| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 142.250.74.106 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 21:48:35 GMT
expires: Tue, 22 Apr 2025 21:48:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.1.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.1.229:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 02:38:41 GMT
age: 4058610
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| vjs.zencdn.net/8.10.0/video-js.css | 151.101.66.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.66.217:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Wed, 24 Apr 2024 02:38:41 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| erosencounter.life/js/popunder.js | 185.155.186.15 | 200 OK | 812 B |
URL GET HTTP/1.1erosencounter.life/js/popunder.js IP185.155.186.15:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjecterosencounter.life Fingerprint4F:71:85:93:7B:24:11:9C:2E:2D:AD:11:A2:CA:8A:C3:54:20:4B:75 ValidityFri, 05 Apr 2024 23:15:45 GMT - Thu, 04 Jul 2024 23:15:44 GMT
File typeASCII text, with very long lines (318), with CRLF line terminators Hash1112c3e266341e6062a9ba705458138a 5d135d537aea600ccfe8f5a9d5ad999ecf8ae97a e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/popunder.js HTTP/1.1
Host: erosencounter.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 02:38:41 GMT
Content-Type: application/javascript
Content-Length: 812
Connection: keep-alive
ETag: "1112c3e266341e6062a9ba705458138a"
Last-Modified: Wed, 20 Sep 2023 15:19:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C915F6A131D988
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134513#248036972/gid:0/gname:root/mode:33279/mtime:1655386273#132014000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:13.132014Z
Expires: Thu, 24 Apr 2025 02:38:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| www.amdahost.com/thumbnails/1711619651_18786227e388b161.jpg | 104.21.40.89 | 200 OK | 30 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1711619651_18786227e388b161.jpg IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hash07e0a04e710713912fe140b5a73bf480 44588c6b437f4d17cc153bbae114e7b4aa8f727a e743e1152631481f702221847b2df85f108899c0e26caeb412d7ae718a8accd7
GET /thumbnails/1711619651_18786227e388b161.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=c38763acc0
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: image/jpeg
content-length: 30410
last-modified: Thu, 28 Mar 2024 09:54:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSKDrVEmPl2qVi8TqwkeERo8qbA9pHT6Yxa7nuWCxPGNiDZ%2FuY4ct2jT%2FtpkqcXqngp%2BIGCfI89yTmb9KJPyx0e4WUijHlhuI0BEr2%2FUw8Ps5i2DZ83Kx%2FzrjymWj8HviSDR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7f26c895688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.25 | 200 OK | 5.0 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typegzip compressed data, from Unix Hashea75bedad60fe67993caf73299e26380 9d62249aded94521a06e23591fd5f1ee88fb5dc2 5195dd0b4fcb95bf3fbcb574d41bd161965be42dc47ba9216b6c353598ff55ad
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3q0QAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: af5856301cc71204b1702866a1e50e2c
x-accel-expires: @1713995142
x-accel-date: 1713908742
x-77-cache: HIT
x-77-age: 103980
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 17579
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.106 | 200 OK | 8.4 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hashafc8958686fe3a37df8f61aee7a5552a eaa185811deac6446616b88b149ae023be3a61e8 e956544a52213a7e7572833a8757e35d9223bfa1cef51e052d5824a6317c2612
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 02:38:41 GMT
date: Wed, 24 Apr 2024 02:38:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.17 | 200 OK | 43 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.17:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, from Unix Hash7319a83d92e18aa6bf5ae0b5e5ec2851 cb0435c5452fbb0e15ffea70e83b097b43f8e036 75aa958ed836fedf8c5709614f3590bba8faa7dd5b11a774dc2867e4b250cf18
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e85e090c7bd1847e2936d843e14"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 23 Apr 2024 17:10:10 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3nAYAAAwBuUwKEwH3EAAAAAwBnJIhHwH3BAAAAA
x-77-nzt-ray: c0a4cc2894c2df07b1702866c9ff3609
x-accel-expires: @1713935429
x-accel-date: 1713924629
x-77-cache: HIT
x-77-age: 1712
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 1692
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 172.67.41.16 | 200 OK | 122 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP172.67.41.16:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size122 kB (122104 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 2356926
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7f2c8c956b5-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.106 | 200 OK | 6.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hashd0fb4e13d01a9c578e1d26c7454b7ef1 0037270c3d557e504b5fad15b9231f7ee98e535b 74312342f896a4c84c0cf15923043e62c495d57f757364dd7af452187b27d2e0
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 02:38:41 GMT
date: Wed, 24 Apr 2024 02:38:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 | 142.250.74.67 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 IP142.250.74.67:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13184, version 1.0 Hash37b12babb3bd0f9d9587cc8ca89a19b9 49cfe5b31144493cec4f21dc63fb2f1051061b45 73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
GET /s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:40:14 GMT
expires: Fri, 18 Apr 2025 02:40:14 GMT
cache-control: public, max-age=31536000
age: 518307
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.40.89 | 302 Found | 0 B |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 02:38:42 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SnXoqj%2FWgTeVCdUu9cujN0iDeSWyqZgw0vRh7kimqAH2p4JHzupx0MiAU7kZL51AMtO3qIzb5gRDTOxzsR6DJE9qhd0j%2BgRPNocmb8gB6XJhgNvARsWZDzvU3P30wDdTyUi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7f8be665688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.106 | 200 OK | 874 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash396e2db62f1f81fcb2bb57506e8fdd1d d6ea0b0721bb8023ba39509c698c14a6f76dfc01 06a719e2cc5615d2ae7644b513e35ab621be2bb1a38e611d467ea5a0aca90846
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 02:38:41 GMT
date: Wed, 24 Apr 2024 02:38:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/8b1/acc/f8f/8b1accf8fb98b012be461abbc9130a57549b68ff.png | 104.22.58.221 | 200 OK | 44 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/8b1/acc/f8f/8b1accf8fb98b012be461abbc9130a57549b68ff.png IP104.22.58.221:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint74:12:B3:16:53:18:34:1F:1C:1F:C7:58:FE:87:06:72:9F:9E:27:E6 ValidityThu, 29 Feb 2024 00:47:39 GMT - Wed, 29 May 2024 00:47:38 GMT
File typeRIFF (little-endian) data, Web/P image Hash739d14b2e66ad303e845777319560711 3f5d1d6e842ea39d9be64c645118e7ece8f27236 d97dcdd28cb319a6a3738b5045302dca3efbd9b4d9d1ab3992ba934e5fdddd7c
GET /pn/8b1/acc/f8f/8b1accf8fb98b012be461abbc9130a57549b68ff.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: image/webp
content-length: 43860
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=68845
content-disposition: inline; filename="8b1accf8fb98b012be461abbc9130a57549b68ff.webp"
etag: 157cdb1886b1ed8fa38e01b105d8bb4c
expires: Thu, 25 Apr 2024 19:15:20 GMT
last-modified: Thu, 04 Jan 2024 12:00:16 GMT
vary: Accept
x-openstack-request-id: tx90f75348333b4b0ab8c29-0065969dec
x-proxy-cache: HIT
x-timestamp: 1704369615.90306
x-trans-id: tx90f75348333b4b0ab8c29-0065969dec
cf-cache-status: HIT
age: 26602
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8792b7fa3a3db503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/4c9/dde/bac/4c9ddebac448711ec7391c608c6b207270b30c5e.png | 104.22.58.221 | 200 OK | 46 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/4c9/dde/bac/4c9ddebac448711ec7391c608c6b207270b30c5e.png IP104.22.58.221:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint74:12:B3:16:53:18:34:1F:1C:1F:C7:58:FE:87:06:72:9F:9E:27:E6 ValidityThu, 29 Feb 2024 00:47:39 GMT - Wed, 29 May 2024 00:47:38 GMT
File typeRIFF (little-endian) data, Web/P image Hash1a0dd3a54d0e785f188135dbf8c9ecae e7ad0bc09aebb4f31d72746c4a8f619c574bd427 11da79a9356a7319c595f7bc4b93f436141eda35d6c05d0605c33c7c9fdce94b
GET /pn/4c9/dde/bac/4c9ddebac448711ec7391c608c6b207270b30c5e.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: image/webp
content-length: 45978
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=68839
content-disposition: inline; filename="4c9ddebac448711ec7391c608c6b207270b30c5e.webp"
etag: 8d08651e37bc82f549e1ab6adda65ace
expires: Thu, 25 Apr 2024 19:16:33 GMT
last-modified: Mon, 23 Dec 2019 09:02:17 GMT
vary: Accept
x-openstack-request-id: tx7c95eec32cdd45669da0d-0061b0971f
x-proxy-cache: HIT
x-timestamp: 1577091736.70112
x-trans-id: tx7c95eec32cdd45669da0d-0061b0971f
cf-cache-status: HIT
age: 26529
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8792b7fa4a3fb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| show.revopush.com/api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult | 88.99.142.136 | 200 OK | 1.2 kB |
URL GET HTTP/2show.revopush.com/api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP88.99.142.136:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoDaddy.com, Inc. Subjectshow.revopush.com Fingerprint14:6E:2A:BA:82:13:C7:FC:12:52:18:54:8C:98:74:9E:31:18:6B:94 ValidityFri, 22 Mar 2024 16:58:42 GMT - Sat, 22 Mar 2025 16:58:42 GMT
Hash30eb706cf2c0b36103ca5941987f9464 53700996bb671231f1a068264803fa379edb42c3 2785668399bc48ac7e73d9b765f4d28e6e2c83c2c008a964e56c7e3d398aa678
GET /api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://www.amdahost.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/v1/api.php | 95.211.229.248 | 200 OK | 3.3 kB |
IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
Hashafe362090edd669e598f8763fdf6f7ff fa77487bffa3447bc6e173fb68df6de5de3bedf8 7682529ba319261f71a292242d198ac00e7be48b37c95169cda25c8da4b9fcb5
