200 OK 10 kB URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2862)
Hash 7ba1a39f342b44a59e5ad5f2fad8263c
8bdf7584f879d1e3bed1520de47a48f1dcabb8dc
e1e13764a533bb7528680f3509268914acb8bcbf9be7907f66421d9773bb1c91
GET / HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D; expires=Sat, 09-Dec-2023 16:13:58 GMT; Max-Age=86400; path=/; httponly; samesite=lax
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10241
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.googletagmanager.com/gtag/js?id=G-747YJ74QHW
200 OK 86 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-747YJ74QHW
IP
Requested by https://amongus-online.net/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3034)
Hash 79eda4ef005b0b8f9491adc3711e71b0
4751a10dae00024dd4a2f374d9e18bc1ffffe208
83fe65b245fb66b17873fe5352463fb1ebf9f3fb365845a5f46f0598971ef022
GET /gtag/js?id=G-747YJ74QHW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 16:13:58 GMT
expires: Fri, 08 Dec 2023 16:13:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85531
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
amongus-online.net/css/main-c.css
200 OK 1.5 kB URL GET HTTP/1.1 amongus-online.net/css/main-c.css
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type ASCII text, with very long lines (4184)
Hash 25ac4044883ff99c7b28d247b2cef3b1
51577954f7c1b2ada99c1aa47d14b32105d4f30d
74f9da6f7ba738d2e4cf7dd0fb6a1ade6f797ace7f430bb838e8c103bbc25bf8
GET /css/main-c.css HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "15c2-5d0faeefa54b0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1487
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
amongus-online.net/js/prebid-ads.js
200 OK 23 B URL GET HTTP/1.1 amongus-online.net/js/prebid-ads.js
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type ASCII text, with no line terminators
Hash 4db2bdbd782ffd7893753c98392177c9
db525e58f8bdfe6275d7cbb4e868c307aca87dc4
78adde2ffe4860f64cf538c1bb27dbe378b40eda62d07ab34916c12dcb6f4c3b
GET /js/prebid-ads.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 03:17:56 GMT
ETag: "17-5d0f37cfc245f"
Accept-Ranges: bytes
Content-Length: 23
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
cdn.applixir.com/applixir.sdk3.0m.js
200 OK 12 kB URL GET HTTP/2 cdn.applixir.com/applixir.sdk3.0m.js
IP
Requested by https://amongus-online.net/
Certificate IssuerAmazon
Subject*.applixir.com
Fingerprint0A:96:81:D6:5C:20:2B:F6:85:6F:D9:F9:6D:C4:E3:45:5B:52:A9:A6
ValidityMon, 15 May 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (12261), with no line terminators
Hash 090ce2b49889e798c482990e75bb868f
f6ec4ec209966cf54be00cb5d98be29d2334af83
c916964bfd8f839e159c7625f69ba6977f7e743765a218838071d5cb119bb9a8
GET /applixir.sdk3.0m.js HTTP/1.1
Host: cdn.applixir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 12261
date: Thu, 07 Dec 2023 23:07:54 GMT
last-modified: Thu, 07 Dec 2023 23:07:30 GMT
etag: "090ce2b49889e798c482990e75bb868f"
x-amz-server-side-encryption: AES256
x-amz-version-id: vaw6505NeVEQaNr0B9q2hvkJ045HdviQ
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _yK5BzrecOqjWroIB-0rLieJLb3JxIF_Vt-i_csMsFiMALuVbFSFDA==
age: 61565
X-Firefox-Spdy: h2
amongus-online.net/css/main-g.css
200 OK 120 B URL GET HTTP/1.1 amongus-online.net/css/main-g.css
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
Hash d3a7ae6c303d4cc74e09f922f506920a
6f0c68761fae53efac2e6d6bd826b80852415785
9b4bf190214cef5f32207a563a2b401bdd892ece19e7c2ea957beaf84cce467d
GET /css/main-g.css HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 04 Nov 2021 06:09:12 GMT
ETag: "cc-5cff05d9677f4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 120
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
