ23bp9Gc6HzejzYfaSBNbfuiilkxuXdmVYZzW9XCKNoBSwNoHHEh6N_82lZN90M0u9fQRewtH4IJMe4fcvWjvq6jtO3xlvGnw8nDm4xZ5rf8AEt6GfDI9aGwU0Sm9XLQ-X6R3Ov0yOCT1mUtwZX_xe14NvPx1TIhn_C7tztgU3SCkWoMDEDGg_BWWIoUrUgb0BRj_EFO2kmSaiaKZHhpnYagHTP6StxmPt3zFHCoKoWrYuANpGqfAPtJSmfpHJ06a57Iax3JgvEeZsf6MmGr-_R81zL1dCY0uPeSoNUYgLjz1oieUuxZhIBKCdv737ExelTfrPRGGWoRyY4PfGpJpbXzxvml78RzMbvDWdeGm2DgluGBJuedbjn8DaNE__XfSfHWe_WmoEWQ95WEASnL6xd4drSruqv33qkUiQYcMh9V0_lctD8_QSmWR0XyIl_ifevd6CVMeHUg39vj8tfB9r-oZH1gKSQKnsR4hMxVvfaz_Fy8cOkR-s5p8HFkWDhXDPiUzD68zLx5Sc0nftl5AE0-hKIoWrVlMJGUzoz8_caz9WY%3D&icons=aKiYceNEvjQy5xQfEA5hLjwrd0CilcRcSBUemHhZbeaa3iSWtWe9R1uj-xUhYptNvvBC2znDk-XYhWAfTVVZC522Gkk6BFBtHGDq0-k7Dd3wptz8AOUxPmXmqxGS6wAyY3oUfkg6ha09jIgaR9JI1ZTBiU1VqZwqVs-wJpPJ10VCRNg9NrISDeQ_K2S6CskWedEhHdNAs6zcrfvtLwjE3WHxBWQ5d5U6ogtsstQXhJcjdWhRlVfYj73zP7EhlKGjPP2IiMlFLBV85xVJSO6pIU0vA8utArCSytYY0ffFz7c5bZBreYvI0TiC7_lXg5R2lao_ealDxWCBcDThXemNJyfs7vggPN-R-5YgiTIzvJhZiFd-14zC61Z5oI52IQ9LScA76gM49OPwo4k11aQXh-87-HmOuQvvX0LoFGcuuWfFngQ5hf4aPNUN_U3I7r6WQ845NYAh_yosAF9Y1_ixip01_BWQPAI7VFVDvJLQx_sIldbmlEs3kOtK1IeKHN24V4m_3NOJx8pPoRtgOVs_VxWeBhITx_Muj-DEEkDBJQGbdZvgXwKWimaRVuaN3KO8H7PzvbujHWe8Rx4uLAbOZ9SgISNEXrsMw1V8l7Zd6axJh5i8M74Ai3dEXWJnrxpDmMaKkSwdOnCW1VusE6F7rXrUesMjcGBiy7_hjrOYPc685lwimtEYP6qCQXBHCvbnFg&ext_cid=0&px_id=31529500&min_cpm=0.05728262856033143&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.06646409029828809&cpm=0&verify_hash=28127bacb7b8dfeff891813cff20d099&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93,81&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714919935&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F36870469%2F551816_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=b905ebdc-65ad-44b1-84c8-e9f73c9150c4&prev_step_diff=661 IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&refdom=www.amdahost.com&auction_time=1714862335&subid=1511354673&sid=979707475&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Df86bdb2db9%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DN2Lm2YqutTSy9l215ckWAOFGJ23bp9Gc6HzejzYfaSBNbfuiilkxuXdmVYZzW9XCKNoBSwNoHHEh6N_82lZN90M0u9fQRewtH4IJMe4fcvWjvq6jtO3xlvGnw8nDm4xZ5rf8AEt6GfDI9aGwU0Sm9XLQ-X6R3Ov0yOCT1mUtwZX_xe14NvPx1TIhn_C7tztgU3SCkWoMDEDGg_BWWIoUrUgb0BRj_EFO2kmSaiaKZHhpnYagHTP6StxmPt3zFHCoKoWrYuANpGqfAPtJSmfpHJ06a57Iax3JgvEeZsf6MmGr-_R81zL1dCY0uPeSoNUYgLjz1oieUuxZhIBKCdv737ExelTfrPRGGWoRyY4PfGpJpbXzxvml78RzMbvDWdeGm2DgluGBJuedbjn8DaNE__XfSfHWe_WmoEWQ95WEASnL6xd4drSruqv33qkUiQYcMh9V0_lctD8_QSmWR0XyIl_ifevd6CVMeHUg39vj8tfB9r-oZH1gKSQKnsR4hMxVvfaz_Fy8cOkR-s5p8HFkWDhXDPiUzD68zLx5Sc0nftl5AE0-hKIoWrVlMJGUzoz8_caz9WY%3D&icons=aKiYceNEvjQy5xQfEA5hLjwrd0CilcRcSBUemHhZbeaa3iSWtWe9R1uj-xUhYptNvvBC2znDk-XYhWAfTVVZC522Gkk6BFBtHGDq0-k7Dd3wptz8AOUxPmXmqxGS6wAyY3oUfkg6ha09jIgaR9JI1ZTBiU1VqZwqVs-wJpPJ10VCRNg9NrISDeQ_K2S6CskWedEhHdNAs6zcrfvtLwjE3WHxBWQ5d5U6ogtsstQXhJcjdWhRlVfYj73zP7EhlKGjPP2IiMlFLBV85xVJSO6pIU0vA8utArCSytYY0ffFz7c5bZBreYvI0TiC7_lXg5R2lao_ealDxWCBcDThXemNJyfs7vggPN-R-5YgiTIzvJhZiFd-14zC61Z5oI52IQ9LScA76gM49OPwo4k11aQXh-87-HmOuQvvX0LoFGcuuWfFngQ5hf4aPNUN_U3I7r6WQ845NYAh_yosAF9Y1_ixip01_BWQPAI7VFVDvJLQx_sIldbmlEs3kOtK1IeKHN24V4m_3NOJx8pPoRtgOVs_VxWeBhITx_Muj-DEEkDBJQGbdZvgXwKWimaRVuaN3KO8H7PzvbujHWe8Rx4uLAbOZ9SgISNEXrsMw1V8l7Zd6axJh5i8M74Ai3dEXWJnrxpDmMaKkSwdOnCW1VusE6F7rXrUesMjcGBiy7_hjrOYPc685lwimtEYP6qCQXBHCvbnFg&ext_cid=0&px_id=31529500&min_cpm=0.05728262856033143&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8154056337798296448&skin_id=2&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.06646409029828809&cpm=0&verify_hash=28127bacb7b8dfeff891813cff20d099&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93,81&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714919935&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F36870469%2F551816_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=b905ebdc-65ad-44b1-84c8-e9f73c9150c4&prev_step_diff=661 