amongus-online.net/
174.138.179.141301 Moved Permanently 319 B IP 174.138.179.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bc2cb872791cd738528dd577e8113b7f
b77ff3797fb77c917b03be61d8204693f8c0fa5d
efa9e286a0633fcdb0b571105e5ea9a0abe6246dee319112bc53841db6f45a50
GET / HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 00:15:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://amongus-online.net/
Content-Length: 319
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 00:14:42 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BwwJmQPGsR7LKJ5iPrpZgUBheBS9DQ3ikbGYv3FlWo0y83f72ORyrQ==
Age: 43
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Sun, 25 Sep 2022 00:58:14 GMT
Date: Sun, 25 Sep 2022 00:15:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18315
Expires: Sun, 25 Sep 2022 05:20:40 GMT
Date: Sun, 25 Sep 2022 00:15:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mqA0u4eNVJVtoi429sYhTyzBebqFFTH574/TvM0ZywKqkjqAvxODwnLK/3QUYLvs2hJwD1C8nV8=
x-amz-request-id: SFDPWAPJPDMKPZ5R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Sep 2022 23:47:47 GMT
age: 1658
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3f8e52b6c3fede976da6970e250e04b5
a635a123966700a762518c33479d542dcb88e0ad
e5da7b3ef3ef109aca87e214135d13d24b04c921b5768625e14b42d2cabc1d6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5DA7B3EF3EF109ACA87E214135D13D24B04C921B5768625E14B42D2CABC1D6D"
Last-Modified: Fri, 23 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2001
Expires: Sun, 25 Sep 2022 00:48:46 GMT
Date: Sun, 25 Sep 2022 00:15:25 GMT
Connection: keep-alive
amongus-online.net/
174.138.179.141200 OK 8.4 kB IP 174.138.179.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2030)
Hash 5f244176b48f0ba279493a13c25a8260
628947569ac7806cdb488619321b645a1c7bc6d3
2a1bed6ddc9cb386394f792395e6a14ded130b690864a6dce938050cd13505c1
GET / HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D; expires=Mon, 26-Sep-2022 00:15:25 GMT; Max-Age=86400; path=/; httponly; samesite=lax
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8446
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 00:04:17 GMT
Expires: Sun, 25 Sep 2022 00:56:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ptHUQxgWVLJFDRn8Css0fh_c2hH1F5hHhVCYKORJhfhRW4LIw55SjQ==
Age: 669
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Sun, 25 Sep 2022 00:15:26 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
cdn.applixir.com/applixir.sdk3.0m.js
143.204.55.67200 OK 9.9 kB URL HTTP/2 cdn.applixir.com/applixir.sdk3.0m.js
IP 143.204.55.67:0
File type ASCII text, with very long lines (9949), with no line terminators
Hash 6d72e1cfede3f1dfdf928f4bf53616c1
9253c5bccb919316ed0de83b45dd6313e405a7e3
a8193b631e31127ca40b49760d25456432ab7645f79b1c13121208894318d09d
GET /applixir.sdk3.0m.js HTTP/1.1
Host: cdn.applixir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 9949
date: Sat, 24 Sep 2022 04:21:25 GMT
last-modified: Fri, 21 May 2021 06:25:22 GMT
etag: "6d72e1cfede3f1dfdf928f4bf53616c1"
x-amz-version-id: 1WCUHTx_.BxgKDD3KmJ04eCXsE_dFaDs
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ry1wv2sZzoO7GafUoZJ_5WSG5iiWpp43zOD7JlG3uEDtoTgyZAcjHg==
age: 71642
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-747YJ74QHW
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-747YJ74QHW
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash d7080e67806b75d0974dbd714c9befa6
2249e27c3b621916dd1eb4b05278529088aba279
906bbbffca38d363f61efb615aec5d82b8b1ba0f0790c76ab2955ec6e13a6227
GET /gtag/js?id=G-747YJ74QHW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 00:15:26 GMT
expires: Sun, 25 Sep 2022 00:15:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe574d9a8281c4ae37b1ac7a688947e6
dfd5aac8557b7194198a439bb99b8498999478f4
99f44d4c8ee456e38cb4337c21dde91d14cc6bb2e187c755c47fa12324e4b582
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99F44D4C8EE456E38CB4337C21DDE91D14CC6BB2E187C755C47FA12324E4B582"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4226
Expires: Sun, 25 Sep 2022 01:25:52 GMT
Date: Sun, 25 Sep 2022 00:15:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5721