amongus-online.net/native_games/amongus/TemplateData/style.css
200 OK 485 B URL GET HTTP/1.1 amongus-online.net/native_games/amongus/TemplateData/style.css
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
Hash 366676df87e1f9bfdd1d1cff61f29a6d
bd693dbdad99ab4fcac1e50d875db81097a76eab
3ad26fa8f3cab7874465bf11bd7c77f87b0807700c8795b94d13a989233943bb
GET /native_games/amongus/TemplateData/style.css HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "5c9-5d0faef008a88-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 485
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
amongus-online.net/js/UnityProgress.js
200 OK 268 B URL GET HTTP/1.1 amongus-online.net/js/UnityProgress.js
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type ASCII text, with very long lines (706), with no line terminators
Hash 4260f43b156ea1c704e1618c0c5f729b
8c3b0b34028f87e8f4fb3993ef41d47d48299516
7d50800720510d05c2f098c11897b0cf41ce132cb0b37c5cb485c6535da59014
GET /js/UnityProgress.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "2c2-5d0faeefa73f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 268
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
amongus-online.net/js/jquery-3.6.0.min.js
200 OK 31 kB URL GET HTTP/1.1 amongus-online.net/js/jquery-3.6.0.min.js
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /js/jquery-3.6.0.min.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 04 Nov 2021 06:09:12 GMT
ETag: "15d9d-5cff05d9683ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30902
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
amongus-online.net/js/UnityLoader.js
200 OK 88 kB URL GET HTTP/1.1 amongus-online.net/js/UnityLoader.js
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type ASCII text, with very long lines (33513)
Hash 65f54e4d60d15da61d9e70ffe124446b
04746090639f49b54865839082c1d8a12f0f8c38
92390a27af1b858f5e3330f49f7914ee3e983473ee8b5edf6c219cf82648845c
GET /js/UnityLoader.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "26cc1-5d0faeefa7008-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
amongus-online.net/Resources/tomb-mask.jpg
200 OK 38 kB URL GET HTTP/1.1 amongus-online.net/Resources/tomb-mask.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:18 20:26:25], progressive, precision 8, 512x384, components 3\012- data
Hash 09274bb5b3937fa083ab5db7f7c87992
7469c33d9ac3e4d4d8eebd5ac05c4bd29547a143
643656a7f32a104e331b52bd1ec6677ef950587827fd2eff7886a65673337d69
GET /Resources/tomb-mask.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 18 Nov 2021 16:49:19 GMT
ETag: "953f-5d112f09541f5"
Accept-Ranges: bytes
Content-Length: 38207
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
upskittyan.com/zone?pub=0&zone_id=3932353&is_mobile=false&domain=amongus-online.net&var=&ymid=&var_3=&tg=0&sw=3.1.471
200 OK 880 B URL GET HTTP/2 upskittyan.com/zone?pub=0&zone_id=3932353&is_mobile=false&domain=amongus-online.net&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectupskittyan.com
Fingerprint59:B8:83:38:7E:69:BB:8D:F3:98:63:B1:73:36:92:9F:F2:87:58:D6
ValidityThu, 09 Nov 2023 05:05:26 GMT - Wed, 07 Feb 2024 05:05:25 GMT
File type JSON data\012- , ASCII text, with very long lines (879)
Hash 2c5943e5d7a91ecba1ddc310b31a174d
afa185f427cbc319801115342a78b64aa6043666
723f61dfc262b90e33d7b70fa59f33a60a6bb1d5103e8e014963c7c89f0011ae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /zone?pub=0&zone_id=3932353&is_mobile=false&domain=amongus-online.net&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 16:13:59 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: f89b53ae77504c50122bdf72420c96d2
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amongus-online.net/Resources/paper-fold.jpg