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 22:38:56 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| imgsdn.com/ie?v=4&c=To0aV43KlmdFBLZHOxEuYTBgouhKOQ9MwPKmVgDayrCa6SQ7vHUtg_rpwoATGdmJVc1naxN6qbmsFlBR2u_Cly6kUwmwQw0fjPiy1mmpToMYJnvWzYISE9aiSg3piRnm9MHW4KPIRyOWLdy-9RdNYg9Byur3VH3J0hKVWgx35eVqf62M2P7Z19-zHkr8cyP6FtedHdafKy1i3-6jnD-QnsM4TsPZOhYnVeSKfjZai0b3v54uh4T4EriCRt0UsLVNu8TcW6dR0XF0zDTtRBo5N-LkQC_A6c8fuyItd9COsxhp7FYvOc3V17HzNyL9SpwUtV6oPSkU5JnQfBvgwKHm5TF_yoYEnmJoMqT7ok70uEOtAWTPxSKYprLjtcx3VlFC0CHbNn9h_C3dDs9q5gNMdF0cp9408-1LEcZHFB4Wf3PGhNLMQxAY32YJhq1d&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=7fc80cf7-a5c1-40ef-bfc8-e58386ecf8fb&prev_step_diff=661 | 138.201.194.90 | 301 Moved Permanently | 0 B |
URL GET HTTP/1.1imgsdn.com/ie?v=4&c=To0aV43KlmdFBLZHOxEuYTBgouhKOQ9MwPKmVgDayrCa6SQ7vHUtg_rpwoATGdmJVc1naxN6qbmsFlBR2u_Cly6kUwmwQw0fjPiy1mmpToMYJnvWzYISE9aiSg3piRnm9MHW4KPIRyOWLdy-9RdNYg9Byur3VH3J0hKVWgx35eVqf62M2P7Z19-zHkr8cyP6FtedHdafKy1i3-6jnD-QnsM4TsPZOhYnVeSKfjZai0b3v54uh4T4EriCRt0UsLVNu8TcW6dR0XF0zDTtRBo5N-LkQC_A6c8fuyItd9COsxhp7FYvOc3V17HzNyL9SpwUtV6oPSkU5JnQfBvgwKHm5TF_yoYEnmJoMqT7ok70uEOtAWTPxSKYprLjtcx3VlFC0CHbNn9h_C3dDs9q5gNMdF0cp9408-1LEcZHFB4Wf3PGhNLMQxAY32YJhq1d&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=7fc80cf7-a5c1-40ef-bfc8-e58386ecf8fb&prev_step_diff=661 IP138.201.194.90:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnimrute.com FingerprintFE:11:FD:FB:69:FC:E9:22:01:AE:4B:9D:F5:85:C9:1C:FF:4D:44:D4 ValidityMon, 12 Feb 2024 14:13:04 GMT - Sun, 12 May 2024 14:13:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=To0aV43KlmdFBLZHOxEuYTBgouhKOQ9MwPKmVgDayrCa6SQ7vHUtg_rpwoATGdmJVc1naxN6qbmsFlBR2u_Cly6kUwmwQw0fjPiy1mmpToMYJnvWzYISE9aiSg3piRnm9MHW4KPIRyOWLdy-9RdNYg9Byur3VH3J0hKVWgx35eVqf62M2P7Z19-zHkr8cyP6FtedHdafKy1i3-6jnD-QnsM4TsPZOhYnVeSKfjZai0b3v54uh4T4EriCRt0UsLVNu8TcW6dR0XF0zDTtRBo5N-LkQC_A6c8fuyItd9COsxhp7FYvOc3V17HzNyL9SpwUtV6oPSkU5JnQfBvgwKHm5TF_yoYEnmJoMqT7ok70uEOtAWTPxSKYprLjtcx3VlFC0CHbNn9h_C3dDs9q5gNMdF0cp9408-1LEcZHFB4Wf3PGhNLMQxAY32YJhq1d&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=7fc80cf7-a5c1-40ef-bfc8-e58386ecf8fb&prev_step_diff=661 HTTP/1.1
Host: imgsdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Sat, 04 May 2024 22:38:55 GMT
content-length: 0
location: https://img.vmmcdn.com/get/19802132/551816_icon.png
x-app-id: 14
|
|
| img.vmmcdn.com/get/36870469/551816_image.jpg | 138.201.51.142 | 200 OK | 12 kB |
URL GET HTTP/1.1img.vmmcdn.com/get/36870469/551816_image.jpg IP138.201.51.142:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com FingerprintA8:37:00:E2:01:F9:B8:25:04:DA:47:64:57:0E:0B:64:E3:8A:0B:C7 ValidityFri, 12 Apr 2024 20:58:24 GMT - Thu, 11 Jul 2024 20:58:23 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3 Hashee921bcd225785444d8ab128ca1d0941 e92f5588c738df6912e3658d883aeb66b486560b 4da4a312766a4b2e3cb69b5d7188a4b073e757ae350687ac22b3dfa81fccf15c
GET /get/36870469/551816_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 May 2024 22:38:56 GMT
Content-Type: image/jpeg
Content-Length: 12075
Connection: keep-alive
Last-Modified: Wed, 27 Mar 2024 08:33:26 GMT
Cache-Control: public, max-age=604800
ETag: "6603d9d6-2f2b"
X-Proxy-Cache: HIT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Request-Headers: x-requested-with
Access-Control-Allow-Headers: x-requested-with
Accept-Ranges: bytes