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 364
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 02:38:42 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662870b2041089.406572501657590798%22%3B%7D; expires=Fri, 24-Apr-2026 02:38:42 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.106 | 200 OK | 793 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hasha1217689fea7f04da20fec38a5a05475 58f32c104ce4906184b9779a1d793d29d493e726 9c40441587b0b5365bcb8d5cc238de8cd51cbeddb95e89ad70b0e724a173d81c
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 02:38:41 GMT
date: Wed, 24 Apr 2024 02:38:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Wed, 24 Apr 2024 02:43:42 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/8792b7eeecbab512 | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/8792b7eeecbab512 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/8792b7eeecbab512 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12187
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=c38763acc0
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=qpo7UxJDo8kHtTh4oN4kRh5LfKnOz03oRGWIzhn5Xfc-1713926322-1.0.1.1-pCNsC0n.jIRQRQn5cxdk4jmQ1dzx.IBT0gDMIek8a0oRaaq89KGP01SH501m5T4Qnhn7BmlNsBHtoMZ4N7gsSg; path=/; expires=Thu, 24-Apr-25 02:38:42 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnfzGXfWoT82xSGaqMm0U3wp%2FwTTz1Fpg9uB7pJuP82Y9u6nHSPCvDAM8lrJSV8mVd%2FpyvpLW5Kac%2BXdv%2F2MSDK6FEuJvVd4D00zMWcFSmvaBsVO%2F548NfTaOXnCvDywHVK8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8792b7fbaf3e5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/media/apple-touch-icon.png | 104.21.40.89 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=c38763acc0
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780; cf_clearance=qpo7UxJDo8kHtTh4oN4kRh5LfKnOz03oRGWIzhn5Xfc-1713926322-1.0.1.1-pCNsC0n.jIRQRQn5cxdk4jmQ1dzx.IBT0gDMIek8a0oRaaq89KGP01SH501m5T4Qnhn7BmlNsBHtoMZ4N7gsSg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3367
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkE96VP6d%2FTAhT0%2BvtCskVDKBC39IfkJxt4uOOk5P%2B3%2FjuDhrpNuQVdXNX%2BTuwH%2B10gCmpzO%2Ba9FgOq7MeYGgjK%2Bvx54O1jHN8s8Qem9qxHOa9cx87I4HK1xcwraGa4oc2Ru"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7fc4fa05688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/media/favicon-16x16.png | 104.21.40.89 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=c38763acc0
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780; cf_clearance=qpo7UxJDo8kHtTh4oN4kRh5LfKnOz03oRGWIzhn5Xfc-1713926322-1.0.1.1-pCNsC0n.jIRQRQn5cxdk4jmQ1dzx.IBT0gDMIek8a0oRaaq89KGP01SH501m5T4Qnhn7BmlNsBHtoMZ4N7gsSg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pk8flbEt0hNVpfoYuq2onKBL6eIRcydAnvImcXyO33DKss9%2FaG9fjXzZ9faPxmPwapTbZjI8FVUKwKOs1IQOE7y8R8RGFGKOMvPXf9mcZczw94pKHD9WzgqYe%2F5gbNVvyqcL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7fc4fa45688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/videos/1711619643_e57c7bd60bc740ff.mp4 | 104.21.40.89 | 206 Partial Content | 253 kB |
URL GET HTTP/3www.amdahost.com/videos/1711619643_e57c7bd60bc740ff.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size253 kB (252632 bytes) Hashb149752f41fcd8e8b83faba67753aefa e31e76689fd2a35ba9613c00293b425a83483b75 1f0000d49fb1807f5c6943945ff9e366abdfba7e0d42e8f274c8648712aa2b78
GET /videos/1711619643_e57c7bd60bc740ff.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=c38763acc0
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: video/mp4
content-length: 7266869
last-modified: Thu, 28 Mar 2024 09:54:09 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-7266868/7266869
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIHDgfc9Vbz9K04IO6Ib1M514JZtVMEMpsINyDETFFzML7WsaR7OF1rdQCEUTQdFR841d1zgZOAzmBqK%2FRGr3FeXV8l1xTtrqBNpfh0Qu4C%2FnUg66awyRsStRdBCRSmQos4F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7f7ae0a5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 6.adsco.re:2087/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:2087
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.amdahost.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7ff8efc56b4-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.amdahost.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7ff7cfcb518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 4.adsco.re:2087/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:2087
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 02:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 02:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12PS04DMQyGr8IFZvT7EcfTNWuQijhA5hGxKV2URZF8+CZTQEA+RfLjs+IwWAfowPLAfBA/KMdE44RReaSk8fR8DKUop7W8nS8f43I+hbInSuETVD0ILGQciU3VEAke6pKsTdvkAskWTZdAg5Oo7lFGvL487pc6OQS4ckJL+quh2Bu4dnsuVTfX7GuhWuaWmNvCs9W1YKXSxb9b4s6Iqf2Jgr8LjaHLQircdmkHsZfL5fN9ifgldtLPaJ/6373DsC8jciWnuWbbttmzwKDbSi6+gZeq5QYalXtncgEAAA== | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12PS04DMQyGr8IFZvT7EcfTNWuQijhA5hGxKV2URZF8+CZTQEA+RfLjs+IwWAfowPLAfBA/KMdE44RReaSk8fR8DKUop7W8nS8f43I+hbInSuETVD0ILGQciU3VEAke6pKsTdvkAskWTZdAg5Oo7lFGvL487pc6OQS4ckJL+quh2Bu4dnsuVTfX7GuhWuaWmNvCs9W1YKXSxb9b4s6Iqf2Jgr8LjaHLQircdmkHsZfL5fN9ifgldtLPaJ/6373DsC8jciWnuWbbttmzwKDbSi6+gZeq5QYalXtncgEAAA== IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12PS04DMQyGr8IFZvT7EcfTNWuQijhA5hGxKV2URZF8+CZTQEA+RfLjs+IwWAfowPLAfBA/KMdE44RReaSk8fR8DKUop7W8nS8f43I+hbInSuETVD0ILGQciU3VEAke6pKsTdvkAskWTZdAg5Oo7lFGvL487pc6OQS4ckJL+quh2Bu4dnsuVTfX7GuhWuaWmNvCs9W1YKXSxb9b4s6Iqf2Jgr8LjaHLQircdmkHsZfL5fN9ifgldtLPaJ/6373DsC8jciWnuWbbttmzwKDbSi6+gZeq5QYalXtncgEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662870b2041089.406572501657590798%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 02:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OQU7EMAxFr8IFWtnfTuLOmjVIgziA27RiM8xiWAySDz9JBxCQp0iO875sEHQgHSAPwEHsoIiJx4lGxchJ4+n5GMrhp+pv58vHuJxPobDEKWwiVQsmCGdEQlZNFoks1CTlls6TCUlBNF2CGkiiuleF4vXlcb/cyCFEVyRqdR8aSnufrl2efdPVtFh13nxuj2x5wZy36lTZu/h3SboziqCND3w3GkOXhVXQVmmHYm/75fN9ifgldtJPtKf+/95B/hKCN16Let7cHSbLSjwtKkwrw2rBDf6T89xwAQAA | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OQU7EMAxFr8IFWtnfTuLOmjVIgziA27RiM8xiWAySDz9JBxCQp0iO875sEHQgHSAPwEHsoIiJx4lGxchJ4+n5GMrhp+pv58vHuJxPobDEKWwiVQsmCGdEQlZNFoks1CTlls6TCUlBNF2CGkiiuleF4vXlcb/cyCFEVyRqdR8aSnufrl2efdPVtFh13nxuj2x5wZy36lTZu/h3SboziqCND3w3GkOXhVXQVmmHYm/75fN9ifgldtJPtKf+/95B/hKCN16Let7cHSbLSjwtKkwrw2rBDf6T89xwAQAA IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12OQU7EMAxFr8IFWtnfTuLOmjVIgziA27RiM8xiWAySDz9JBxCQp0iO875sEHQgHSAPwEHsoIiJx4lGxchJ4+n5GMrhp+pv58vHuJxPobDEKWwiVQsmCGdEQlZNFoks1CTlls6TCUlBNF2CGkiiuleF4vXlcb/cyCFEVyRqdR8aSnufrl2efdPVtFh13nxuj2x5wZy36lTZu/h3SboziqCND3w3GkOXhVXQVmmHYm/75fN9ifgldtJPtKf+/95B/hKCN16Let7cHSbLSjwtKkwrw2rBDf6T89xwAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662870b2041089.406572501657590798%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 02:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s3t3d2y8.afcdn.net/library/428515/afaf6b58a8d6050615369f81598d4bd126bd021e.webp | 185.76.9.14 | 200 OK | 13 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/428515/afaf6b58a8d6050615369f81598d4bd126bd021e.webp IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash8da76954e810412b8ec5378d8480ab45 afaf6b58a8d6050615369f81598d4bd126bd021e 4f186cbdc1268f6ab21f0e5bc6dfa6dce0c52fb60dec007a79e2c41d41bc4293
GET /library/428515/afaf6b58a8d6050615369f81598d4bd126bd021e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: image/webp
content-length: 13180
last-modified: Fri, 31 Dec 2021 10:19:16 GMT
etag: "61ced924-337c"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 16 Apr 2025 14:32:15 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJDQH3peQJAAwBuUwKDAH3HwAAAAgBisclwQGB
x-77-nzt-ray: c0a4cc2813b5d81eb3702866ccd16411
x-accel-expires: @1744813935
x-77-cache: HIT
x-accel-date: 1713277966
x-77-age: 648388
server: CDN77-Turbo
x-cache: HIT
x-age: 648357
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/images/close-icon-circle.png | 185.76.9.14 | 200 OK | 405 B |
URL GET HTTP/2s3t3d2y8.afcdn.net/images/close-icon-circle.png IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hashbc8bf5d1633e548e9a178bf29be30b7b bd290b6eabd73d2c95db053620797503e9178484 94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb
GET /images/close-icon-circle.png HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: image/png
content-length: 405
last-modified: Tue, 25 Oct 2022 11:33:38 GMT
etag: "6357c992-195"
expires: Fri, 27 Oct 2023 07:10:07 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3HaCIAQ
x-77-nzt-ray: c0a4cc2813b5d81eb37028661c2b9e11
x-accel-expires: @1719731222
x-accel-date: 1688195222
x-cache: HIT
x-age: 25731101
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 25731101
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/428515/ede74c7bceaa7703fd30a60d5d9f04ca5eac5716.mp4 | 185.76.9.14 | 206 Partial Content | 33 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/428515/ede74c7bceaa7703fd30a60d5d9f04ca5eac5716.mp4 IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash1413cd1c8cc4a6653851bdfc54fdb32f ede74c7bceaa7703fd30a60d5d9f04ca5eac5716 41f006ad3d3978487383e7cdf609bbd8041bb1fd2af17b81874d80eaad003235
GET /library/428515/ede74c7bceaa7703fd30a60d5d9f04ca5eac5716.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: video/mp4
content-length: 33263
last-modified: Fri, 31 Dec 2021 10:19:17 GMT
etag: "61ced925-81ef"
accept-ch:
expires: Wed, 16 Apr 2025 14:32:15 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJDQH3ueQJAAwBuUwKEwH3CgAAAAgB1GY4EQGB
x-77-nzt-ray: c0a4cc2813b5d81eb3702866adfde115
x-accel-expires: @1744813936
x-77-cache: HIT
x-accel-date: 1713277946
x-77-age: 648387
server: CDN77-Turbo
x-cache: HIT
x-age: 648377
x-77-pop: stockholmSE
content-range: bytes 0-33262/33263
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.167.186 | | 28 kB |
IP104.17.167.186:0
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 25 May 2024 02:38:43 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 459766
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b800fa24b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 77b0619134.fc29334d79.com/61f466fc0c59b1520a8a2bccb85a4f54.js | 45.133.44.53 | 200 OK | 35 kB |