200 OK 24 kB URL GET HTTP/1.1 amongus-online.net/Resources/paper-fold.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x384, components 3\012- data
Hash 9dd67088bf7de021873d72f632a2b70a
fce0ba3a41def219dbc4fe183312d5d7ed7ea835
d79d8e21fc2ddc597c74212742469ebce6a798b477eecfd08c7e8ae11745420f
GET /Resources/paper-fold.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "5c99-5d0d114a97cf5"
Accept-Ranges: bytes
Content-Length: 23705
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/word-connect.jpg
200 OK 90 kB URL GET HTTP/1.1 amongus-online.net/Resources/word-connect.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:19 20:48:22], progressive, precision 8, 512x384, components 3\012- data
Hash 452915347e1cbcafc78988f469355c7e
076633dd906e8bb6da5545453a2a85e02b3e8f50
f45a2b2c77f84fd7eb0a4f63249b36e185d767949b3ab3af057ab0f30d3de28c
GET /Resources/word-connect.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 19 Nov 2021 13:55:17 GMT
ETag: "161ab-5d124a007b1bb"
Accept-Ranges: bytes
Content-Length: 90539
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/brain-out.jpg
200 OK 41 kB URL GET HTTP/1.1 amongus-online.net/Resources/brain-out.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:18 22:38:58], progressive, precision 8, 512x384, components 3\012- data
Hash 9b0d3996b1aa789603bf55f21e98b3f2
0e949b7a8ef2cf111613300256b6456cbba68989
ee306e45e73d6c8b2c44771f7d227a8ff04e76c5bc603e4d3eba027e1501235d
GET /Resources/brain-out.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 18 Nov 2021 16:49:19 GMT
ETag: "a096-5d112f09541f5"
Accept-Ranges: bytes
Content-Length: 41110
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/native_games/amongus/Build/Game.json
200 OK 546 B URL GET HTTP/1.1 amongus-online.net/native_games/amongus/Build/Game.json
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JSON data\012- , ASCII text
Hash d65e1fb46f0e51a7bc37dbf22a30ba1d
eef2b9b4a19a738dbc094b048becd29c6188c95c
a54788713cd9da86c1d319bbb5dba4efbd6a24c73bf1b54d161b2616022740ce
GET /native_games/amongus/Build/Game.json HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "222-5d0faef0086a0"
Accept-Ranges: bytes
Content-Length: 546
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/json
amongus-online.net/Resources/bitlife.jpeg
200 OK 56 kB URL GET HTTP/1.1 amongus-online.net/Resources/bitlife.jpeg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:10:27 06:37:21], progressive, precision 8, 512x384, components 3\012- data
Hash 30f8d3496f4e925a75576f08f3e8c804
dc0ceb9998fb493c64f9bc53a729496a3a442ae6
1777e9bbc32a1370dfc3f52f4a22d2f15d95b5ace837a63b44e1b88ea530f407
GET /Resources/bitlife.jpeg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 18 Nov 2021 16:49:19 GMT
ETag: "d9cf-5d112f0953e0d"
Accept-Ranges: bytes
Content-Length: 55759
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/amongus.jpg
200 OK 29 kB URL GET HTTP/1.1 amongus-online.net/Resources/amongus.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=3, software=GIMP 2.10.4, datetime=2021:10:14 14:35:53], progressive, precision 8, 512x384, components 3\012- data
Hash 3b375bef58951a533d6c420b516a9bac
cc10d8193c6bfe163fd9628c62a1c5ea29041979
5f4d666131e7f28fa2996a281a6f663658aed4353138badc32d5090f438f8318
GET /Resources/amongus.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 04 Nov 2021 06:09:12 GMT
ETag: "703d-5cff05d962dbc"
Accept-Ranges: bytes
Content-Length: 28733
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/color-road.jpg
200 OK 16 kB URL GET HTTP/1.1 amongus-online.net/Resources/color-road.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x384, components 3\012- data
Hash 12f1eb94f1e282f187bdb9a7caf4a2c5