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:26 GMT
Last-Modified: Sat, 24 Sep 2022 22:40:05 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 474a4fe1db01ae46764c925f25108db6
18b157adf2cd8ba9c1dd43e16dbeec1f19eccc43
2a0dad0bf291ee1c7fd6cef136448e9a67c71ca08439df7505f41aee860d1c8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A0DAD0BF291EE1C7FD6CEF136448E9A67C71CA08439DF7505F41AEE860D1C8F"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14850
Expires: Sun, 25 Sep 2022 04:22:56 GMT
Date: Sun, 25 Sep 2022 00:15:26 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amongus-online.net/native_games/amongus/TemplateData/style.css
174.138.179.141200 OK 485 B URL HTTP/1.1 amongus-online.net/native_games/amongus/TemplateData/style.css
IP 174.138.179.141:0
Hash c057bcbe9eba6e7f8340d69ce88cd089
ff9eea0d4e02873426232bf3e3950e6cd89eae68
41ffaaa67c1b14ef1c2dd73210d957635a4c160a0ec14199811c6061df93f1bb
GET /native_games/amongus/TemplateData/style.css HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "5c9-5d0faef008a88-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 485
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
amongus-online.net/css/main-g.css
174.138.179.141200 OK 120 B URL HTTP/1.1 amongus-online.net/css/main-g.css
IP 174.138.179.141:0
Hash 30c7828bc35d3bed7d2fa77e7890d93f
108d0f49badbd3a0a0a67eebc61e5c103c36b6ca
696d0a053fd0821fb49d4e18f059768813ff51e74471dacc730d566ad0d569b9
GET /css/main-g.css HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 04 Nov 2021 06:09:12 GMT
ETag: "cc-5cff05d9677f4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 120
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
amongus-online.net/js/UnityProgress.js
174.138.179.141200 OK 268 B URL HTTP/1.1 amongus-online.net/js/UnityProgress.js
IP 174.138.179.141:0
File type ASCII text, with very long lines (706), with no line terminators
Hash cd2d96ca5dfcb46f5be899b1fad58ca9
a8ce5836343ff71eabcdb757909b7bfc1bcdaf21
2757f013c52dde9ef9ea1692fd79bffd72ef8cf97b4a7cfaedc382360b5d351a
GET /js/UnityProgress.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "2c2-5d0faeefa73f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 268
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
amongus-online.net/js/prebid-ads.js
174.138.179.141200 OK 23 B URL HTTP/1.1 amongus-online.net/js/prebid-ads.js
IP 174.138.179.141:0
File type ASCII text, with no line terminators
Hash 4db2bdbd782ffd7893753c98392177c9
db525e58f8bdfe6275d7cbb4e868c307aca87dc4
78adde2ffe4860f64cf538c1bb27dbe378b40eda62d07ab34916c12dcb6f4c3b
GET /js/prebid-ads.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 03:17:56 GMT
ETag: "17-5d0f37cfc245f"
Accept-Ranges: bytes
Content-Length: 23
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
52.41.246.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.246.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mCCQEsSzhhjlTBEJCqz3gQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5u8zcRYXCXAToJj9+5RO6ak6Nt8=
amongus-online.net/js/UnityLoader.js
174.138.179.141200 OK 88 kB URL HTTP/1.1 amongus-online.net/js/UnityLoader.js
IP 174.138.179.141:0
File type ASCII text, with very long lines (33513)
Hash c3f8bcc7d11bbdbe0a0b6cab406c0499
e7625df5ea77c1d855d1db70e574aedf2c86f9d8
8a0f2210a97e88f00955ff8d0c4291fdd7ca124cd3d82e2d1ec96b7356fabf46
GET /js/UnityLoader.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "26cc1-5d0faeefa7008-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
amongus-online.net/Resources/amongus.jpg
174.138.179.141200 OK 29 kB URL HTTP/1.1 amongus-online.net/Resources/amongus.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=3, software=GIMP 2.10.4, datetime=2021:10:14 14:35:53], progressive, precision 8, 512x384, components 3\012- data
Hash 3b375bef58951a533d6c420b516a9bac
cc10d8193c6bfe163fd9628c62a1c5ea29041979
5f4d666131e7f28fa2996a281a6f663658aed4353138badc32d5090f438f8318
GET /Resources/amongus.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 04 Nov 2021 06:09:12 GMT
ETag: "703d-5cff05d962dbc"
Accept-Ranges: bytes
Content-Length: 28733
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 25 Sep 2022 00:15:26 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