URL GET HTTP/277b0619134.fc29334d79.com/61f466fc0c59b1520a8a2bccb85a4f54.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject77b0619134.fc29334d79.com Fingerprint7C:5D:FD:64:21:60:56:AB:E1:87:1F:F0:AE:77:A4:6A:15:0E:07:E2 ValiditySun, 21 Apr 2024 02:20:16 GMT - Sat, 20 Jul 2024 02:20:15 GMT
File typegzip compressed data, from Unix Hashd98a1dfe10e9c17faff001edd6aee5bb 91c6493f203d18027823aa895448fb6815974c44 991fabe112cfb56936818700279bf8565ae2837c0530568a567fc57c2556956b
GET /61f466fc0c59b1520a8a2bccb85a4f54.js HTTP/1.1
Host: 77b0619134.fc29334d79.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Wed, 24 Apr 2024 02:43:43 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11PSU4EMQz8Ch/oyHuSOXMGCcQD0km3uAxzGA6D5Mfj9AgJSMmSl6rYRUCygCzED0QnLichr5gqJKGEKv70/OKC3s6jvV+un6lfzs4ils1LBZHiCMRo5ErGEgqF4pwlQ81u1ZTmN6jODgHSUM8sQfAy+Nvr4xEYiOVY6RYRxdzsBB5ih9vUrm2XrUguo+He1iisWKfV9tFgYJvEv5fCHeEkc0zppxFYJplRmOKeeOBHu12/Prr7L+KEHlKeFqbs//iO8BgmRCbHi45RB25gjE0MGDetfe2ZCkuv+g2+k1HmeQEAAA== | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11PSU4EMQz8Ch/oyHuSOXMGCcQD0km3uAxzGA6D5Mfj9AgJSMmSl6rYRUCygCzED0QnLichr5gqJKGEKv70/OKC3s6jvV+un6lfzs4ils1LBZHiCMRo5ErGEgqF4pwlQ81u1ZTmN6jODgHSUM8sQfAy+Nvr4xEYiOVY6RYRxdzsBB5ih9vUrm2XrUguo+He1iisWKfV9tFgYJvEv5fCHeEkc0zppxFYJplRmOKeeOBHu12/Prr7L+KEHlKeFqbs//iO8BgmRCbHi45RB25gjE0MGDetfe2ZCkuv+g2+k1HmeQEAAA== IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA11PSU4EMQz8Ch/oyHuSOXMGCcQD0km3uAxzGA6D5Mfj9AgJSMmSl6rYRUCygCzED0QnLichr5gqJKGEKv70/OKC3s6jvV+un6lfzs4ils1LBZHiCMRo5ErGEgqF4pwlQ81u1ZTmN6jODgHSUM8sQfAy+Nvr4xEYiOVY6RYRxdzsBB5ih9vUrm2XrUguo+He1iisWKfV9tFgYJvEv5fCHeEkc0zppxFYJplRmOKeeOBHu12/Prr7L+KEHlKeFqbs//iO8BgmRCbHi45RB25gjE0MGDetfe2ZCkuv+g2+k1HmeQEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662870b2041089.406572501657590798%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 02:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 24 Apr 2024 02:38:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| e3b00aa283.973652004b.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjc3NDE0MjE5NzAyNjI2MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4wMSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2e3b00aa283.973652004b.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjc3NDE0MjE5NzAyNjI2MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4wMSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjecte3b00aa283.973652004b.com FingerprintC1:17:FE:31:82:D9:B1:53:B3:4C:0C:0F:6A:22:A1:F5:E8:2E:6B:89 ValiditySun, 21 Apr 2024 02:50:34 GMT - Sat, 20 Jul 2024 02:50:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjc3NDE0MjE5NzAyNjI2MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4wMSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: e3b00aa283.973652004b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 24 Apr 2024 02:38:43 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=2197539969529748086; Expires=Thu, 24 Apr 2025 02:38:43 GMT; Secure; SameSite=None
Vary: Origin
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 811 B |
IP162.252.214.5:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hash733b5253b815629f354ce6c01cafe986 4376788bbac119b454e677afecf3cd6d5595dbd4 a4d44ae2cd5dfa16231f2fe595f9ed9946a626ae03dfbc285e974336be5e2664
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1560
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 02:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| 6.adsco.re/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b802faa3b4fd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.cdn.house/i/1/sm-ZlJNC1J2RR-4XzwiAjT159yVJSK-Us29QXZFG7KRNR2YWRW60dq3scMR6Im-MYtTSMK2Uf2lV8V7BwUtUFvLq5p87WYz5ybBBW_Okmk6Gs2U8-GFf3yrcDGQ0YDNk4Lrf_DbXUJoMJHFmBfxkRJ0J1YIaczElLP4siO58zLB9_RFcdBecoAyMubthN2ghKkMmFXlVuUAnWUAIjx5RdvM7iWBJlmNkoolxb6gJrHIi32f4-1jDK3ZSepPmD_h6T9bsANqG8EgB5y8ZQdslmTMKUqiHSBKBv1gL3xXsn1WMKVB-qoaxMhjKgvaJAOLq2QayygW9Y9t76SNhNoORDQyxogB6UPNP9nyP9Ep2sRGswPEA_fiI6nKlJT-OyJCYDt0W-Tso7EckyNRYZ2uSGwIBhaqN60o_fzuf6Cfhd4YLO5dSRzfhrRAiWT10RReECTPQOfVrMtmt-HF6JxKTnw== | 136.243.32.106 | 307 Temporary Redirect | 0 B |
URL GET HTTP/2img.cdn.house/i/1/sm-ZlJNC1J2RR-4XzwiAjT159yVJSK-Us29QXZFG7KRNR2YWRW60dq3scMR6Im-MYtTSMK2Uf2lV8V7BwUtUFvLq5p87WYz5ybBBW_Okmk6Gs2U8-GFf3yrcDGQ0YDNk4Lrf_DbXUJoMJHFmBfxkRJ0J1YIaczElLP4siO58zLB9_RFcdBecoAyMubthN2ghKkMmFXlVuUAnWUAIjx5RdvM7iWBJlmNkoolxb6gJrHIi32f4-1jDK3ZSepPmD_h6T9bsANqG8EgB5y8ZQdslmTMKUqiHSBKBv1gL3xXsn1WMKVB-qoaxMhjKgvaJAOLq2QayygW9Y9t76SNhNoORDQyxogB6UPNP9nyP9Ep2sRGswPEA_fiI6nKlJT-OyJCYDt0W-Tso7EckyNRYZ2uSGwIBhaqN60o_fzuf6Cfhd4YLO5dSRzfhrRAiWT10RReECTPQOfVrMtmt-HF6JxKTnw== IP136.243.32.106:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectimg.cdn.house Fingerprint98:AC:05:29:31:CD:6B:03:04:7D:9B:28:08:AA:B1:09:56:1A:CA:30 ValidityThu, 21 Mar 2024 10:50:12 GMT - Wed, 19 Jun 2024 10:50:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i/1/sm-ZlJNC1J2RR-4XzwiAjT159yVJSK-Us29QXZFG7KRNR2YWRW60dq3scMR6Im-MYtTSMK2Uf2lV8V7BwUtUFvLq5p87WYz5ybBBW_Okmk6Gs2U8-GFf3yrcDGQ0YDNk4Lrf_DbXUJoMJHFmBfxkRJ0J1YIaczElLP4siO58zLB9_RFcdBecoAyMubthN2ghKkMmFXlVuUAnWUAIjx5RdvM7iWBJlmNkoolxb6gJrHIi32f4-1jDK3ZSepPmD_h6T9bsANqG8EgB5y8ZQdslmTMKUqiHSBKBv1gL3xXsn1WMKVB-qoaxMhjKgvaJAOLq2QayygW9Y9t76SNhNoORDQyxogB6UPNP9nyP9Ep2sRGswPEA_fiI6nKlJT-OyJCYDt0W-Tso7EckyNRYZ2uSGwIBhaqN60o_fzuf6Cfhd4YLO5dSRzfhrRAiWT10RReECTPQOfVrMtmt-HF6JxKTnw== HTTP/1.1
Host: img.cdn.house
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Wed, 24 Apr 2024 02:38:43 GMT
content-length: 0
location: https://s-img.adskeeper.com/g/3944300/200x200/249x3x599x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp?v=1713926322-ysT91U_jfbxN7qCN6xZZ8WBby5XkoiGmQ8aETJki5PY
X-Firefox-Spdy: h2
|
|
| urhdipth6qgr.n4.adsco.re/ | 38.132.109.115 | 200 OK | 0 B |
URL POST HTTP/2urhdipth6qgr.n4.adsco.re/ IP38.132.109.115:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject*.n4.adsco.re Fingerprint45:6E:69:F7:75:1D:65:9E:20:3D:CF:CE:8B:F5:36:72:85:BD:76:EC ValidityFri, 19 Apr 2024 09:12:46 GMT - Thu, 18 Jul 2024 09:12:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: urhdipth6qgr.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 173.194.220.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP173.194.220.84:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:ia7kgIqB6zyGkrnOa7BBHHR8mJJvHA:1hyUueDputfASiTp; Expires=Fri, 24-Apr-2026 02:38:44 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 02:38:44 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzZ5BwNJwTS4gtM8JRvAfClgiy85mcqvnNKuKcqJ28buUkNfI3rEfa0ITg5XX1QVyuCj8_P
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-OVmJd334WqaW62Dxc-dIQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xadsmart.com/vgyuivzzrfgo?YOPhoKVt=BQLyAAAAAAAACZUAArLUqw0JEV6V8RYrZGpwL9F1WMJJkBUZtp8qARUMyrh5DGahbtVg_dOIWMfKUWHfjSprjvvykk67peU9EEi3YehsU-jYy518NXjbLml7Z65D1Cr2kKwPjM9vlQpdpSaEEfM0D3LtRr1BxHiRm9rM3j_IklDJBd9j-h3bHgQLTZx5qdSy1fZCV1LDefHfUHmmtbapfDyqYJqs9HM0a-lOX2u6SYgfKZjYW04pnt5XfB5FOMl9neGTuYmfboIMee_7wJoqJsolRhoC6nr47PbkSLq3PjE4gWqeiGVXqgBq6dG7oHniMimBooW5AFscaonrQAoCP348gzXShoMdhgnbCiyAX70gmp1EdWhOoKvG86u2fNxhbtLla3L-88W7R_VU70qY0qiGM4QCQDSItO0mrQjMI6rGbn7VtENEYNcDg9Mp5LvRKG0K-upKQCMaKTrCH0e5RrNaDif1hbwFh5cicyhgBXb1zoQjJl9XSMBmPVEw-kKCMeuTPc4aPFC3M6KQFRo-KRaZdHSWcKYbfJObm_aF6qcAAYDH-FgesyUrorqjDPsKLnwqpiwVV_F-gBlmWOG7imPYZs1E4Jq4PjL1XK5rBdfv6o4CE79l_CJ-saXmZcDR4rt6wgvIXOOmZo-dR25PtWt2lwLjHsI-fLUcMiwrdgfrDs-deSxKMg7_ucyTVw-kE7ipuaTWa7RQFO0j1WL5ZCbLB0LqYgwHwPJ4K4Lpn4NL9hrF8y2sDsF0ppvXVlLrB_DH0rNORa8JvV9GT1b_sPdXzS1P1Y4OUAFBtOPvyJXoZJS-GvXWwZMG-gEe8kWH7lxFk_9bAgdcULRhI2j58Gmn4Ic13W-EWmIpFMfLPvqYZ7TrQksitdWzcqmC3fsrddmwVdtXe1rhlUzKteIWmOVMyllupjSrFE52YuudP6YYKwIqCIad9yD_8IagzrZfaSYnBgjV5BayNAyHeNT9YNia9qAee1Nk1NyfKPOi4LTly0t6_pvUwEegP7O9&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 | 104.153.197.251 | 200 OK | 44 B |
URL GET HTTP/2xadsmart.com/vgyuivzzrfgo?YOPhoKVt=BQLyAAAAAAAACZUAArLUqw0JEV6V8RYrZGpwL9F1WMJJkBUZtp8qARUMyrh5DGahbtVg_dOIWMfKUWHfjSprjvvykk67peU9EEi3YehsU-jYy518NXjbLml7Z65D1Cr2kKwPjM9vlQpdpSaEEfM0D3LtRr1BxHiRm9rM3j_IklDJBd9j-h3bHgQLTZx5qdSy1fZCV1LDefHfUHmmtbapfDyqYJqs9HM0a-lOX2u6SYgfKZjYW04pnt5XfB5FOMl9neGTuYmfboIMee_7wJoqJsolRhoC6nr47PbkSLq3PjE4gWqeiGVXqgBq6dG7oHniMimBooW5AFscaonrQAoCP348gzXShoMdhgnbCiyAX70gmp1EdWhOoKvG86u2fNxhbtLla3L-88W7R_VU70qY0qiGM4QCQDSItO0mrQjMI6rGbn7VtENEYNcDg9Mp5LvRKG0K-upKQCMaKTrCH0e5RrNaDif1hbwFh5cicyhgBXb1zoQjJl9XSMBmPVEw-kKCMeuTPc4aPFC3M6KQFRo-KRaZdHSWcKYbfJObm_aF6qcAAYDH-FgesyUrorqjDPsKLnwqpiwVV_F-gBlmWOG7imPYZs1E4Jq4PjL1XK5rBdfv6o4CE79l_CJ-saXmZcDR4rt6wgvIXOOmZo-dR25PtWt2lwLjHsI-fLUcMiwrdgfrDs-deSxKMg7_ucyTVw-kE7ipuaTWa7RQFO0j1WL5ZCbLB0LqYgwHwPJ4K4Lpn4NL9hrF8y2sDsF0ppvXVlLrB_DH0rNORa8JvV9GT1b_sPdXzS1P1Y4OUAFBtOPvyJXoZJS-GvXWwZMG-gEe8kWH7lxFk_9bAgdcULRhI2j58Gmn4Ic13W-EWmIpFMfLPvqYZ7TrQksitdWzcqmC3fsrddmwVdtXe1rhlUzKteIWmOVMyllupjSrFE52YuudP6YYKwIqCIad9yD_8IagzrZfaSYnBgjV5BayNAyHeNT9YNia9qAee1Nk1NyfKPOi4LTly0t6_pvUwEegP7O9&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 IP104.153.197.251:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subjectxadsmart.com FingerprintFC:E8:BA:57:31:46:6D:51:70:B5:42:35:6E:CF:97:6F:AF:38:C5:58 ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /vgyuivzzrfgo?YOPhoKVt=BQLyAAAAAAAACZUAArLUqw0JEV6V8RYrZGpwL9F1WMJJkBUZtp8qARUMyrh5DGahbtVg_dOIWMfKUWHfjSprjvvykk67peU9EEi3YehsU-jYy518NXjbLml7Z65D1Cr2kKwPjM9vlQpdpSaEEfM0D3LtRr1BxHiRm9rM3j_IklDJBd9j-h3bHgQLTZx5qdSy1fZCV1LDefHfUHmmtbapfDyqYJqs9HM0a-lOX2u6SYgfKZjYW04pnt5XfB5FOMl9neGTuYmfboIMee_7wJoqJsolRhoC6nr47PbkSLq3PjE4gWqeiGVXqgBq6dG7oHniMimBooW5AFscaonrQAoCP348gzXShoMdhgnbCiyAX70gmp1EdWhOoKvG86u2fNxhbtLla3L-88W7R_VU70qY0qiGM4QCQDSItO0mrQjMI6rGbn7VtENEYNcDg9Mp5LvRKG0K-upKQCMaKTrCH0e5RrNaDif1hbwFh5cicyhgBXb1zoQjJl9XSMBmPVEw-kKCMeuTPc4aPFC3M6KQFRo-KRaZdHSWcKYbfJObm_aF6qcAAYDH-FgesyUrorqjDPsKLnwqpiwVV_F-gBlmWOG7imPYZs1E4Jq4PjL1XK5rBdfv6o4CE79l_CJ-saXmZcDR4rt6wgvIXOOmZo-dR25PtWt2lwLjHsI-fLUcMiwrdgfrDs-deSxKMg7_ucyTVw-kE7ipuaTWa7RQFO0j1WL5ZCbLB0LqYgwHwPJ4K4Lpn4NL9hrF8y2sDsF0ppvXVlLrB_DH0rNORa8JvV9GT1b_sPdXzS1P1Y4OUAFBtOPvyJXoZJS-GvXWwZMG-gEe8kWH7lxFk_9bAgdcULRhI2j58Gmn4Ic13W-EWmIpFMfLPvqYZ7TrQksitdWzcqmC3fsrddmwVdtXe1rhlUzKteIWmOVMyllupjSrFE52YuudP6YYKwIqCIad9yD_8IagzrZfaSYnBgjV5BayNAyHeNT9YNia9qAee1Nk1NyfKPOi4LTly0t6_pvUwEegP7O9&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb9