0419f95d87d349d1af8d434b4f80983d7793c8a5
976b04369c847fb7352f9618d4967e4f135d6fcf9ce4b051f28f581387b5677d
GET /Resources/color-road.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "4070-5d0d114a9790d"
Accept-Ranges: bytes
Content-Length: 16496
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/nonogram.jpg
200 OK 19 kB URL GET HTTP/1.1 amongus-online.net/Resources/nonogram.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x384, components 3\012- data
Hash ddddec8258834cf7a43e4f8eb2f9af23
094abb9fe1a973fb81929d98d137c0ca9f2f138b
7a7aa36d86bb6dda41516da90d82732167bcc13e7fffd3986e85e1c1e3505573
GET /Resources/nonogram.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "48ac-5d0d114a97cf5"
Accept-Ranges: bytes
Content-Length: 18604
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/stack-ball.jpg
200 OK 70 kB URL GET HTTP/1.1 amongus-online.net/Resources/stack-ball.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:14 12:38:07], progressive, precision 8, 512x384, components 3\012- data
Hash 8f376aa52798a7b4ac2ef29a0dd8b437
e122f2d6e185765dc11ae7daadcc194c197d4717
ca5c72e5ef7a1575d627c0d895b61dbd539bbdf44e13db5ec4c2add099c9fba8
GET /Resources/stack-ball.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "112e4-5d0d114a980dd"
Accept-Ranges: bytes
Content-Length: 70372
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/match3d.jpg
200 OK 30 kB URL GET HTTP/1.1 amongus-online.net/Resources/match3d.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x384, components 3\012- data
Hash c0db6e85b23b1f03f4ba474afe98c9a1
9f6763c453138d128df0b323a8209ebe6c585e1c
b6b6c87e92438f554f3815a1b0747c113d83925400f5d0400f94f8ef4596e924
GET /Resources/match3d.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "766d-5d0d114a97cf5"
Accept-Ranges: bytes
Content-Length: 30317
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/onnect.jpg
200 OK 68 kB URL GET HTTP/1.1 amongus-online.net/Resources/onnect.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:19 11:22:23], progressive, precision 8, 512x384, components 3\012- data
Hash a5c58569553a4b4f5baa5b3efc90cb8a
2afdbede916b07065fe577e04214df18e8832e80
137e86442607c872d0af7137cf6141dc3d2f3354ec4db6dde38554cb08f84b3a
GET /Resources/onnect.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 19 Nov 2021 05:23:07 GMT
ETag: "109ce-5d11d786655a9"
Accept-Ranges: bytes
Content-Length: 68046
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/traffic-rider.jpg
200 OK 79 kB URL GET HTTP/1.1 amongus-online.net/Resources/traffic-rider.jpg
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=3, software=GIMP 2.10.4, datetime=2021:11:20 16:55:55], progressive, precision 8, 512x384, components 3\012- data
Hash ae3a1e8fcd6f3d68b32d3917629c3702
1e14d6a69651a97b5f17aac7220c586649386dec
927a8dc94a90f6fb1a0ccd159f8554232c732e8a5241cc36ab97bfe7a5e713f5
GET /Resources/traffic-rider.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 20 Nov 2021 10:53:13 GMT
ETag: "13346-5d13632c766ba"
Accept-Ranges: bytes
Content-Length: 78662
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
upskittyan.com/custom
200 OK 0 B IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectupskittyan.com
Fingerprint59:B8:83:38:7E:69:BB:8D:F3:98:63:B1:73:36:92:9F:F2:87:58:D6
ValidityThu, 09 Nov 2023 05:05:26 GMT - Wed, 07 Feb 2024 05:05:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 16:13:59 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
c.adsco.re/
27 kB IP
Requested by https://amongus-online.net/
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (881)
Hash 41b38d766e8df9f16d99ee5656550613
4b040e742fafccbf1f9afa059258568e320fd9d8