|
|
| img.vmmcdn.com/get/19802132/551816_icon.png | 138.201.51.142 | 200 OK | 23 kB |
URL GET HTTP/1.1img.vmmcdn.com/get/19802132/551816_icon.png IP138.201.51.142:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com FingerprintA8:37:00:E2:01:F9:B8:25:04:DA:47:64:57:0E:0B:64:E3:8A:0B:C7 ValidityFri, 12 Apr 2024 20:58:24 GMT - Thu, 11 Jul 2024 20:58:23 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash4d5759f010e127f070785e4925447047 22919607ad63be452b8a5aa4324a7d1c2855b074 6d1b78db1808b279554f122373ff2fd4e448313c41d199d92a929e31d2825931
GET /get/19802132/551816_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 May 2024 22:38:56 GMT
Content-Type: image/png
Content-Length: 23172
Connection: keep-alive
Last-Modified: Wed, 27 Mar 2024 08:33:26 GMT
Cache-Control: public, max-age=604800
ETag: "6603d9d6-5a84"
X-Proxy-Cache: HIT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Request-Headers: x-requested-with
Access-Control-Allow-Headers: x-requested-with
Accept-Ranges: bytes
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 492
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Sat, 04 May 2024 22:39:13 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87ebfc4d3acb712a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.80.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.80.73:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19189), with no line terminators Hash4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbad88cab4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/161855?version_name=c | 45.133.44.53 | 200 OK | 3.0 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/161855?version_name=c IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3443), with no line terminators Hash539c3474e240aacb5a461d2e54d5991b 480a1ee3a1b9d9d8be4df0fd585dde70505a869e 402b709d153292680ed433ef6e7fb637ede41d83c2a8054291dd7f369811dfeb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /22802538876b351854c895125b33cfd1/161855?version_name=c HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sat, 04 May 2024 22:43:49 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/jiBPDIwzPArkZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKlu7uKcwkfTrVOmbCzIzjTvyOkvVcyxSaV9w?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2022%3A38%3A48%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 | 88.208.22.3 | 200 OK | 1.5 kB |
URL GET HTTP/232879.2481april2024.com/jiBPDIwzPArkZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKlu7uKcwkfTrVOmbCzIzjTvyOkvVcyxSaV9w?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2022%3A38%3A48%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 IP88.208.22.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeASCII text, with very long lines (1489), with no line terminators Hashd211c5ed4a87f08b48bf7f7fc6b28b15 4f8597f124fd17ac9f4f7dfa2f957c635ad925ca 1e55b21914ffeb04e9afb2ac393829b1c56dd7400c244aa21e51138ec44f7015
GET /jiBPDIwzPArkZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKlu7uKcwkfTrVOmbCzIzjTvyOkvVcyxSaV9w?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Df86bdb2db9&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2022%3A38%3A48%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:51 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Sat, 04 May 2024 22:38:51 UTC
expires: Sat, 04 May 2024 22:38:51 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png | 172.67.25.161 | 200 OK | 43 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png IP172.67.25.161:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Hashbec3572ed077c92240ef0dd7dc17231d e278cd647e65b5f04ba1d582d05f76d5dfafd125 eb304641419d09e779018fe3bf31596d3ed3ad0d4ab05c716ce626152aa417ec