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
set-cookie: PP_CV=yes; expires=Wed, 24 Apr 2024 03:38:43 GMT; Max-Age=3600
fraudcheck=6f2e614b38d17609969acf92105ebe57; expires=Fri, 24 May 2024 02:38:43 GMT; Max-Age=2592000; path=/; domain=.popads.net
popads-ec: 5
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Wed, 24 Apr 2024 02:38:44 GMT
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzZ5BwNJwTS4gtM8JRvAfClgiy85mcqvnNKuKcqJ28buUkNfI3rEfa0ITg5XX1QVyuCj8_P | 173.194.220.84 | 302 Found | 426 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzZ5BwNJwTS4gtM8JRvAfClgiy85mcqvnNKuKcqJ28buUkNfI3rEfa0ITg5XX1QVyuCj8_P IP173.194.220.84:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeHTML document, ASCII text, with very long lines (402) Hashf32e44935b45c8aa8cbebe09c6654d7b aabb206afcd0bcc2cdddb2054ad728d348152c8c 5e054b5681a8516aa039c77a34bad8d3cb28c3cceb5d04ca825103b04e1819ed
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzZ5BwNJwTS4gtM8JRvAfClgiy85mcqvnNKuKcqJ28buUkNfI3rEfa0ITg5XX1QVyuCj8_P HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:MUi2AEUS_o2pvuydyQ8950Z7jlFCGA:REfbbtnWYx1ilkCT;Path=/;Expires=Fri, 24-Apr-2026 02:38:44 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 02:38:44 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxE2MZTUlFQht8G-iKX10qVocX8LqJyCZ1JYTVjodcpkEv1MJ0VYDTfVlCzNkD7wLmH9u8J&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-16585689%3A1713926324133455&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Zb6b1scEobX8868whpbuWQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 12ezo5v60.com/chicken.gif?z=2020090&pb=fc4b11a396b0e5b07387e2bb47d003861713933522&psp=Md4RIznU6i2lwrviuVOZNgwfEB4SZ1v-NSTNCCXxNeDhjHzAA6Hs-EPu12ohUnN4pnc7Owyr6UpZvxYP1VYFKVYZCZ79PD3T8QJ3oO1DnP0Q-u4oaX0y9Nsin4wcy83khn7HltQeRELAqj9IcQKhj3diulnwG9--QNQMksZVelrWN4FtYaRYUdbtd0VtX0tCamH3jlnm5FD9cwHYCDiN_UzxHm4brZmD5kZbNTlxiFXSF32NFqL_tj49Rau2mKN0jF37TW04g-j94pSpbFMVf1JtAg0ZgF7-89KQYAMVqVsHqsO_4NYl9qxPLftqAyi8I1A4IsqO7PbNhIjgqbBGKdDUR7OU_Y-yAuI3YuOuamw5B4uBch2BxqtXIVhvxs7_eqQUjMc3Haw53nE1FKxKIdvDBo2KA_DzjhWp9ddysO81uKuD_4s3oKSlYmbF1Xm-B9WxWAyrqGeM3g1Sem81FvYnM_8PyD1W0IIwAnENGfopS45yMhso7-cTabdfB36Q-6-dM9Eq2Mmzq0TFqEknGWG_ja3RVmyDCyOiZE7KbdXVF3fSyRXj6Zb4Y-qH937D6txsS2iHCHza8Z1eCA3AiPoNlaJWgM2uh_uJEveHK1tAEUL60GVRQOXeBRLB5NWlLHwAgEu1mbxrUidKvj1nRyW2MdjKQeRMLFdzCRYC5ZhNLaWQMwI0y4q-MHz9a2HERV85gdiprIoxiv_QWgAEOzGPC4XCs_jDTK_tNhfnL8RYHVGXnzU0eHeS7tm8pjTSX-6aNZUEP_VYRND3BznmZb6wJNcjpPLvXdgC8NrjZL57x9Nb-14EUdsOphnR3Vza5utAAA4F7mzEYWnFGqiFNa6AwqX4xFK6Ef5MTBTh51-J96GHiPTxUgPUSa2YzovYNrnyWqOqr4L4gKLu_nw8c5F3hzD8Vnz-0cj3uPlFxBADex6bPqgqdMGXNteI8UuGCTgwDmn0OUeHyoVv8EajATT42GW-EDovehLWDKMhDUsuVdJvNR4o1o2lyx1U-LJYWqSI2_cee3aeE_ytHhj_Jibvkub1cDcaEoHnQrxBs8oYGYgrj7_4uPYikS0VZ7OdWAkPZoIPeV0WU8--7O1l4AYLLh6k5KbUVqHTVu0qIxQAhYxaJAV7FAtcZ8id5cbJhbajegwAM7yvQITVZpRV8gtK2gR5TqFxFLASEgrYsk6erkjDvJ35D2FDlMIihhcweA3pt6Gd9WCal6iYGyrCbIyCXT7tlM0daaX_xTzl_2AjTgK7pUrxjumQh0PqDD-jQtTUaC1owOwvAWyApF5RXgxcgDLH9riJ_zMEyzSl6BK1hUawQne-4kE3NNuf9sctLB21ZKtQsZ9FtqEcyDIecdRqGIuekSvoQEry-kPWtaQ23oTy5G81thCVuIgXk3xdDRRrNrxkFHlydg2CUdEpPaHUIUcRty0J5294ppRhwhDNT2P9fshhFuQsS9_COHg8AOk8fbEBTfLt-fJ0OqBvJbPMqNcCgAj2lcaJ-Ra8SRgPYPPkzouxw117WNwn5f5cCtP1Fbvq2BppF6wnzzzhZ7AxvXEKu61DXkd3ILnUDvojDI2C4wE_iNW3n-4RyFN_D1WMwZdieEzKPs92RvHNFOSeq6pxglrvyUQUl16vX1k7vBMsEGOZw_TUZKzbaH2c1lsEOV75zJd7-x-IC9Iek01T59CT&freq=0&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4897398479521792&eclog=0&im=1 | 212.117.190.202 | 200 OK | 43 B |
URL GET HTTP/212ezo5v60.com/chicken.gif?z=2020090&pb=fc4b11a396b0e5b07387e2bb47d003861713933522&psp=Md4RIznU6i2lwrviuVOZNgwfEB4SZ1v-NSTNCCXxNeDhjHzAA6Hs-EPu12ohUnN4pnc7Owyr6UpZvxYP1VYFKVYZCZ79PD3T8QJ3oO1DnP0Q-u4oaX0y9Nsin4wcy83khn7HltQeRELAqj9IcQKhj3diulnwG9--QNQMksZVelrWN4FtYaRYUdbtd0VtX0tCamH3jlnm5FD9cwHYCDiN_UzxHm4brZmD5kZbNTlxiFXSF32NFqL_tj49Rau2mKN0jF37TW04g-j94pSpbFMVf1JtAg0ZgF7-89KQYAMVqVsHqsO_4NYl9qxPLftqAyi8I1A4IsqO7PbNhIjgqbBGKdDUR7OU_Y-yAuI3YuOuamw5B4uBch2BxqtXIVhvxs7_eqQUjMc3Haw53nE1FKxKIdvDBo2KA_DzjhWp9ddysO81uKuD_4s3oKSlYmbF1Xm-B9WxWAyrqGeM3g1Sem81FvYnM_8PyD1W0IIwAnENGfopS45yMhso7-cTabdfB36Q-6-dM9Eq2Mmzq0TFqEknGWG_ja3RVmyDCyOiZE7KbdXVF3fSyRXj6Zb4Y-qH937D6txsS2iHCHza8Z1eCA3AiPoNlaJWgM2uh_uJEveHK1tAEUL60GVRQOXeBRLB5NWlLHwAgEu1mbxrUidKvj1nRyW2MdjKQeRMLFdzCRYC5ZhNLaWQMwI0y4q-MHz9a2HERV85gdiprIoxiv_QWgAEOzGPC4XCs_jDTK_tNhfnL8RYHVGXnzU0eHeS7tm8pjTSX-6aNZUEP_VYRND3BznmZb6wJNcjpPLvXdgC8NrjZL57x9Nb-14EUdsOphnR3Vza5utAAA4F7mzEYWnFGqiFNa6AwqX4xFK6Ef5MTBTh51-J96GHiPTxUgPUSa2YzovYNrnyWqOqr4L4gKLu_nw8c5F3hzD8Vnz-0cj3uPlFxBADex6bPqgqdMGXNteI8UuGCTgwDmn0OUeHyoVv8EajATT42GW-EDovehLWDKMhDUsuVdJvNR4o1o2lyx1U-LJYWqSI2_cee3aeE_ytHhj_Jibvkub1cDcaEoHnQrxBs8oYGYgrj7_4uPYikS0VZ7OdWAkPZoIPeV0WU8--7O1l4AYLLh6k5KbUVqHTVu0qIxQAhYxaJAV7FAtcZ8id5cbJhbajegwAM7yvQITVZpRV8gtK2gR5TqFxFLASEgrYsk6erkjDvJ35D2FDlMIihhcweA3pt6Gd9WCal6iYGyrCbIyCXT7tlM0daaX_xTzl_2AjTgK7pUrxjumQh0PqDD-jQtTUaC1owOwvAWyApF5RXgxcgDLH9riJ_zMEyzSl6BK1hUawQne-4kE3NNuf9sctLB21ZKtQsZ9FtqEcyDIecdRqGIuekSvoQEry-kPWtaQ23oTy5G81thCVuIgXk3xdDRRrNrxkFHlydg2CUdEpPaHUIUcRty0J5294ppRhwhDNT2P9fshhFuQsS9_COHg8AOk8fbEBTfLt-fJ0OqBvJbPMqNcCgAj2lcaJ-Ra8SRgPYPPkzouxw117WNwn5f5cCtP1Fbvq2BppF6wnzzzhZ7AxvXEKu61DXkd3ILnUDvojDI2C4wE_iNW3n-4RyFN_D1WMwZdieEzKPs92RvHNFOSeq6pxglrvyUQUl16vX1k7vBMsEGOZw_TUZKzbaH2c1lsEOV75zJd7-x-IC9Iek01T59CT&freq=0&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4897398479521792&eclog=0&im=1 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=fc4b11a396b0e5b07387e2bb47d003861713933522&psp=Md4RIznU6i2lwrviuVOZNgwfEB4SZ1v-NSTNCCXxNeDhjHzAA6Hs-EPu12ohUnN4pnc7Owyr6UpZvxYP1VYFKVYZCZ79PD3T8QJ3oO1DnP0Q-u4oaX0y9Nsin4wcy83khn7HltQeRELAqj9IcQKhj3diulnwG9--QNQMksZVelrWN4FtYaRYUdbtd0VtX0tCamH3jlnm5FD9cwHYCDiN_UzxHm4brZmD5kZbNTlxiFXSF32NFqL_tj49Rau2mKN0jF37TW04g-j94pSpbFMVf1JtAg0ZgF7-89KQYAMVqVsHqsO_4NYl9qxPLftqAyi8I1A4IsqO7PbNhIjgqbBGKdDUR7OU_Y-yAuI3YuOuamw5B4uBch2BxqtXIVhvxs7_eqQUjMc3Haw53nE1FKxKIdvDBo2KA_DzjhWp9ddysO81uKuD_4s3oKSlYmbF1Xm-B9WxWAyrqGeM3g1Sem81FvYnM_8PyD1W0IIwAnENGfopS45yMhso7-cTabdfB36Q-6-dM9Eq2Mmzq0TFqEknGWG_ja3RVmyDCyOiZE7KbdXVF3fSyRXj6Zb4Y-qH937D6txsS2iHCHza8Z1eCA3AiPoNlaJWgM2uh_uJEveHK1tAEUL60GVRQOXeBRLB5NWlLHwAgEu1mbxrUidKvj1nRyW2MdjKQeRMLFdzCRYC5ZhNLaWQMwI0y4q-MHz9a2HERV85gdiprIoxiv_QWgAEOzGPC4XCs_jDTK_tNhfnL8RYHVGXnzU0eHeS7tm8pjTSX-6aNZUEP_VYRND3BznmZb6wJNcjpPLvXdgC8NrjZL57x9Nb-14EUdsOphnR3Vza5utAAA4F7mzEYWnFGqiFNa6AwqX4xFK6Ef5MTBTh51-J96GHiPTxUgPUSa2YzovYNrnyWqOqr4L4gKLu_nw8c5F3hzD8Vnz-0cj3uPlFxBADex6bPqgqdMGXNteI8UuGCTgwDmn0OUeHyoVv8EajATT42GW-EDovehLWDKMhDUsuVdJvNR4o1o2lyx1U-LJYWqSI2_cee3aeE_ytHhj_Jibvkub1cDcaEoHnQrxBs8oYGYgrj7_4uPYikS0VZ7OdWAkPZoIPeV0WU8--7O1l4AYLLh6k5KbUVqHTVu0qIxQAhYxaJAV7FAtcZ8id5cbJhbajegwAM7yvQITVZpRV8gtK2gR5TqFxFLASEgrYsk6erkjDvJ35D2FDlMIihhcweA3pt6Gd9WCal6iYGyrCbIyCXT7tlM0daaX_xTzl_2AjTgK7pUrxjumQh0PqDD-jQtTUaC1owOwvAWyApF5RXgxcgDLH9riJ_zMEyzSl6BK1hUawQne-4kE3NNuf9sctLB21ZKtQsZ9FtqEcyDIecdRqGIuekSvoQEry-kPWtaQ23oTy5G81thCVuIgXk3xdDRRrNrxkFHlydg2CUdEpPaHUIUcRty0J5294ppRhwhDNT2P9fshhFuQsS9_COHg8AOk8fbEBTfLt-fJ0OqBvJbPMqNcCgAj2lcaJ-Ra8SRgPYPPkzouxw117WNwn5f5cCtP1Fbvq2BppF6wnzzzhZ7AxvXEKu61DXkd3ILnUDvojDI2C4wE_iNW3n-4RyFN_D1WMwZdieEzKPs92RvHNFOSeq6pxglrvyUQUl16vX1k7vBMsEGOZw_TUZKzbaH2c1lsEOV75zJd7-x-IC9Iek01T59CT&freq=0&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4897398479521792&eclog=0&im=1 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2404232138735713654ee542e38bb03b44bd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 02:38:44 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| urhdipth6qgr.l4.adsco.re/ | 185.200.118.51 | 200 OK | 0 B |
URL POST HTTP/2urhdipth6qgr.l4.adsco.re/ IP185.200.118.51:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject*.l4.adsco.re FingerprintB2:51:02:63:F4:E6:E7:3A:98:79:B7:C5:F8:81:EC:E8:79:B9:BC:22 ValidityFri, 19 Apr 2024 09:12:52 GMT - Thu, 18 Jul 2024 09:12:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: urhdipth6qgr.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:44 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| urhdipth6qgr.s4.adsco.re/ | 185.200.116.51 | 200 OK | 0 B |
URL POST HTTP/2urhdipth6qgr.s4.adsco.re/ IP185.200.116.51:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint6C:EA:F6:8F:57:34:25:F9:39:76:98:E0:61:B8:C8:86:AD:CC:68:0A ValidityFri, 19 Apr 2024 09:12:40 GMT - Thu, 18 Jul 2024 09:12:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: urhdipth6qgr.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:44 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.4 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hash34e62a6445c7fa91cb342bff66c551c5 e17e7f162c3d77de35a79a73699cdab6ec1e6785 fc3d2605713e1b335e368efee972e2403769523ad825b5b1492f7f39ad6431ad
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1401
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 24 Apr 2024 02:38:44 GMT
content-type: application/json
content-length: 6388
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 173.194.220.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP173.194.220.84:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:FAPgaZTB47LeGW2BCwXdCe-Vk5rs0g:ZFTf-w9a5MbtdVVZ; Expires=Fri, 24-Apr-2026 02:38:48 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 02:38:48 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxpFbrt2wJUqX_KEz3CaaQjskRqQ-sb23mFA4hJV_qiJjZGIVDUV81hkugs068Z1ruX0P5uVg
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-ZbqGATJVilEuiMY3eh9rSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=82b0c4cd-5019-4c88-995f-e3d9a2a7df11&subid=1511354673&sid=1384424543&spot_id=529500&created_at=2024-04-24&timezone=0&ver=8.158.1&is_native=1 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=82b0c4cd-5019-4c88-995f-e3d9a2a7df11&subid=1511354673&sid=1384424543&spot_id=529500&created_at=2024-04-24&timezone=0&ver=8.158.1&is_native=1 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=82b0c4cd-5019-4c88-995f-e3d9a2a7df11&subid=1511354673&sid=1384424543&spot_id=529500&created_at=2024-04-24&timezone=0&ver=8.158.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 02:38:48 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 9f3c62edd5.b3742d97fe.com/in/multy | 94.130.198.6 | 200 OK | 0 B |