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 16:13:59 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 08 Jan 2024 16:13:59 GMT
etag: W/"QbONdm6N+fFtme5WVlUGEw=="
cf-cache-status: HIT
age: 693117
vary: Accept-Encoding
server: cloudflare
cf-ray: 83264c7fd8a4b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
amongus-online.net/sw.js
200 OK 1.2 kB IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type ASCII text, with very long lines (2734)
Hash fb2e70fa7475017c73505de11c89ec6a
e3c4b4460d844f5c3f0709c4f5156951d5b56406
dbba0ed9c12d14c2c309dafc6eb6669c29b80217f1833ab903ad404fc4aec6bb
GET /sw.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
DNT: 1
Connection: keep-alive
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D; _ga_747YJ74QHW=GS1.1.1702052046.1.0.1702052046.0.0.0; _ga=GA1.1.4065970.1702052046
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 04 Nov 2021 06:09:12 GMT
ETag: "aaf-5cff05d9683ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1182
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.xadsmart.com/react-dom.production.min.js
200 OK 11 kB URL GET HTTP/2 www.xadsmart.com/react-dom.production.min.js
IP
ASN #60068 Datacamp Limited
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subject1376341044.rsc.cdn77.org
Fingerprint9E:00:8B:B5:0E:76:AD:0B:E5:63:88:89:93:D0:07:5F:40:2B:28:81
ValidityMon, 02 Oct 2023 18:57:36 GMT - Sun, 31 Dec 2023 18:57:35 GMT
File type HTML document, ASCII text, with very long lines (1568)
Hash 16d4003b9333ab69c1afaf7b8e5a07e0
ddcafe8409e2d08bb240bd46bea498e5e3bd26e0
79c7920a4bfcbbb63271721644e805fc106d48849b2b0040f819ba70aa83b176
GET /react-dom.production.min.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 16:13:59 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
expires: Wed, 13 Dec 2023 14:02:05 GMT
access-control-allow-origin: https://amongus-online.net
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJDQH3TrQCAAwBuUwKCQH3dw0AAAwB1GY4CQH3JQAAAA
x-77-nzt-ray: c0a4cc28274a9412c7407365bbab3a15
x-accel-expires: @1702476125
x-accel-date: 1701874809
x-77-cache: HIT
x-77-age: 180714
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 3447, 177230
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
upskittyan.com/custom
200 OK 39 B IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectupskittyan.com
Fingerprint59:B8:83:38:7E:69:BB:8D:F3:98:63:B1:73:36:92:9F:F2:87:58:D6
ValidityThu, 09 Nov 2023 05:05:26 GMT - Wed, 07 Feb 2024 05:05:25 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Content-Type: application/json
Content-Length: 382
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 16:13:59 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2cfe41ae05219a5a0ff98cb225f73664
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
200 OK 94 B IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
File type JSON data\012- , ASCII text
Hash aa0ba6debfe9f5d9fcd2ab21d323a920
7522b0d129fc83c7528b1f4c9d7ba34709cc6100
26f61507095e357ac5791eeee86feaee8ab134681ed22fcee87a253eb11e4cbb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Content-Type: application/json
Content-Length: 503
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 16:13:59 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amongus-online.net/favicon/apple-touch-icon.png
200 OK 13 kB URL GET HTTP/1.1 amongus-online.net/favicon/apple-touch-icon.png
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 01db3eeac7ed52c7bcb851129d7d0bd9
50c2e042ecea9ceeae676788152264a5127f1714
ef855bf258f093e142b49f72c46459bfbb0fee7df45a66bd8803b7359fdd185c
GET /favicon/apple-touch-icon.png HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D; _ga_747YJ74QHW=GS1.1.1702052046.1.0.1702052046.0.0.0; _ga=GA1.1.4065970.1702052046