GET /pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: image/webp
content-length: 42912
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=66221
content-disposition: inline; filename="082d6d41f9bd3220a660f2a4108986b2b367f0e4.webp"
etag: 20c64ca88091db62ea69001a7382f005
expires: Sun, 05 May 2024 21:59:26 GMT
last-modified: Mon, 23 Dec 2019 08:43:03 GMT
vary: Accept
x-openstack-request-id: tx9d94ab9f187b4137bb135-0061b079d0
x-proxy-cache: HIT
x-timestamp: 1577090582.49776
x-trans-id: tx9d94ab9f187b4137bb135-0061b079d0
cf-cache-status: HIT
age: 88764
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ebfbb65b17b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.98 | 200 OK | 0 B |
URL HEAD HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.98:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Sat, 04 May 2024 22:38:50 GMT
expires: Sat, 04 May 2024 22:38:50 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 1961270074205215145
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.mbidinp.com/npc/sdk/wpu/npush.m.js | 45.133.44.53 | 200 OK | 169 kB |
URL GET HTTP/2js.mbidinp.com/npc/sdk/wpu/npush.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/ | 104.22.21.144 | 302 Found | 366 kB |
IP104.22.21.144:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size366 kB (365681 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 22:38:47 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::4cswk-1714861931140-791e9582e972
cf-cache-status: HIT
age: 9
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbad08ec56bf-OSL
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4 | 104.21.40.89 | 206 Partial Content | 1.9 MB |
URL GET HTTP/3www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size1.9 MB (1851966 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/1714713599_dbc1610a8469486c.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Sat, 04 May 2024 22:38:48 GMT
content-type: video/mp4
content-length: 189123842
last-modified: Fri, 03 May 2024 05:25:37 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-189123841/189123842
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2BJ21cFGv8fMgNKl0oh44lv4e3GbHd%2BG6S0XxAU5BfqPhum%2FMwEMC5LRH1J2Ox0Pehe%2Fp%2FaTpv8C9ElDKumPmXkdnS%2Bi9xhXqTimvGfvEALGyXj6C9KMN1tLuhiPo0ys7ba4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb2db91712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.mbidtg.com/tags/179977?version_name=c | 45.133.44.25 | 200 OK | 2.8 kB |
URL GET HTTP/2bid.mbidtg.com/tags/179977?version_name=c IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectbid.mbidtg.com Fingerprint62:EA:1B:EE:02:E5:88:CC:26:72:9B:BA:BF:B3:B6:2B:67:14:74:67 ValidityWed, 01 May 2024 03:00:45 GMT - Tue, 30 Jul 2024 03:00:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3188), with no line terminators Hashe46f947075e1eaff4765d646793d013d 7173f9a61abbfc9c8800bb98a31f9a39ae377cfe 3cf6c174f21fc37a4aa615d0620938cd6dd5f1983239b4137f6a7ea87093d513
GET /tags/179977?version_name=c HTTP/1.1
Host: bid.mbidtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.106 | 200 OK | 799 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (817), with no line terminators Hashc493231efba2219e3348f16e938d7380 95b2c3d6221a58cbd7e96f2c05c40d03f53fb16c ff65de3252fffb1650fca0c23a1a87351bf5b2385dc11e35e19b94c3495e4cf0
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 4.3 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4309), with no line terminators Hash10d5bcd3eb5da6b4c019d477db438d79 bc4add93889d4091f829e66a38bce503dd828015 d05e8f8facf25a910cfccb803fdd050876afcf261e9cd91afbd587ba51611c85