amongus-online.net/Resources/tomb-mask.jpg
174.138.179.141200 OK 38 kB URL HTTP/1.1 amongus-online.net/Resources/tomb-mask.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:18 20:26:25], progressive, precision 8, 512x384, components 3\012- data
Hash 09274bb5b3937fa083ab5db7f7c87992
7469c33d9ac3e4d4d8eebd5ac05c4bd29547a143
643656a7f32a104e331b52bd1ec6677ef950587827fd2eff7886a65673337d69
GET /Resources/tomb-mask.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 18 Nov 2021 16:49:19 GMT
ETag: "953f-5d112f09541f5"
Accept-Ranges: bytes
Content-Length: 38207
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/nonogram.jpg
174.138.179.141200 OK 19 kB URL HTTP/1.1 amongus-online.net/Resources/nonogram.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x384, components 3\012- data
Hash ddddec8258834cf7a43e4f8eb2f9af23
094abb9fe1a973fb81929d98d137c0ca9f2f138b
7a7aa36d86bb6dda41516da90d82732167bcc13e7fffd3986e85e1c1e3505573
GET /Resources/nonogram.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "48ac-5d0d114a97cf5"
Accept-Ranges: bytes
Content-Length: 18604
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/color-road.jpg
174.138.179.141200 OK 16 kB URL HTTP/1.1 amongus-online.net/Resources/color-road.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x384, components 3\012- data
Hash 12f1eb94f1e282f187bdb9a7caf4a2c5
0419f95d87d349d1af8d434b4f80983d7793c8a5
976b04369c847fb7352f9618d4967e4f135d6fcf9ce4b051f28f581387b5677d
GET /Resources/color-road.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "4070-5d0d114a9790d"
Accept-Ranges: bytes
Content-Length: 16496
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/match3d.jpg
174.138.179.141200 OK 30 kB URL HTTP/1.1 amongus-online.net/Resources/match3d.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x384, components 3\012- data
Hash c0db6e85b23b1f03f4ba474afe98c9a1
9f6763c453138d128df0b323a8209ebe6c585e1c
b6b6c87e92438f554f3815a1b0747c113d83925400f5d0400f94f8ef4596e924
GET /Resources/match3d.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "766d-5d0d114a97cf5"
Accept-Ranges: bytes
Content-Length: 30317
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
zeeshith.net/zone?pub=0&zone_id=3932353&is_mobile=false&domain=amongus-online.net&var=&ymid=&var_3=
139.45.197.250200 OK 705 B URL HTTP/2 zeeshith.net/zone?pub=0&zone_id=3932353&is_mobile=false&domain=amongus-online.net&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (704)
Hash 655822e8d4b5bf92b4212df44b3e6f94
4ab08c05b43561545637ee3c68ea36540a11e78e
1b30a8dea799d153edf0e4c93d8ec00a97aefc093095ccbe06d8fbe32c734845
GET /zone?pub=0&zone_id=3932353&is_mobile=false&domain=amongus-online.net&var=&ymid=&var_3= HTTP/1.1
Host: zeeshith.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:26 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: 2559e78f35059e03ed042c1665d98cfa
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38030ee9599d0c4f1c356f466ccd31cd
a8c5ea8ca2695156b52922c224be78cd348211e0
85fc68415f6b4463ce26531e905d0bc49af4451db127ef340b1e9ddbbe06ab64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85FC68415F6B4463CE26531E905D0BC49AF4451DB127EF340B1E9DDBBE06AB64"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1275
Expires: Sun, 25 Sep 2022 00:36:42 GMT
Date: Sun, 25 Sep 2022 00:15:27 GMT
Connection: keep-alive
amongus-online.net/Resources/bitlife.jpeg
174.138.179.141200 OK 56 kB URL HTTP/1.1 amongus-online.net/Resources/bitlife.jpeg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:10:27 06:37:21], progressive, precision 8, 512x384, components 3\012- data
Hash 30f8d3496f4e925a75576f08f3e8c804
dc0ceb9998fb493c64f9bc53a729496a3a442ae6
1777e9bbc32a1370dfc3f52f4a22d2f15d95b5ace837a63b44e1b88ea530f407
GET /Resources/bitlife.jpeg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 18 Nov 2021 16:49:19 GMT
ETag: "d9cf-5d112f0953e0d"
Accept-Ranges: bytes
Content-Length: 55759
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=410393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff90c1b96eb511-OSL
amongus-online.net/native_games/amongus/Build/Game.json