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 08 Nov 2021 13:23:35 GMT
ETag: "31cd-5d046e662f6fd"
Accept-Ranges: bytes
Content-Length: 12749
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
amongus-online.net/favicon/favicon-16x16.png
200 OK 1.2 kB URL GET HTTP/1.1 amongus-online.net/favicon/favicon-16x16.png
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectamongus-online.net
Fingerprint52:53:A1:9A:51:31:09:1E:3E:35:A0:FA:92:E7:0E:57:65:67:33:19
ValidityWed, 25 Oct 2023 19:52:17 GMT - Tue, 23 Jan 2024 19:52:16 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 1c063f9884c2797fb2840d793edf7559
ad0b7334bca206c0e95dd647e2c52f2c5db936b1
5c34a01f17fb2c3684b66f8bd15ced8c82dabbf13ae69d025770bcba1ff34e7c
GET /favicon/favicon-16x16.png HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6InF3T0tWNWFNWkRTbW5ZYmhndTBZdmc9PSIsInZhbHVlIjoiZ2JNK0xlUzFyOW5GVDE4YjRaUVkraGNOVkFmdjZMYk5BOU9scGlHQnFJQ2dzaVJYRmVvb2pXWW9PSjlMMHF4NXA1YnUxWU9MY3JCL0s4U1l5RUJSVjE1K2Y5S1M4b0ZxSDlHMXB2cXVPeDFicGZIU1ZkbW9UKy9CU3UvWExWdkkiLCJtYWMiOiJmNWI4NWNhYjhmZGVkZTQ5YjNhZDE1MjQ5NmJlNGI3YzIxMmFiMTllOGQ5NWFjODI0Y2M3Mzg0Njg3N2JmNTZkIiwidGFnIjoiIn0%3D; _ga_747YJ74QHW=GS1.1.1702052046.1.0.1702052046.0.0.0; _ga=GA1.1.4065970.1702052046
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:13:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 08 Nov 2021 13:23:35 GMT
ETag: "4ba-5d046e662fecd"
Accept-Ranges: bytes
Content-Length: 1210
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
6.adsco.re/
200 OK 0 B IP
Requested by https://amongus-online.net/
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 16:14:00 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://amongus-online.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 83264c830d46b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
200 OK 62 B IP
Requested by https://amongus-online.net/
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:14:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://amongus-online.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
zt9srih9s8bx.l4.adsco.re/
200 OK 0 B URL POST HTTP/2 zt9srih9s8bx.l4.adsco.re/
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subject*.l4.adsco.re
Fingerprint30:24:2D:06:44:32:CD:4B:46:E0:81:9A:CF:B1:F6:9B:D2:4F:F3:6F
ValidityMon, 25 Sep 2023 16:35:45 GMT - Sun, 24 Dec 2023 16:35:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: zt9srih9s8bx.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 08 Dec 2023 16:14:00 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
6.adsco.re/
200 OK 0 B IP
Requested by https://amongus-online.net/
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 08 Dec 2023 16:14:00 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 83264c849deeb512-OSL
alt-svc: h3=":443"; ma=86400
4.adsco.re/
200 OK 62 B IP
Requested by https://amongus-online.net/
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:14:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
upskittyan.com/custom
200 OK 39 B IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectupskittyan.com
Fingerprint59:B8:83:38:7E:69:BB:8D:F3:98:63:B1:73:36:92:9F:F2:87:58:D6
ValidityThu, 09 Nov 2023 05:05:26 GMT - Wed, 07 Feb 2024 05:05:25 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Content-Type: application/json
Content-Length: 733
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 16:14:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a9259eb09f366cda3b0cec6d096ecf25
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
zt9srih9s8bx.n4.adsco.re/
200 OK 0 B URL POST HTTP/2 zt9srih9s8bx.n4.adsco.re/
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subject*.n4.adsco.re