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1401
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 04 May 2024 22:38:52 GMT
content-type: application/json
content-length: 4293
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx4ePO-1raIkJ7Rz-okgdVSkoQcFw08d0gafMW0uPBVIS40mg3Ure9OTsTNl25Rak__FAj3&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962556525%3A1714862331123026&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx4ePO-1raIkJ7Rz-okgdVSkoQcFw08d0gafMW0uPBVIS40mg3Ure9OTsTNl25Rak__FAj3&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962556525%3A1714862331123026&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx4ePO-1raIkJ7Rz-okgdVSkoQcFw08d0gafMW0uPBVIS40mg3Ure9OTsTNl25Rak__FAj3&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962556525%3A1714862331123026&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 22:38:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-Q-dEKwAKeROoDTXEZpLdgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| js.mbidadm.com/static/scripts.js | 45.133.44.53 | 200 OK | 1.7 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1884), with no line terminators Hash920f349834adf2faa94a7c6047814e52 34557304112fe9d61f23b8f89ceead6db43b98d4 2ddd6ffb00a0971092562d2c424678425e8496d315e38967a4ca2e26fdcfeafc
GET /static/scripts.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:48 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:14 GMT
etag: W/"6627832a-6c4"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:48 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/get/2025683?p=2025683&jp=_clp5dlb5ub5d92uhcrpe8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 12 kB |
URL GET HTTP/2pyknrhm5c.com/get/2025683?p=2025683&jp=_clp5dlb5ub5d92uhcrpe8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeASCII text, with very long lines (11665), with no line terminators Hash61caeae1ff311d0db2f9d55b25767b14 143af8c9295612430c792dba787a1a5340abd3e0 e37bde38e34399b0682e4d5d57977238f33dd151a5ac4f621498270ef2ff4801
GET /get/2025683?p=2025683&jp=_clp5dlb5ub5d92uhcrpe8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675335171063296&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 22:38:49 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 22:38:49 GMT; Secure; SameSite=None
UID=2405041738d0ec3b7a5d1441e09512bf86b2; Path=/; Expires=Sat, 07 Jun 2025 22:38:49 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.14 | 200 OK | 19 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeSVG Scalable Vector Graphics image Hash805524b1fa0e091076d7afbf68e31133 ab696de0e85a7ce728cbe9b4131f5f4d528fb788 ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3ZwwAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: c0a4cc28cf26a6a3f8b836666bd9162c
x-accel-expires: @1714945553
x-accel-date: 1714859153
x-77-cache: HIT
x-77-age: 3175
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 3175
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67 ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:A0S8TDN8SbVDHYtscP1Grlcsd4jR6A:kMWkdBHXZaWA6kRO; Expires=Mon, 04-May-2026 22:38:51 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 22:38:51 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzVq30OKTNNS_Se3b2z0bwrospjUNmVIZE4TbgNKcUOLCeg3XA4eAd_W0bhOCKNObJ8Tu7S
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-6Vgh44LBYGsHrL8MES7Umg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