174.138.179.141200 OK 546 B URL HTTP/1.1 amongus-online.net/native_games/amongus/Build/Game.json
IP 174.138.179.141:0
File type JSON data\012- , ASCII text
Hash d65e1fb46f0e51a7bc37dbf22a30ba1d
eef2b9b4a19a738dbc094b048becd29c6188c95c
a54788713cd9da86c1d319bbb5dba4efbd6a24c73bf1b54d161b2616022740ce
GET /native_games/amongus/Build/Game.json HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 17 Nov 2021 12:10:53 GMT
ETag: "222-5d0faef0086a0"
Accept-Ranges: bytes
Content-Length: 546
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/json
amongus-online.net/Resources/paper-fold.jpg
174.138.179.141200 OK 24 kB URL HTTP/1.1 amongus-online.net/Resources/paper-fold.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x384, components 3\012- data
Hash 9dd67088bf7de021873d72f632a2b70a
fce0ba3a41def219dbc4fe183312d5d7ed7ea835
d79d8e21fc2ddc597c74212742469ebce6a798b477eecfd08c7e8ae11745420f
GET /Resources/paper-fold.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "5c99-5d0d114a97cf5"
Accept-Ranges: bytes
Content-Length: 23705
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
my.rtmark.net/gid.js?userId=d39de3b6d7dd4d7e8de53fa41277b6a8
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=d39de3b6d7dd4d7e8de53fa41277b6a8
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d177bbf66fa040558fa1b561b3890ff0
f6fe38b546ddd338f9f449fa2cb0c9c30cd0c5da
07e1f2702d373a30579fb8e3cd1efb6fa354e5a3b835ab664a42fe944ac87f75
GET /gid.js?userId=d39de3b6d7dd4d7e8de53fa41277b6a8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://amongus-online.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d39de3b6d7dd4d7e8de53fa41277b6a8; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
amongus-online.net/Resources/stack-ball.jpg
174.138.179.141200 OK 70 kB URL HTTP/1.1 amongus-online.net/Resources/stack-ball.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:14 12:38:07], progressive, precision 8, 512x384, components 3\012- data
Hash 8f376aa52798a7b4ac2ef29a0dd8b437
e122f2d6e185765dc11ae7daadcc194c197d4717
ca5c72e5ef7a1575d627c0d895b61dbd539bbdf44e13db5ec4c2add099c9fba8
GET /Resources/stack-ball.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 10:14:56 GMT
ETag: "112e4-5d0d114a980dd"
Accept-Ranges: bytes
Content-Length: 70372
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/onnect.jpg
174.138.179.141200 OK 68 kB URL HTTP/1.1 amongus-online.net/Resources/onnect.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:19 11:22:23], progressive, precision 8, 512x384, components 3\012- data
Hash a5c58569553a4b4f5baa5b3efc90cb8a
2afdbede916b07065fe577e04214df18e8832e80
137e86442607c872d0af7137cf6141dc3d2f3354ec4db6dde38554cb08f84b3a
GET /Resources/onnect.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 19 Nov 2021 05:23:07 GMT
ETag: "109ce-5d11d786655a9"
Accept-Ranges: bytes
Content-Length: 68046
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
amongus-online.net/Resources/brain-out.jpg
174.138.179.141200 OK 41 kB URL HTTP/1.1 amongus-online.net/Resources/brain-out.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:18 22:38:58], progressive, precision 8, 512x384, components 3\012- data
Hash 9b0d3996b1aa789603bf55f21e98b3f2
0e949b7a8ef2cf111613300256b6456cbba68989
ee306e45e73d6c8b2c44771f7d227a8ff04e76c5bc603e4d3eba027e1501235d
GET /Resources/brain-out.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 18 Nov 2021 16:49:19 GMT
ETag: "a096-5d112f09541f5"
Accept-Ranges: bytes
Content-Length: 41110
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
tovanillitechan.com/42/38?z=5149841
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/42/38?z=5149841
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /42/38?z=5149841 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: scm=1; OAID=a9cc16922c674657b908730ab634c189; oaidts=1664064927
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ca949a0d8dd0544c5745595b31b65a3c
access-control-expose-headers: X-Sc
set-cookie: OAID=a9cc16922c674657b908730ab634c189; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
oaidts=1664064927; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