FingerprintAF:10:8A:4D:72:FD:FC:08:77:84:8F:BE:F7:48:3B:D0:52:53:23:0A
ValidityFri, 29 Sep 2023 17:35:50 GMT - Thu, 28 Dec 2023 17:35:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: zt9srih9s8bx.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 08 Dec 2023 16:14:00 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
adsco.re/p
200 OK 844 B IP
Requested by https://amongus-online.net/
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (1063), with no line terminators
Hash a288884ad548fcb657ee123405ad39c2
c878a18849cc5835590c6c75e6ef4738a47054c6
ef336fea2d85b71527411a2d5e177aa57ce0c4921c95ba2325163d13da59d023
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2131
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:14:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Critical-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Access-Control-Allow-Origin: https://amongus-online.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
zt9srih9s8bx.s4.adsco.re/
200 OK 0 B URL POST HTTP/2 zt9srih9s8bx.s4.adsco.re/
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subject*.s4.adsco.re
Fingerprint64:CA:F8:23:A5:E5:7F:B7:B7:9E:AD:14:92:A0:E1:5C:12:BB:22:C1
ValidityTue, 03 Oct 2023 12:32:24 GMT - Mon, 01 Jan 2024 12:32:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: zt9srih9s8bx.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 08 Dec 2023 16:14:01 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
xadsmart.com/nfjnilabilczwmzvob?eyZXBTFu=BQMSAAAAAAAACZUAAkoIoZYazKFE961GG45xEPAnoImH3QxLk9ubWXI7uVioppO8dH09AUsn1TvriXCim6tzDAmUgrFkygQ5CUzOV3WpoOTe7x8W77wr-J6FMTwRRoDORd1ufGoxaHuvA-jhGMQkuEoA4bBCRkZnCdruWYCo9fVQE9EkCHVblGMaeJYbzWiRsTLacCYDK3jyLTvj_gIxcnFiSchrxaZosEwAdBkRDtymtUPOl4AWyM_W2cu5Pe3by3DvCwNx0n8CfDtUbaLPI9IrHUr4U7mL-FDby8mVO28kPIC1fOKRbzxPAMKYQOKYSEkCJC1UyabHJxBUd-x1179mIDGZX-Vcaa-BZHWzqucCjB1wc_f2o_m7W3OuB_xVy63mvHD82-Mpj_Yi6G9fzvPAVou6cs8QZdU5BDF6a0qnAOeps-0x8wjyLKF81fbK7TEt4UCzJ2jhXfyEWb6nILVFLHMqBhj5UAR9JPj6xWmX3Yw0yJejX_9Hk2YeommgqtRidQPkxdYMic--8AWnb4PGA79Q99JhiT-xMw4-kfmd_lFHbitKizOvvmTOciCgVle6DGf2hA6JPtO6RlSPhIqFd00sR-b82yTDDmJCkRVvJA2wQJWwQiAVTGmHgHLVYzeIJb_X2F2csEMkyMuKqIne2NC_s4maLUNXKHFckjkErp7mh-99VuVYNeW5zDOQjXNsmJwLDG5e_3Nom3thqrOUVMOSc1Ho0iFzJmIm3Ah5jLYUahfmfO3QQMCJS4e0pa-IEog8Gw4jxTezX4eirBemuelN-Pnjd1O0Ey09gOCtlCP8JaFVxt9X3zKln1FZIbv0UttiR98Fw7Bjg7S4lf35BPpO2SL0JAI-A_w3fUVgYKlkYd6odc0jHqDLdwQJlK8ZDrNiUjbzmNiUAXd8Bn1dynAYzQ7lguwDQ9emkLHPO1vafzZXTNpjyCtHXeuJOeTs6DfiDYEsJSZWI6914nec4GEmoPwrSFIhxcv-HLL5Em0KkSAuxhT77w5vLdyKyoHrnOxAbdk4CjIjzqYMmJFmslPilVDpw_5SamI&DouHGLqY=4&NUOsSpli=4525793&ogISvRAu=0.0015&ERzMTWDA=0,0&LoerHXpz=&XmMiTgJS=&OZYIjtNS=1280,1024,1,1280,1024,0
200 OK 44 B URL GET HTTP/2 xadsmart.com/nfjnilabilczwmzvob?eyZXBTFu=BQMSAAAAAAAACZUAAkoIoZYazKFE961GG45xEPAnoImH3QxLk9ubWXI7uVioppO8dH09AUsn1TvriXCim6tzDAmUgrFkygQ5CUzOV3WpoOTe7x8W77wr-J6FMTwRRoDORd1ufGoxaHuvA-jhGMQkuEoA4bBCRkZnCdruWYCo9fVQE9EkCHVblGMaeJYbzWiRsTLacCYDK3jyLTvj_gIxcnFiSchrxaZosEwAdBkRDtymtUPOl4AWyM_W2cu5Pe3by3DvCwNx0n8CfDtUbaLPI9IrHUr4U7mL-FDby8mVO28kPIC1fOKRbzxPAMKYQOKYSEkCJC1UyabHJxBUd-x1179mIDGZX-Vcaa-BZHWzqucCjB1wc_f2o_m7W3OuB_xVy63mvHD82-Mpj_Yi6G9fzvPAVou6cs8QZdU5BDF6a0qnAOeps-0x8wjyLKF81fbK7TEt4UCzJ2jhXfyEWb6nILVFLHMqBhj5UAR9JPj6xWmX3Yw0yJejX_9Hk2YeommgqtRidQPkxdYMic--8AWnb4PGA79Q99JhiT-xMw4-kfmd_lFHbitKizOvvmTOciCgVle6DGf2hA6JPtO6RlSPhIqFd00sR-b82yTDDmJCkRVvJA2wQJWwQiAVTGmHgHLVYzeIJb_X2F2csEMkyMuKqIne2NC_s4maLUNXKHFckjkErp7mh-99VuVYNeW5zDOQjXNsmJwLDG5e_3Nom3thqrOUVMOSc1Ho0iFzJmIm3Ah5jLYUahfmfO3QQMCJS4e0pa-IEog8Gw4jxTezX4eirBemuelN-Pnjd1O0Ey09gOCtlCP8JaFVxt9X3zKln1FZIbv0UttiR98Fw7Bjg7S4lf35BPpO2SL0JAI-A_w3fUVgYKlkYd6odc0jHqDLdwQJlK8ZDrNiUjbzmNiUAXd8Bn1dynAYzQ7lguwDQ9emkLHPO1vafzZXTNpjyCtHXeuJOeTs6DfiDYEsJSZWI6914nec4GEmoPwrSFIhxcv-HLL5Em0KkSAuxhT77w5vLdyKyoHrnOxAbdk4CjIjzqYMmJFmslPilVDpw_5SamI&DouHGLqY=4&NUOsSpli=4525793&ogISvRAu=0.0015&ERzMTWDA=0,0&LoerHXpz=&XmMiTgJS=&OZYIjtNS=1280,1024,1,1280,1024,0