Size109 kB (109340 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0ae085698cad0960a86703ca969164ab.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:49 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/b736a0aa40f2bd510763079b8249450f.js | 45.133.44.53 | 200 OK | 169 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/b736a0aa40f2bd510763079b8249450f.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /b736a0aa40f2bd510763079b8249450f.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4 | 104.21.40.89 | 206 Partial Content | 1.8 MB |
URL GET HTTP/3www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size1.8 MB (1756418 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/1714713599_dbc1610a8469486c.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=187367424-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Sat, 04 May 2024 22:38:49 GMT
content-type: video/mp4
content-length: 1756418
last-modified: Fri, 03 May 2024 05:25:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
content-range: bytes 187367424-189123841/189123842
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQug4LRvy6Mgt1Hym8og6zA19Q32npPuwvKLQHn6GNX3LILNNBfW7rFUhHcthOJqI9%2FdCoNkFWpKJt1aSV2bejctwI9HIjq0%2FsHeqehuTg2Y2GCY0YJ1%2F7KGe0b9A%2Fd%2B%2B2H9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb5ee0a712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 4.3 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4321), with no line terminators Hash37ba19a594cb32d94b9baeda9e2a436e 1c14eaeae98628903f44e893cbb801b80300316b 1ca46f4642a05e429d1a36bb18eae3429b837a80c0772a0ac05d019d7c5b81e8
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1402
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 04 May 2024 22:38:52 GMT
content-type: application/json
content-length: 4305
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.106 | 200 OK | 819 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (837), with no line terminators Hashfa0b91b21b81c25b4d2bb89c6d9d84fb 1788d71d75cf429352999edca5573800814aba3f 5385a711b1675e90eb76b002d80f1c53e71449889caf26b5ee6ec34f3df23fa7
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mbddip.com/in/dip?site=native-push&wl=1&event_id=020c8d99-f952-408e-a3c8-818afed58fbf&subid=1211831614&sid=2414309017&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2mbddip.com/in/dip?site=native-push&wl=1&event_id=020c8d99-f952-408e-a3c8-818afed58fbf&subid=1211831614&sid=2414309017&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=020c8d99-f952-408e-a3c8-818afed58fbf&subid=1211831614&sid=2414309017&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: mbddip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 22:38:50 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/watch.php?id=f86bdb2db9 | 104.21.40.89 | 200 OK | 12 kB |
URL User Request GET HTTP/2www.amdahost.com/watch.php?id=f86bdb2db9 IP104.21.40.89:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeHTML document, ASCII text, with very long lines (6442), with CRLF, LF line terminators Hash44cbbcb3c17b4459520d661dce4e194a 8a55538a8be86175209ef55e52d317dbb46619d5 a523b145c0674db44874a7afebcdf5d862598268110414e54d66bb940de59f64
GET /watch.php?id=f86bdb2db9 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; path=/; domain=.amdahost.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8E0Z8YAgzEoY9nqBz%2FMPSvh9Sp%2BGo3fAcwYNW8TFI6zKwNbgyxGI2Ltzj7eMOpApXAHp83%2BZFaLTUWtsS9Js8ilSuIvYKRHq9f4gpatqU7%2B2WRpFdzbxn8I7Blp6MA%2BZjjZk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfba90c7156be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1825), with no line terminators Hash785af4cad14c8087afd0b4ca069742ba b81dc83d9ec505a925e3da6bac340491a13460af dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:47 GMT