URL POST HTTP/29f3c62edd5.b3742d97fe.com/in/multy IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectb3742d97fe.com Fingerprint4B:6C:AE:18:D7:87:52:D9:E2:F3:DB:91:2B:54:44:60:53:38:EF:92 ValiditySat, 20 Apr 2024 14:01:53 GMT - Fri, 19 Jul 2024 14:01:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /in/multy HTTP/1.1
Host: 9f3c62edd5.b3742d97fe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Wed, 24 Apr 2024 02:38:48 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxpFbrt2wJUqX_KEz3CaaQjskRqQ-sb23mFA4hJV_qiJjZGIVDUV81hkugs068Z1ruX0P5uVg | 173.194.220.84 | 302 Found | 428 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxpFbrt2wJUqX_KEz3CaaQjskRqQ-sb23mFA4hJV_qiJjZGIVDUV81hkugs068Z1ruX0P5uVg IP173.194.220.84:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeHTML document, ASCII text, with very long lines (406) Hashc98c59b545a2b268b82f2b410776ed88 0dde7f125e67dd132c37d14e5907f0599e6f2c80 97b8c3395f6efb03a641a1324c1f0a225c75ece084c0974d34ccbf5759c64111
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxpFbrt2wJUqX_KEz3CaaQjskRqQ-sb23mFA4hJV_qiJjZGIVDUV81hkugs068Z1ruX0P5uVg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:0osmY-TXHFlKaeScKIAHt17HwU0A1Q:SfQCHioAngNgvo5R;Path=/;Expires=Fri, 24-Apr-2026 02:38:48 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 02:38:48 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQy4DOlElkWitaryKONGzXKiNYtfgArUqhvkwlHSQizQPLnbTO4p-0yjs0ZffIq1slN61muHSw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2046445710%3A1713926328906081&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-VpbRBuneLPBOACfxIioViw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 428
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 9f3c62edd5.b3742d97fe.com/in/multy | 94.130.198.6 | 200 OK | 4.4 kB |
URL POST HTTP/29f3c62edd5.b3742d97fe.com/in/multy IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectb3742d97fe.com Fingerprint4B:6C:AE:18:D7:87:52:D9:E2:F3:DB:91:2B:54:44:60:53:38:EF:92 ValiditySat, 20 Apr 2024 14:01:53 GMT - Fri, 19 Jul 2024 14:01:52 GMT
Hasha0e40140f627a14c1a21ea91b18e584d 9449b3dee89390d73b58e099fa55feb3df04d50f b279f12dce30084f7e75cedfb3bee80e58f9e0e1f66cfc90f9508b73112c1014
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /in/multy HTTP/1.1
Host: 9f3c62edd5.b3742d97fe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2164
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 02:38:49 GMT
content-type: application/json
content-length: 4391
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 9f3c62edd5.b3742d97fe.com/in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Dc38763acc0&refdom=www.amdahost.com&auction_time=1713926328&subid=1511354673&sid=1384424543&tcid=0&ver=8.158.1&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-24&iabcat=IAB25-3&keywords=adult&user_fp=7569918116057693203&score=44.47127105370553&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Dc38763acc0%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fclicksbroxyz.com%2Fb2%2Fc%2Fc%2Fredir%3Fcid%3D17%26did%3DTFtyZlI%26eid%3D13307%26nid%3D10010%26sid%3D3286073372MhmEPsfR%26ts%3D1713926328%26ttl%3D300%26v%3Dv5.11.5&icons=V78LIW0iPSdK2Cb9jnKWgbaRY-KB2ZkpxOaJH7-Xvu1GapP9BGNvGRf8Df8Tr_kqeKemT2xjVKZujam3moRaHpcJso8snvBaDIez2Tx9lzJmh7OTtKNUVgm7D67_YPlzJPPEJFrSZfk-aCQOfqfQHSm1kY7IdEjfQ9NKPB-5rvTiVvK5iA&ext_cid=17&px_id=121646602&min_cpm=0.0034989355288725025&out_id=1&campaign_type=lq-pop&aid=3775&cid=16138&uniq=&mid=1085848244355639655&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0050143653054261425&cpm=0&verify_hash=80c5f64de0220fd974c4575b802bcaa1&is_native=2&real_bid=0.0014125379094064295&original_bid_usd=0.00171279&original_bid=0.00171279&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,20,27,108,0&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00171279&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000171279&ext_campaign_id_str=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=579f0af5-f405-4738-8162-2d742c780d80&prev_step_diff=843 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/29f3c62edd5.b3742d97fe.com/in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Dc38763acc0&refdom=www.amdahost.com&auction_time=1713926328&subid=1511354673&sid=1384424543&tcid=0&ver=8.158.1&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-24&iabcat=IAB25-3&keywords=adult&user_fp=7569918116057693203&score=44.47127105370553&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Dc38763acc0%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fclicksbroxyz.com%2Fb2%2Fc%2Fc%2Fredir%3Fcid%3D17%26did%3DTFtyZlI%26eid%3D13307%26nid%3D10010%26sid%3D3286073372MhmEPsfR%26ts%3D1713926328%26ttl%3D300%26v%3Dv5.11.5&icons=V78LIW0iPSdK2Cb9jnKWgbaRY-KB2ZkpxOaJH7-Xvu1GapP9BGNvGRf8Df8Tr_kqeKemT2xjVKZujam3moRaHpcJso8snvBaDIez2Tx9lzJmh7OTtKNUVgm7D67_YPlzJPPEJFrSZfk-aCQOfqfQHSm1kY7IdEjfQ9NKPB-5rvTiVvK5iA&ext_cid=17&px_id=121646602&min_cpm=0.0034989355288725025&out_id=1&campaign_type=lq-pop&aid=3775&cid=16138&uniq=&mid=1085848244355639655&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0050143653054261425&cpm=0&verify_hash=80c5f64de0220fd974c4575b802bcaa1&is_native=2&real_bid=0.0014125379094064295&original_bid_usd=0.00171279&original_bid=0.00171279&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,20,27,108,0&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00171279&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000171279&ext_campaign_id_str=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=579f0af5-f405-4738-8162-2d742c780d80&prev_step_diff=843 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectb3742d97fe.com Fingerprint4B:6C:AE:18:D7:87:52:D9:E2:F3:DB:91:2B:54:44:60:53:38:EF:92 ValiditySat, 20 Apr 2024 14:01:53 GMT - Fri, 19 Jul 2024 14:01:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Dc38763acc0&refdom=www.amdahost.com&auction_time=1713926328&subid=1511354673&sid=1384424543&tcid=0&ver=8.158.1&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-24&iabcat=IAB25-3&keywords=adult&user_fp=7569918116057693203&score=44.47127105370553&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Dc38763acc0%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fclicksbroxyz.com%2Fb2%2Fc%2Fc%2Fredir%3Fcid%3D17%26did%3DTFtyZlI%26eid%3D13307%26nid%3D10010%26sid%3D3286073372MhmEPsfR%26ts%3D1713926328%26ttl%3D300%26v%3Dv5.11.5&icons=V78LIW0iPSdK2Cb9jnKWgbaRY-KB2ZkpxOaJH7-Xvu1GapP9BGNvGRf8Df8Tr_kqeKemT2xjVKZujam3moRaHpcJso8snvBaDIez2Tx9lzJmh7OTtKNUVgm7D67_YPlzJPPEJFrSZfk-aCQOfqfQHSm1kY7IdEjfQ9NKPB-5rvTiVvK5iA&ext_cid=17&px_id=121646602&min_cpm=0.0034989355288725025&out_id=1&campaign_type=lq-pop&aid=3775&cid=16138&uniq=&mid=1085848244355639655&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0050143653054261425&cpm=0&verify_hash=80c5f64de0220fd974c4575b802bcaa1&is_native=2&real_bid=0.0014125379094064295&original_bid_usd=0.00171279&original_bid=0.00171279&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,20,27,108,0&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00171279&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000171279&ext_campaign_id_str=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=579f0af5-f405-4738-8162-2d742c780d80&prev_step_diff=843 HTTP/1.1
Host: 9f3c62edd5.b3742d97fe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 02:38:49 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 9f3c62edd5.b3742d97fe.com/in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Dc38763acc0&refdom=www.amdahost.com&auction_time=1713926328&subid=1511354673&sid=1384424543&tcid=0&ver=8.158.1&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-24&iabcat=IAB25-3&keywords=adult&user_fp=7569918116057693203&score=44.47127105370553&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Dc38763acc0%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DMrPeCM9rtHKhAQI575_MmSDn057MjXqeZHlhtsRupI7D6WI5iXs9ia2VN6pbUL7AFAIy3SM5x7lGuaznFHexLCvTD_7ptUpV2p6UFUHU7h5-1dK_ubQzvKTd8e_Sj1wAfR2rPNHHXcmJHFSjDJWVt5F71ZEi4LELFIGRxR4Otqo01iUW-n1xSbOQpSkBH-ugXVGgAi9MD2DlfuAQcBt52cFAF1sb0rXBWPO-kf3TZUOnlcyYxg3xErw71wzg_GCqtCydc6auubGwuggatOqQ2oqT3jFm_gz14SLRXyZpvv_3YkV-dpH50ApStahgQhaQJ_LMq3LBYJJWjg4byLJpUIj69IrMbJiixTZVVNfSjjibssmnfa-CJs8c7Wqzn0jFX30n31ICMH4twoFDAH9hiK3i_vIRygQXN1PuMCFNdWLr-2No5fPX0b8w6uB_-ACO9Yja6I3v7ESHB07J3wsR6O6rjeOh_PsJoXGO6B2SbfH3GiZH1FZyIuH2BUNR9JkyuKLQORAAOqQ-C6ZGbCCPSBN_tMSNwZoNl5p-b1PdHhI5jYGEth-oODLHm16IIEPSnlNDZLAv&icons=qtlhSp5HoMhijdLUGK_WsBKey90QK61Uks09n401Max1t4NuGyqF4FkQlcSs940kJw0c6VKGY2SY-3nH9h_UsJgfUznyqgY8dYFuPKzLmgaZCOgXcrtTy-avN5fHoCEvsUENdCDvs3ChUZnFuBJYDnHCgJ4WvsavggUJGzSFSxf8zhbVxwNI6APmgNoUfwRkL83je1Ahz33tKhg4HHs7wI7es__nusnKJdZH4-vJ80XODBnrAifXvBlWR5kHMUjORCz1Q8iwZucfocHloK67hQ92dcb2CugGUuTSTNOCMoUC_cFkz1wi_HbX5rD-UWilzF35qCHhPTXqplfSll7KWkd1xGNvx4_TePGJgjbZen_3Eoi4RkF9F2OrwEWlP8Rpazqgu4ktoq0zMQoDFGpDt7chqG3Uvu1YiiMV1tvAxEhGCLYlwwIg9ZE4Ds6Y0L3IjHTM39y7z9JVr7XbySuIWJKD1OKuHJW2PRg2_fjpwo_zopzAwZXGf3_9VLLglqxmmgD5DaZdRHZ41dXdkD64L1XCJsAs4fEMP0dZ29tNzH1pSLczqGenOXn8mK8McPR_M4A6QDdvbEGEkdp7tJtVfqFJRJL6tnpisvlu0U59UxtHSpD_xyuiw73fmKst9ZvnhrgiDpZIpETWj6QiopnuuoSN8P4RiL6XLolqssSTchrfULH_8b5ShXImI7eHp3r4VQ&ext_cid=0&px_id=31529500&min_cpm=0.03327758904109589&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=1085848244355639655&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.1110990034341312&cpm=0&verify_hash=b5fd4b5aafc209841e5893e78421e6ca&is_native=1&real_bid=0.0032906249910592874&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=1713983928&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F68957372%2F551817_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=0689795f-ceca-4eb1-aa99-56d569ced0b4&prev_step_diff=842 