IP
Requested by https://amongus-online.net/
Certificate IssuerSectigo Limited
Subjectxadsmart.com
FingerprintFC:E8:BA:57:31:46:6D:51:70:B5:42:35:6E:CF:97:6F:AF:38:C5:58
ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /nfjnilabilczwmzvob?eyZXBTFu=BQMSAAAAAAAACZUAAkoIoZYazKFE961GG45xEPAnoImH3QxLk9ubWXI7uVioppO8dH09AUsn1TvriXCim6tzDAmUgrFkygQ5CUzOV3WpoOTe7x8W77wr-J6FMTwRRoDORd1ufGoxaHuvA-jhGMQkuEoA4bBCRkZnCdruWYCo9fVQE9EkCHVblGMaeJYbzWiRsTLacCYDK3jyLTvj_gIxcnFiSchrxaZosEwAdBkRDtymtUPOl4AWyM_W2cu5Pe3by3DvCwNx0n8CfDtUbaLPI9IrHUr4U7mL-FDby8mVO28kPIC1fOKRbzxPAMKYQOKYSEkCJC1UyabHJxBUd-x1179mIDGZX-Vcaa-BZHWzqucCjB1wc_f2o_m7W3OuB_xVy63mvHD82-Mpj_Yi6G9fzvPAVou6cs8QZdU5BDF6a0qnAOeps-0x8wjyLKF81fbK7TEt4UCzJ2jhXfyEWb6nILVFLHMqBhj5UAR9JPj6xWmX3Yw0yJejX_9Hk2YeommgqtRidQPkxdYMic--8AWnb4PGA79Q99JhiT-xMw4-kfmd_lFHbitKizOvvmTOciCgVle6DGf2hA6JPtO6RlSPhIqFd00sR-b82yTDDmJCkRVvJA2wQJWwQiAVTGmHgHLVYzeIJb_X2F2csEMkyMuKqIne2NC_s4maLUNXKHFckjkErp7mh-99VuVYNeW5zDOQjXNsmJwLDG5e_3Nom3thqrOUVMOSc1Ho0iFzJmIm3Ah5jLYUahfmfO3QQMCJS4e0pa-IEog8Gw4jxTezX4eirBemuelN-Pnjd1O0Ey09gOCtlCP8JaFVxt9X3zKln1FZIbv0UttiR98Fw7Bjg7S4lf35BPpO2SL0JAI-A_w3fUVgYKlkYd6odc0jHqDLdwQJlK8ZDrNiUjbzmNiUAXd8Bn1dynAYzQ7lguwDQ9emkLHPO1vafzZXTNpjyCtHXeuJOeTs6DfiDYEsJSZWI6914nec4GEmoPwrSFIhxcv-HLL5Em0KkSAuxhT77w5vLdyKyoHrnOxAbdk4CjIjzqYMmJFmslPilVDpw_5SamI&DouHGLqY=4&NUOsSpli=4525793&ogISvRAu=0.0015&ERzMTWDA=0,0&LoerHXpz=&XmMiTgJS=&OZYIjtNS=1280,1024,1,1280,1024,0 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Fri, 08 Dec 2023 16:14:01 GMT
X-Firefox-Spdy: h2
upskittyan.com/pfe/current/universal.min.js?v=3.1.471
200 OK 88 kB URL GET HTTP/2 upskittyan.com/pfe/current/universal.min.js?v=3.1.471
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectupskittyan.com
Fingerprint59:B8:83:38:7E:69:BB:8D:F3:98:63:B1:73:36:92:9F:F2:87:58:D6
ValidityThu, 09 Nov 2023 05:05:26 GMT - Wed, 07 Feb 2024 05:05:25 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 16:13:59 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-1572c"
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
upskittyan.com/pfe/current/tag.min.js?z=3932353
200 OK 13 kB URL GET HTTP/2 upskittyan.com/pfe/current/tag.min.js?z=3932353
IP
Requested by https://amongus-online.net/
Certificate IssuerLet's Encrypt
Subjectupskittyan.com
Fingerprint59:B8:83:38:7E:69:BB:8D:F3:98:63:B1:73:36:92:9F:F2:87:58:D6
ValidityThu, 09 Nov 2023 05:05:26 GMT - Wed, 07 Feb 2024 05:05:25 GMT
File type C source, ASCII text, with very long lines (13300), with no line terminators
Hash 258578af3c107ccb907f73c3a2f4c25f
7a192edea829968fb7f57f2a2fc4cb5b612598be
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pfe/current/tag.min.js?z=3932353 HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 16:13:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
c.adsco.re/
200 OK 80 kB IP
Requested by https://amongus-online.net/
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (881)
Hash 41b38d766e8df9f16d99ee5656550613
4b040e742fafccbf1f9afa059258568e320fd9d8
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amongus-online.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 08 Dec 2023 16:14:00 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 08 Jan 2024 16:14:00 GMT
etag: W/"QbONdm6N+fFtme5WVlUGEw=="
cf-cache-status: HIT
age: 693118
vary: Accept-Encoding
server: cloudflare
cf-ray: 83264c82ac24b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
174.138.179.141
185.76.9.15
104.17.166.186
139.45.197.250
185.200.116.51
0.0.0.0