date: Sat, 04 May 2024 22:38:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.106 | 200 OK | 789 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (807), with no line terminators Hash6f717af0e726a10479b7e8bed93e5142 a115121febff939512aba08376c87856e8eb7d81 3f2d568b6fb6321a2e59f992275a60a22c904f5e8d84b7c6e43b1bb702ae86db
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4 | 104.21.40.89 | 206 Partial Content | 1.3 MB |
URL GET HTTP/3www.amdahost.com/videos/1714713599_dbc1610a8469486c.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size1.3 MB (1322589 bytes) Hashae545fc8df08a64af7672ce65fecb19c d476978190cac477f87c69de27b8759b05afa1df ca98385488433e4884d1b640c51bce74a94929df41b8c352dca9888f1e6c2cb5
GET /videos/1714713599_dbc1610a8469486c.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1048576-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Sat, 04 May 2024 22:38:49 GMT
content-type: video/mp4
content-length: 188075266
last-modified: Fri, 03 May 2024 05:25:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
content-range: bytes 1048576-189123841/189123842
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31fK4VxC1z%2FMRbaHHQ85nXY7ttI%2FlPK%2BJS8Q1NSbdkcMppmfd2cI%2B%2Fmixsckdjv%2BAk%2FQijnqTQDyjSvDDBCAvnKYpNse8BO7K708FAxuHXvl561PvBArSqLHfaVVK7uR9ejD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ebfbb82f80712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.106 | 200 OK | 802 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (820), with no line terminators Hash19b781ab6f09786f5d9e86ac26de083d 11ca72183489143542fafe4efb122b11f9b4c1d9 e17e04ca3c38fa955e6789b4818c7c24ffd3a99eae0830a01ca51ed8e968db8a
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:38:48 GMT
date: Sat, 04 May 2024 22:38:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 104.21.40.89 | 200 OK | 3.2 kB |
URL GET HTTP/3www.amdahost.com/css/root.css IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 22:38:47 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5284
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbpI%2BVRH5dpX63NJLTntBHApSUtODA7hTCfKfz%2BPVSMpBfBJD6t%2B%2BXEzB3UUwlf%2Fr%2BtQ5zDXw9%2FAd3EjIjoc0YwlI955qkU3pSojBygs%2FVQl4KIm8PFsnAnKVnv2qWw3ZyoR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfbac5fc2712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| js.mbidinp.com/skins/nmain.m.js | 45.133.44.53 | 200 OK | 470 kB |
URL GET HTTP/2js.mbidinp.com/skins/nmain.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
Size470 kB (470121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /skins/nmain.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Sat, 04 May 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/includes/update_visits.php | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/includes/update_visits.php IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=f86bdb2db9 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 53
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=f86bdb2db9
Cookie: PHPSESSID=1947352feea5b9f2eb553bdbc3409cac; cf_clearance=mjsMDcqHgonilyExRpV3PXGnm.AVAraN.iu0lqYtsm0-1714862329-1.0.1.1-x3U9mMq63nPJkpM8wzl4SU.CeMap7TYjLIPMB8Yo9EbucOiG60PErvRsUQfV575ily8qScUAwQw1GayfaHnvjw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 22:39:05 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vHzL%2BQo9%2FP6RaLpfuWEsYR60TU8lNdv96I55xOwL%2BqkxNxL6lPP%2Fnx3XEc4B7MpuCqZr9J7Ugts0S70NIwFfD9BWic9x6WwSgtLnSpqia51ihv30WgTi7ovheGiOix9fW7jm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ebfc155aac712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|