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/29f3c62edd5.b3742d97fe.com/in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Dc38763acc0&refdom=www.amdahost.com&auction_time=1713926328&subid=1511354673&sid=1384424543&tcid=0&ver=8.158.1&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-24&iabcat=IAB25-3&keywords=adult&user_fp=7569918116057693203&score=44.47127105370553&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Dc38763acc0%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DMrPeCM9rtHKhAQI575_MmSDn057MjXqeZHlhtsRupI7D6WI5iXs9ia2VN6pbUL7AFAIy3SM5x7lGuaznFHexLCvTD_7ptUpV2p6UFUHU7h5-1dK_ubQzvKTd8e_Sj1wAfR2rPNHHXcmJHFSjDJWVt5F71ZEi4LELFIGRxR4Otqo01iUW-n1xSbOQpSkBH-ugXVGgAi9MD2DlfuAQcBt52cFAF1sb0rXBWPO-kf3TZUOnlcyYxg3xErw71wzg_GCqtCydc6auubGwuggatOqQ2oqT3jFm_gz14SLRXyZpvv_3YkV-dpH50ApStahgQhaQJ_LMq3LBYJJWjg4byLJpUIj69IrMbJiixTZVVNfSjjibssmnfa-CJs8c7Wqzn0jFX30n31ICMH4twoFDAH9hiK3i_vIRygQXN1PuMCFNdWLr-2No5fPX0b8w6uB_-ACO9Yja6I3v7ESHB07J3wsR6O6rjeOh_PsJoXGO6B2SbfH3GiZH1FZyIuH2BUNR9JkyuKLQORAAOqQ-C6ZGbCCPSBN_tMSNwZoNl5p-b1PdHhI5jYGEth-oODLHm16IIEPSnlNDZLAv&icons=qtlhSp5HoMhijdLUGK_WsBKey90QK61Uks09n401Max1t4NuGyqF4FkQlcSs940kJw0c6VKGY2SY-3nH9h_UsJgfUznyqgY8dYFuPKzLmgaZCOgXcrtTy-avN5fHoCEvsUENdCDvs3ChUZnFuBJYDnHCgJ4WvsavggUJGzSFSxf8zhbVxwNI6APmgNoUfwRkL83je1Ahz33tKhg4HHs7wI7es__nusnKJdZH4-vJ80XODBnrAifXvBlWR5kHMUjORCz1Q8iwZucfocHloK67hQ92dcb2CugGUuTSTNOCMoUC_cFkz1wi_HbX5rD-UWilzF35qCHhPTXqplfSll7KWkd1xGNvx4_TePGJgjbZen_3Eoi4RkF9F2OrwEWlP8Rpazqgu4ktoq0zMQoDFGpDt7chqG3Uvu1YiiMV1tvAxEhGCLYlwwIg9ZE4Ds6Y0L3IjHTM39y7z9JVr7XbySuIWJKD1OKuHJW2PRg2_fjpwo_zopzAwZXGf3_9VLLglqxmmgD5DaZdRHZ41dXdkD64L1XCJsAs4fEMP0dZ29tNzH1pSLczqGenOXn8mK8McPR_M4A6QDdvbEGEkdp7tJtVfqFJRJL6tnpisvlu0U59UxtHSpD_xyuiw73fmKst9ZvnhrgiDpZIpETWj6QiopnuuoSN8P4RiL6XLolqssSTchrfULH_8b5ShXImI7eHp3r4VQ&ext_cid=0&px_id=31529500&min_cpm=0.03327758904109589&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=1085848244355639655&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.1110990034341312&cpm=0&verify_hash=b5fd4b5aafc209841e5893e78421e6ca&is_native=1&real_bid=0.0032906249910592874&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=1713983928&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F68957372%2F551817_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=0689795f-ceca-4eb1-aa99-56d569ced0b4&prev_step_diff=842 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectb3742d97fe.com Fingerprint4B:6C:AE:18:D7:87:52:D9:E2:F3:DB:91:2B:54:44:60:53:38:EF:92 ValiditySat, 20 Apr 2024 14:01:53 GMT - Fri, 19 Jul 2024 14:01:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Dc38763acc0&refdom=www.amdahost.com&auction_time=1713926328&subid=1511354673&sid=1384424543&tcid=0&ver=8.158.1&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-24&iabcat=IAB25-3&keywords=adult&user_fp=7569918116057693203&score=44.47127105370553&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Dc38763acc0%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DMrPeCM9rtHKhAQI575_MmSDn057MjXqeZHlhtsRupI7D6WI5iXs9ia2VN6pbUL7AFAIy3SM5x7lGuaznFHexLCvTD_7ptUpV2p6UFUHU7h5-1dK_ubQzvKTd8e_Sj1wAfR2rPNHHXcmJHFSjDJWVt5F71ZEi4LELFIGRxR4Otqo01iUW-n1xSbOQpSkBH-ugXVGgAi9MD2DlfuAQcBt52cFAF1sb0rXBWPO-kf3TZUOnlcyYxg3xErw71wzg_GCqtCydc6auubGwuggatOqQ2oqT3jFm_gz14SLRXyZpvv_3YkV-dpH50ApStahgQhaQJ_LMq3LBYJJWjg4byLJpUIj69IrMbJiixTZVVNfSjjibssmnfa-CJs8c7Wqzn0jFX30n31ICMH4twoFDAH9hiK3i_vIRygQXN1PuMCFNdWLr-2No5fPX0b8w6uB_-ACO9Yja6I3v7ESHB07J3wsR6O6rjeOh_PsJoXGO6B2SbfH3GiZH1FZyIuH2BUNR9JkyuKLQORAAOqQ-C6ZGbCCPSBN_tMSNwZoNl5p-b1PdHhI5jYGEth-oODLHm16IIEPSnlNDZLAv&icons=qtlhSp5HoMhijdLUGK_WsBKey90QK61Uks09n401Max1t4NuGyqF4FkQlcSs940kJw0c6VKGY2SY-3nH9h_UsJgfUznyqgY8dYFuPKzLmgaZCOgXcrtTy-avN5fHoCEvsUENdCDvs3ChUZnFuBJYDnHCgJ4WvsavggUJGzSFSxf8zhbVxwNI6APmgNoUfwRkL83je1Ahz33tKhg4HHs7wI7es__nusnKJdZH4-vJ80XODBnrAifXvBlWR5kHMUjORCz1Q8iwZucfocHloK67hQ92dcb2CugGUuTSTNOCMoUC_cFkz1wi_HbX5rD-UWilzF35qCHhPTXqplfSll7KWkd1xGNvx4_TePGJgjbZen_3Eoi4RkF9F2OrwEWlP8Rpazqgu4ktoq0zMQoDFGpDt7chqG3Uvu1YiiMV1tvAxEhGCLYlwwIg9ZE4Ds6Y0L3IjHTM39y7z9JVr7XbySuIWJKD1OKuHJW2PRg2_fjpwo_zopzAwZXGf3_9VLLglqxmmgD5DaZdRHZ41dXdkD64L1XCJsAs4fEMP0dZ29tNzH1pSLczqGenOXn8mK8McPR_M4A6QDdvbEGEkdp7tJtVfqFJRJL6tnpisvlu0U59UxtHSpD_xyuiw73fmKst9ZvnhrgiDpZIpETWj6QiopnuuoSN8P4RiL6XLolqssSTchrfULH_8b5ShXImI7eHp3r4VQ&ext_cid=0&px_id=31529500&min_cpm=0.03327758904109589&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=1085848244355639655&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.1110990034341312&cpm=0&verify_hash=b5fd4b5aafc209841e5893e78421e6ca&is_native=1&real_bid=0.0032906249910592874&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=1713983928&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F68957372%2F551817_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=0689795f-ceca-4eb1-aa99-56d569ced0b4&prev_step_diff=842 HTTP/1.1
Host: 9f3c62edd5.b3742d97fe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 02:38:49 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=16b75b4e-3759-49ee-9e46-bff4e2c84707&prev_step_diff=843 | 45.133.44.24 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=16b75b4e-3759-49ee-9e46-bff4e2c84707&prev_step_diff=843 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=16b75b4e-3759-49ee-9e46-bff4e2c84707&prev_step_diff=843 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:49 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Thu, 24 Apr 2025 02:38:49 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.24 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:49 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Thu, 24 Apr 2025 02:38:49 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQy4DOlElkWitaryKONGzXKiNYtfgArUqhvkwlHSQizQPLnbTO4p-0yjs0ZffIq1slN61muHSw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2046445710%3A1713926328906081&theme=mn&ddm=0 | 173.194.220.84 | 403 Forbidden | 804 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQy4DOlElkWitaryKONGzXKiNYtfgArUqhvkwlHSQizQPLnbTO4p-0yjs0ZffIq1slN61muHSw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2046445710%3A1713926328906081&theme=mn&ddm=0 IP173.194.220.84:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators Hash75d09d9bfb955490d4ab262de61463a1 f618392a4e801d180fd8378bdd5f3910ee9b7a95 3a7f8801244eddc2235eec465dcc167605cef855899746de86ad118214a41f15
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQy4DOlElkWitaryKONGzXKiNYtfgArUqhvkwlHSQizQPLnbTO4p-0yjs0ZffIq1slN61muHSw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2046445710%3A1713926328906081&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 02:38:48 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-aWy7t9YJCwY2MaODtWDF5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| img.vmmcdn.com/get/68957372/551817_image.jpg | 46.4.121.113 | 200 OK | 12 kB |
URL GET HTTP/2img.vmmcdn.com/get/68957372/551817_image.jpg IP46.4.121.113:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com Fingerprint35:E7:50:83:81:F0:56:72:43:78:A5:4D:BF:00:F7:2C:AD:25:0F:C4 ValiditySat, 13 Apr 2024 08:24:46 GMT - Fri, 12 Jul 2024 08:24:45 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3 Hashee921bcd225785444d8ab128ca1d0941 e92f5588c738df6912e3658d883aeb66b486560b 4da4a312766a4b2e3cb69b5d7188a4b073e757ae350687ac22b3dfa81fccf15c
GET /get/68957372/551817_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Wed, 24 Apr 2024 02:38:49 GMT
content-type: image/jpeg
content-length: 12075
last-modified: Wed, 27 Mar 2024 08:33:26 GMT
cache-control: public, max-age=604800
etag: "6603d9d6-2f2b"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| img.vmmcdn.com/get/5547812/551817_icon.png | 46.4.121.113 | 200 OK | 25 kB |
URL GET HTTP/2img.vmmcdn.com/get/5547812/551817_icon.png IP46.4.121.113:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com Fingerprint35:E7:50:83:81:F0:56:72:43:78:A5:4D:BF:00:F7:2C:AD:25:0F:C4 ValiditySat, 13 Apr 2024 08:24:46 GMT - Fri, 12 Jul 2024 08:24:45 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash883783cd48dc393c2392934e24de3541 0ce725f07cc64b22ce1f2c2c39319223e77efe73 56c61149f8e44313af0ebe436c53911aecf9131b08c1fbb434b69bf562bccf48
GET /get/5547812/551817_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Wed, 24 Apr 2024 02:38:49 GMT
content-type: image/png
content-length: 25410
last-modified: Wed, 27 Mar 2024 08:33:26 GMT
cache-control: public, max-age=604800
etag: "6603d9d6-6342"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 492
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=c38763acc0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 02:39:06 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8792b89489ad5688-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 | 104.16.80.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP104.16.80.73:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19261), with no line terminators Hash3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7f28e0db4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 77b0619134.fc29334d79.com/845d4eccb8b04ca53d43ec61120692d7.js | 45.133.44.53 | 200 OK | 470 kB |
URL GET HTTP/277b0619134.fc29334d79.com/845d4eccb8b04ca53d43ec61120692d7.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject77b0619134.fc29334d79.com Fingerprint7C:5D:FD:64:21:60:56:AB:E1:87:1F:F0:AE:77:A4:6A:15:0E:07:E2 ValiditySun, 21 Apr 2024 02:20:16 GMT - Sat, 20 Jul 2024 02:20:15 GMT
Size470 kB (470121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /845d4eccb8b04ca53d43ec61120692d7.js HTTP/1.1
Host: 77b0619134.fc29334d79.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:48 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Wed, 24 Apr 2024 02:43:48 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/venor.php | 95.211.229.245 | 200 OK | 1 B |
IP95.211.229.245:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
File typevery short file (no magic) Hashcfcd208495d565ef66e7dff9f98764da b6589fc6ab0dc82cf12099d1c2d40ab994e8410c 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /venor.php HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 02:38:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| news-galuzo.cc/process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 | 193.108.117.211 | 200 OK | 27 kB |
URL GET HTTP/2news-galuzo.cc/process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 IP193.108.117.211:443 ASN#63023 AS-GLOBALTELEHOST
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject*.news-galuzo.cc Fingerprint29:96:67:1F:2C:DD:23:45:EA:5F:11:0B:F4:0B:E7:D5:0D:C3:D1:FB ValidityMon, 15 Apr 2024 08:11:44 GMT - Sun, 14 Jul 2024 08:11:43 GMT
File typeJavaScript source, ASCII text, with very long lines (26456) Hashd4e43bfcb590860f5b15075a87a4b3ee 5c6c4bca081bea20e06f478b2dae92525613c5c1 e029693e4b2258b217cec30a2f2c4110368002304a3ff6644c2fbd79e39f76cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP/1.1
Host: news-galuzo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 77b0619134.fc29334d79.com/dc40f5fa2f211995ee343f495eb144ad/161855?version_name=a | 45.133.44.53 | 200 OK | 2.4 kB |
URL GET HTTP/277b0619134.fc29334d79.com/dc40f5fa2f211995ee343f495eb144ad/161855?version_name=a IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject77b0619134.fc29334d79.com Fingerprint7C:5D:FD:64:21:60:56:AB:E1:87:1F:F0:AE:77:A4:6A:15:0E:07:E2 ValiditySun, 21 Apr 2024 02:20:16 GMT - Sat, 20 Jul 2024 02:20:15 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2744), with no line terminators Hash57ed9e8789c799ac1c0cb88a331fc507 9499433765f97a3c779b7bd8bb0c6d61001bbe70 23725421b5fecd31ac898b0c3b41b8d7dfef35d750da060be73c3d6350b3e5ca
GET /dc40f5fa2f211995ee343f495eb144ad/161855?version_name=a HTTP/1.1
Host: 77b0619134.fc29334d79.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Wed, 24 Apr 2024 02:43:42 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/images/close-icon.svg | 185.76.9.14 | 200 OK | 265 B |
URL GET HTTP/2s3t3d2y8.afcdn.net/images/close-icon.svg IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeSVG Scalable Vector Graphics image Hash0e1e3b1614a46466d9535037923e7c34 f8d10a742cd0197a10a041cf447d0dbd3371d07c f66b1cc574e4967cf5417ef445ac663aa9a2ec3cf1c0d23eb1b4c59808237ee0
GET /images/close-icon.svg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 18 Oct 2022 10:37:28 GMT
etag: W/"634e81e8-109"
expires: Wed, 25 Oct 2023 02:26:39 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3LKCIAQ
x-77-nzt-ray: c0a4cc2813b5d81eb3702866a247441c
x-accel-expires: @1719731207
x-accel-date: 1688195207
x-cache: HIT
x-age: 25731116
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 25731116
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.xadsmart.com/PDgMwm/xJSLite.min.js | 185.76.9.22 | 200 OK | 37 kB |
URL GET HTTP/2www.xadsmart.com/PDgMwm/xJSLite.min.js IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject1376341044.rsc.cdn77.org Fingerprint9E:BC:DC:BC:06:2C:01:7D:11:A9:9F:DB:DC:7A:40:7B:9F:8F:B5:F8 ValidityTue, 20 Feb 2024 02:39:34 GMT - Mon, 20 May 2024 02:39:33 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hashd7dbed577604f50549a63b03bfa18401 1b5458668c7aecbee06b22b21ff6be9a96794393 8a336c5e8047e5d1ec3ace133f6312b27670d7b3d8f30d32b7a611f0a7714860
GET /PDgMwm/xJSLite.min.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb9
expires: Sat, 27 Apr 2024 00:15:03 GMT
access-control-allow-origin: https://www.amdahost.com
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJFAH3yWYFAAwBuUwKDAH30AAAAAwBJRPCLgH3EQAAAA
x-77-nzt-ray: af585630aada600db1702866eb0b9d30
x-accel-expires: @1714176903
x-accel-date: 1713572328
x-77-cache: HIT
x-77-age: 354218
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 353993
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxE2MZTUlFQht8G-iKX10qVocX8LqJyCZ1JYTVjodcpkEv1MJ0VYDTfVlCzNkD7wLmH9u8J&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-16585689%3A1713926324133455&theme=mn&ddm=0 | 173.194.220.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxE2MZTUlFQht8G-iKX10qVocX8LqJyCZ1JYTVjodcpkEv1MJ0VYDTfVlCzNkD7wLmH9u8J&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-16585689%3A1713926324133455&theme=mn&ddm=0 IP173.194.220.84:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxE2MZTUlFQht8G-iKX10qVocX8LqJyCZ1JYTVjodcpkEv1MJ0VYDTfVlCzNkD7wLmH9u8J&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-16585689%3A1713926324133455&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 02:38:44 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-Ta2anbtVA0ijpzLKnFNKYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 12ezo5v60.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.202 | 200 OK | 157 kB |
URL GET HTTP/212ezo5v60.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Size157 kB (156994 bytes) Hashe85d25a4243e199c22893ca6a183c97f 05eb6af38ef7ec7c8346bdb5e8a1b4c281bf69e0 dddef9b008b9fcad2e05f22ab36657caa7db0475b6f449ca7fe2a73bbe15026d
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:48:08 GMT
vary: Accept-Encoding
etag: W/"6627ca28-26588"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| imgsdn.com/ie?v=4&c=PXOP-r6cYmT8dZJNTDtLwbtqz4ds94i_bfw3Zj31Ny0X4p_91nxGU90FpQXbz-vd12DM3ulE8IIqAIIL9R9U6AdKyHWPrI7vJQmbe9t017R-4jfyE7fr764Eex6weux3btslE6CFXHm5qzalDpy07N_SK0_H7aOmm-6WR9Lt8Il-MM4KTmc73r4_ugHmJJt1BRzLu2Wt1lLvyO3PTxeCrRYkPZj4F4OZqvO8WjXe1b1wJM9wEwTRFJ5X4UOSwe4ON5MJx5gqFBpZQmdKTI6TTATtHntNnM103Yvjdvv2fzl5QInN1ZrdnVHxarPcqFV3_oTAkNaaSELGhCK7QrIMKFP0q6-RTUB1S919fVV3F15SLGfLblEYU9rNoQPcP5Q1FIWOjECMLHPB2dXTHStoOtUJQ5y8QbG3HFzgIKEfoNQ2IlGdac2H4f2la5Ix&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=570bf4b7-356c-4e89-af27-6005323cc8f1&prev_step_diff=842 | 213.239.207.252 | 301 Moved Permanently | 25 kB |
URL GET HTTP/1.1imgsdn.com/ie?v=4&c=PXOP-r6cYmT8dZJNTDtLwbtqz4ds94i_bfw3Zj31Ny0X4p_91nxGU90FpQXbz-vd12DM3ulE8IIqAIIL9R9U6AdKyHWPrI7vJQmbe9t017R-4jfyE7fr764Eex6weux3btslE6CFXHm5qzalDpy07N_SK0_H7aOmm-6WR9Lt8Il-MM4KTmc73r4_ugHmJJt1BRzLu2Wt1lLvyO3PTxeCrRYkPZj4F4OZqvO8WjXe1b1wJM9wEwTRFJ5X4UOSwe4ON5MJx5gqFBpZQmdKTI6TTATtHntNnM103Yvjdvv2fzl5QInN1ZrdnVHxarPcqFV3_oTAkNaaSELGhCK7QrIMKFP0q6-RTUB1S919fVV3F15SLGfLblEYU9rNoQPcP5Q1FIWOjECMLHPB2dXTHStoOtUJQ5y8QbG3HFzgIKEfoNQ2IlGdac2H4f2la5Ix&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=570bf4b7-356c-4e89-af27-6005323cc8f1&prev_step_diff=842 IP213.239.207.252:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectnimrute.com FingerprintFE:11:FD:FB:69:FC:E9:22:01:AE:4B:9D:F5:85:C9:1C:FF:4D:44:D4 ValidityMon, 12 Feb 2024 14:13:04 GMT - Sun, 12 May 2024 14:13:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=PXOP-r6cYmT8dZJNTDtLwbtqz4ds94i_bfw3Zj31Ny0X4p_91nxGU90FpQXbz-vd12DM3ulE8IIqAIIL9R9U6AdKyHWPrI7vJQmbe9t017R-4jfyE7fr764Eex6weux3btslE6CFXHm5qzalDpy07N_SK0_H7aOmm-6WR9Lt8Il-MM4KTmc73r4_ugHmJJt1BRzLu2Wt1lLvyO3PTxeCrRYkPZj4F4OZqvO8WjXe1b1wJM9wEwTRFJ5X4UOSwe4ON5MJx5gqFBpZQmdKTI6TTATtHntNnM103Yvjdvv2fzl5QInN1ZrdnVHxarPcqFV3_oTAkNaaSELGhCK7QrIMKFP0q6-RTUB1S919fVV3F15SLGfLblEYU9rNoQPcP5Q1FIWOjECMLHPB2dXTHStoOtUJQ5y8QbG3HFzgIKEfoNQ2IlGdac2H4f2la5Ix&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=570bf4b7-356c-4e89-af27-6005323cc8f1&prev_step_diff=842 HTTP/1.1
Host: imgsdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Wed, 24 Apr 2024 02:38:49 GMT
content-length: 0
location: https://img.vmmcdn.com/get/5547812/551817_icon.png
x-app-id: 12
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 104.21.40.89 | 200 OK | 7.9 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7850), with no line terminators Hash4e3cc542ba7085be85686d5b802ad683 4e94c3fd06af8e32e7e40fa3152205e23790814d 610766de774808a7448d42b30be03e3996434be75a55426c71cde8eaa6b7783f
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: br
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6p%2B13MS9mBT1C4RZvsDmJDcpOKRaKu2Z67jlURaLzZDRZBIEiu7O3fuQRnXlGQ1JYf%2BMIlzoEfNotCaOR0wF2CkROwtKvb%2BBWZcQMmjp6qC1kpxW2WKUBSNlYN4dHVTOshmX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8792b7fa9eed5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 77b0619134.fc29334d79.com/5bf605522b3ab7f41d0805d06cb8f962.js | 45.133.44.53 | 200 OK | 168 kB |
URL GET HTTP/277b0619134.fc29334d79.com/5bf605522b3ab7f41d0805d06cb8f962.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject77b0619134.fc29334d79.com Fingerprint7C:5D:FD:64:21:60:56:AB:E1:87:1F:F0:AE:77:A4:6A:15:0E:07:E2 ValiditySun, 21 Apr 2024 02:20:16 GMT - Sat, 20 Jul 2024 02:20:15 GMT
Size168 kB (168545 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5bf605522b3ab7f41d0805d06cb8f962.js HTTP/1.1
Host: 77b0619134.fc29334d79.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 18 Apr 2024 12:59:21 GMT
etag: W/"66211929-29261"
content-encoding: gzip
expires: Wed, 24 Apr 2024 02:43:43 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/includes/update_visits.php | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/includes/update_visits.php IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 54
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=c38763acc0
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780; cf_clearance=qpo7UxJDo8kHtTh4oN4kRh5LfKnOz03oRGWIzhn5Xfc-1713926322-1.0.1.1-pCNsC0n.jIRQRQn5cxdk4jmQ1dzx.IBT0gDMIek8a0oRaaq89KGP01SH501m5T4Qnhn7BmlNsBHtoMZ4N7gsSg; a=xbJnlOEHOCaBHrmluT0E89EWwy8FSifU; zone-cap-5263454=1; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAArLUqw0JEV6V8RYrZGpwL9F1WMJJkBUZtp8qARUMyrh5DGahbtVg_dOIWMfKUWHfjSprjvvykk67peU9EEi3YehsU-jYy518NXjbLml7Z65D1Cr2kKwPjM9vlQpdpSaEEfM0D3LtRr1BxHiRm9rM3j_IklDJBd9j-h3bHgQLTZx5qdSy1fZCV1LDefHfUHmmtbapfDyqYJqs9HM0a-lOX2u6SYgfKZjYW04pnt5XfB5FOMl9neGTuYmfboIMee_7wJoqJsolRhoC6nr47PbkSLq3PjE4gWqeiGVXqgBq6dG7oHniMimBooW5AFscaonrQAoCP348gzXShoMdhgnbCiyAX70gmp1EdWhOoKvG86u2fNxhbtLla3L-88W7R_VU70qY0qiGM4QCQDSItO0mrQjMI6rGbn7VtENEYNcDg9Mp5LvRKG0K-upKQCMaKTrCH0e5RrNaDif1hbwFh5cicyhgBXb1zoQjJl9XSMBmPVEw-kKCMeuTPc4aPFC3M6KQFRo-KRaZdHSWcKYbfJObm_aF6qcAAYDH-FgesyUrorqjDPsKLnwqpiwVV_F-gBlmWOG7imPYZs1E4Jq4PjL1XK5rBdfv6o4CE79l_CJ-saXmZcDR4rt6wgvIXOOmZo-dR25PtWt2lwLjHsI-fLUcMiwrdgfrDs-deSxKMg7_ucyTVw-kE7ipuaTWa7RQFO0j1WL5ZCbLB0LqYgwHwPJ4K4Lpn4NL9hrF8y2sDsF0ppvXVlLrB_DH0rNORa8JvV9GT1b_sPdXzS1P1Y4OUAFBtOPvyJXoZJS-GvXWwZMG-gEe8kWH7lxFk_9bAgdcULRhI2j58Gmn4Ic13W-EWmIpFMfLPvqYZ7TrQksitdWzcqmC3fsrddmwVdtXe1rhlUzKteIWmOVMyllupjSrFE52YuudP6YYKwIqCIad9yD_8IagzrZfaSYnBgjV5BayNAyHeNT9YNia9qAee1Nk1NyfKPOi4LTly0t6_pvUwEegP7O9; _popprepop=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:57 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5132HntUvTTbpNCEEe92KsST6c4EZ7SbL36TfscqNp%2Bk56Mj%2F8VMmWI%2FHuth4cIFMqr8kGyPFhT2NSYf1lKFlb3nV6zkVdQvtMR%2F95l9V5i7XL1D2XX2KiYCkbduCghEKfW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8792b8586fcf5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| s3t3d2y8.afcdn.net/library/344676/ac01519765c5a0a2b3a171b51a774cda0a703195.webp | 185.76.9.14 | 200 OK | 6.9 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/344676/ac01519765c5a0a2b3a171b51a774cda0a703195.webp IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp Hash99a3343ac7621ba8206ae4ff9362a24c ac01519765c5a0a2b3a171b51a774cda0a703195 591ecdfbeeb5ae2809d1410921fcf8c6a2072ff69b6ce1ace9cf04ab0aa56bfa
GET /library/344676/ac01519765c5a0a2b3a171b51a774cda0a703195.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: image/webp
content-length: 6918
last-modified: Mon, 20 Dec 2021 01:13:17 GMT
etag: "61bfd8ad-1b06"
expires: Tue, 24 Oct 2023 17:18:53 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH32doBAA
x-77-nzt-ray: c0a4cc2813b5d81eb3702866a7e8231a
x-accel-expires: @1733706172
x-accel-date: 1713804762
x-cache: HIT
x-age: 121561
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 121561
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a.pemsrv.com/popunder1000.js | 185.76.9.17 | 200 OK | 100 kB |
URL GET HTTP/2a.pemsrv.com/popunder1000.js IP185.76.9.17:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder1000.js HTTP/1.1
Host: a.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"d9d3b543c03e218b51fa2081f01"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 23 Apr 2024 17:10:11 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3oQYAAAwBuUwKDAH3EQAAAAwBnJIhJwH3AwAAAA
x-77-nzt-ray: c0a4cc289ab20811b1702866e45a3a39
x-accel-expires: @1713935424
x-accel-date: 1713924624
x-77-cache: HIT
x-77-age: 1717
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 1697
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/get/2020088?zoneid=2020088&jp=_cl7ozf9pdloikeq01fghzm&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8556573176696832&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 2.9 kB |
URL GET HTTP/2ku42hjr2e.com/get/2020088?zoneid=2020088&jp=_cl7ozf9pdloikeq01fghzm&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8556573176696832&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeASCII text, with very long lines (3259), with no line terminators Hashdd93578dfe6684ab02a2eb58e3503254 cd12a4587f6a5ed16a4954f1d5533c060eb21658 58b1d4ae248e6dafecace19e033706cd7df252694589c843885d065e02ade7c0
GET /get/2020088?zoneid=2020088&jp=_cl7ozf9pdloikeq01fghzm&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8556573176696832&eclog=0&im=1&uf=0 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 28 May 2025 02:38:41 GMT; Secure; SameSite=None
UID=24042321389fd0d3d19c084b2baf9fc59981; Path=/; Expires=Wed, 28 May 2025 02:38:41 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.25 | 200 OK | 233 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65463) Size233 kB (232616 bytes) Hash9829e8e730a9125e695789512d85177a e20a0d55ab1722ef3ad13741a2b8975413d43909 7c38ede4727de973827091514a83d24a039bda1d0d4cac219eb20571a2cc3698
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3Y0UAAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af5856301cc71204b1702866e3e5890a
x-accel-expires: @1713994958
x-accel-date: 1713908558
x-77-cache: HIT
x-77-age: 17763
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 17763
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/ | 172.67.41.16 | 302 Found | 366 kB |
IP172.67.41.16:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size366 kB (365681 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 02:38:41 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::gfprq-1713925689046-a2640ed7a7a9
cf-cache-status: HIT
age: 604
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b7f278b856b5-OSL
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/get/2020090?zoneid=2020090&jp=_clin3hou7y8dptehz3n410&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4897398479521792&eclog=0&im=1&freq=0&uf=0 | 212.117.190.202 | 200 OK | 6.7 kB |
URL GET HTTP/212ezo5v60.com/get/2020090?zoneid=2020090&jp=_clin3hou7y8dptehz3n410&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4897398479521792&eclog=0&im=1&freq=0&uf=0 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeASCII text, with very long lines (6856), with no line terminators Hash46f7216293d49632433ad3faf452da82 1bd6af53c6ec1f81834e8e767e6e81597ddb4a29 507adfb5bbda00651e36f9ee46a5b2bfba528c85402cc80ec47cb49c0b3dd7eb
GET /get/2020090?zoneid=2020090&jp=_clin3hou7y8dptehz3n410&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4897398479521792&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 28 May 2025 02:38:42 GMT; Secure; SameSite=None
UID=2404232138735713654ee542e38bb03b44bd; Path=/; Expires=Wed, 28 May 2025 02:38:42 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 82 kB |
IP104.17.167.186:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 25 May 2024 02:38:43 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 459766
vary: Accept-Encoding
server: cloudflare
cf-ray: 8792b800fa24b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1825), with no line terminators Hash785af4cad14c8087afd0b4ca069742ba b81dc83d9ec505a925e3da6bac340491a13460af dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 02:38:41 GMT
date: Wed, 24 Apr 2024 02:38:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.106 | 200 OK | 802 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (820), with no line terminators Hash19b781ab6f09786f5d9e86ac26de083d 11ca72183489143542fafe4efb122b11f9b4c1d9 e17e04ca3c38fa955e6789b4818c7c24ffd3a99eae0830a01ca51ed8e968db8a
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 02:38:41 GMT
date: Wed, 24 Apr 2024 02:38:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 104.21.40.89 | 200 OK | 3.2 kB |
URL GET HTTP/3www.amdahost.com/css/root.css IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=c38763acc0
Cookie: PHPSESSID=750606aec8775db06083e12b34c65780
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 69
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFyIYmLZUGgBmZs6O3TqSYl64OGFSTKCNaYDhpxdEMeNCKLBfXlI8Q4pXIOBGngSbZ6mqahyju8UPyLOAWkjrjRzVi2lv1cUBv75SCdQ7yxnXFeqetIKbZIeq3h6GoHJS4rV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8792b7f25c855688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 77b0619134.fc29334d79.com/d9996a1e8bccf4004298e7437d4835a6.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/277b0619134.fc29334d79.com/d9996a1e8bccf4004298e7437d4835a6.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerLet's Encrypt Subject77b0619134.fc29334d79.com Fingerprint7C:5D:FD:64:21:60:56:AB:E1:87:1F:F0:AE:77:A4:6A:15:0E:07:E2 ValiditySun, 21 Apr 2024 02:20:16 GMT - Sat, 20 Jul 2024 02:20:15 GMT
Size109 kB (109340 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d9996a1e8bccf4004298e7437d4835a6.js HTTP/1.1
Host: 77b0619134.fc29334d79.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:42 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Wed, 24 Apr 2024 02:43:42 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8556573176696832&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2ku42hjr2e.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8556573176696832&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.227&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8556573176696832&eclog=0&im=1 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: UID=240423213861688eea3ee240d7b45edac6f2; Path=/; Expires=Wed, 28 May 2025 02:38:41 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Wed, 28 May 2025 02:38:41 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/watch.php?id=c38763acc0 | 104.21.40.89 | 200 OK | 37 kB |
URL User Request GET HTTP/2www.amdahost.com/watch.php?id=c38763acc0 IP104.21.40.89:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeHTML document, ASCII text, with very long lines (12986), with CRLF, LF line terminators Hash2747a4764f310cbabfb4bc41f3c32d38 c8aeb127b9a37a69b7f7267e145868aab19664dd 300e6626ab2ac5516df789d25b3fca20c6c0c7ab56293488030ca0e053987554
GET /watch.php?id=c38763acc0 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:40 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=750606aec8775db06083e12b34c65780; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWLwnjh9pu%2Byt4B3W73ikBJMQ%2FotNcNk%2F%2F47wtH733YRIHnKcQam2Q5B5W3fNEQcjCxldWZD6jg3vropvDxwYN81pOejG8%2BHn6GO6RuYaS3jJGccwuGdu6oxXmTLLCiGbgh3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8792b7eeecbab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.106 | 200 OK | 789 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (807), with no line terminators Hash6f717af0e726a10479b7e8bed93e5142 a115121febff939512aba08376c87856e8eb7d81 3f2d568b6fb6321a2e59f992275a60a22c904f5e8d84b7c6e43b1bb702ae86db
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 02:38:41 GMT
date: Wed, 24 Apr 2024 02:38:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 882 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (919), with no line terminators Hash053b1fe641da8057571d40ebaf1624ab 09b2648b7d08c84621298f0b939cea5170a65022 6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:38:43 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 443765823a42ef290f1befada43ccd9f
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yT6p%2BJNrlcLlFz9IMu4tWdlIa1%2BrlUZHveQPPH2oetpnOaNzLBffS8Q9MfRzdOC7vgrGEXM%2BM0qFeVNQoEnY%2B38yq6IvPC%2BVy3mI8XHIK9jn5SGYJ0lP2viIDzlQ4sIzL1SwOuYkp0agNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8792b8011a985696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/aas/r45d/vki/2020088/3f23ef09.js | 212.117.190.201 | 200 OK | 105 kB |
URL GET HTTP/2ku42hjr2e.com/aas/r45d/vki/2020088/3f23ef09.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=c38763acc0 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65106) Size105 kB (104801 bytes) Hash95c73d20559421fd42d7056f584b26d1 8f93f1fe65700988e01cc6b3edba3b61e1bd5d2f fd7e33717eb84287405bc20e2e6d8981ffcdaaf50c99d8362a457309d46f3b32
GET /aas/r45d/vki/2020088/3f23ef09.js HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 02:38:41 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:48:08 GMT
vary: Accept-Encoding
etag: W/"6627ca28-199a7"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|