amongus-online.net/Resources/word-connect.jpg
174.138.179.141200 OK 90 kB URL HTTP/1.1 amongus-online.net/Resources/word-connect.jpg
IP 174.138.179.141:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.4, datetime=2021:11:19 20:48:22], progressive, precision 8, 512x384, components 3\012- data
Hash 452915347e1cbcafc78988f469355c7e
076633dd906e8bb6da5545453a2a85e02b3e8f50
f45a2b2c77f84fd7eb0a4f63249b36e185d767949b3ab3af057ab0f30d3de28c
GET /Resources/word-connect.jpg HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 19 Nov 2021 13:55:17 GMT
ETag: "161ab-5d124a007b1bb"
Accept-Ranges: bytes
Content-Length: 90539
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=33049
date: Sun, 25 Sep 2022 00:15:27 GMT
X-Firefox-Spdy: h2
ssl.cdne.cpmstar.com/cached/js/lib.js
152.199.21.117200 OK 2.1 kB URL HTTP/2 ssl.cdne.cpmstar.com/cached/js/lib.js
IP 152.199.21.117:0
File type HTML document, ASCII text
Hash c1ef178cbb2b945fb5d0aafd19358f50
e3b484765547fa94a9541b2490bbc61a659f49f2
b5c6b74b6a0847a676e7657a430358eb9ce74b675ba382da50993249409e73e4
GET /cached/js/lib.js HTTP/1.1
Host: ssl.cdne.cpmstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 5446
cache-control: max-age=14400
content-type: application/javascript
date: Sun, 25 Sep 2022 00:15:27 GMT
etag: "80c1e61de9cfd61:0"
last-modified: Fri, 11 Dec 2020 18:11:59 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
server: ECAcc (ska/F6CA)
vary: Accept-Encoding
x-cache: HIT
content-length: 2069
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amongus-online.net/favicon/apple-touch-icon.png
174.138.179.141200 OK 13 kB URL HTTP/1.1 amongus-online.net/favicon/apple-touch-icon.png
IP 174.138.179.141:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 01db3eeac7ed52c7bcb851129d7d0bd9
50c2e042ecea9ceeae676788152264a5127f1714
ef855bf258f093e142b49f72c46459bfbb0fee7df45a66bd8803b7359fdd185c
GET /favicon/apple-touch-icon.png HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D; __atuvc=1%7C39; __atuvs=632f9d9df8d56391000; _ga_747YJ74QHW=GS1.1.1664064925.1.0.1664064925.0.0.0; _ga=GA1.1.494884101.1664064926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 08 Nov 2021 13:23:35 GMT
ETag: "31cd-5d046e662f6fd"
Accept-Ranges: bytes
Content-Length: 12749
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b
139.45.197.239200 OK 189 kB URL HTTP/2 tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b
IP 139.45.197.239:0
File type ASCII text, with very long lines (65523)
Size 189 kB (189368 bytes)
Hash d4971c4cce536a08eb180548f4410d92
fa2c235203ca02e3af271ccb0fae1484c1b694b0
4edc7a751f9f96f178d39e1980f9297a6d333dc3266583342a4bf4f5b27974fc
Analyzer Verdict Alert quad9 Sinkholed
GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: scm=1; OAID=a9cc16922c674657b908730ab634c189; oaidts=1664064927
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
amongus-online.net/favicon/favicon-16x16.png
174.138.179.141200 OK 1.2 kB URL HTTP/1.1 amongus-online.net/favicon/favicon-16x16.png
IP 174.138.179.141:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 1c063f9884c2797fb2840d793edf7559
ad0b7334bca206c0e95dd647e2c52f2c5db936b1
5c34a01f17fb2c3684b66f8bd15ced8c82dabbf13ae69d025770bcba1ff34e7c
GET /favicon/favicon-16x16.png HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D; __atuvc=1%7C39; __atuvs=632f9d9df8d56391000; _ga_747YJ74QHW=GS1.1.1664064925.1.0.1664064925.0.0.0; _ga=GA1.1.494884101.1664064926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 08 Nov 2021 13:23:35 GMT
ETag: "4ba-5d046e662fecd"
Accept-Ranges: bytes
Content-Length: 1210
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/amongusonline/loader.js
151.101.85.44200 OK 26 kB URL HTTP/2 cdn.taboola.com/libtrc/amongusonline/loader.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65195)
Hash ae6f06c391a62db40af5c5aec356a88a
f769f5d8e10ba16d8fdc124156395013083a3892
8727fce84f16b153987fa81b57990f2b6dee624ab5bc2ba6b49d9a04f6dfaec3
GET /libtrc/amongusonline/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
etag: "2919954a90845987ed71a2443329ad3dd7a164f0"
last-modified: Fri, 23 Sep 2022 14:26:09 UTC
x-amz-id-2: e57ZqrIdwNr7cjbFiN0X/+U9N7Urdk4d2EoATbmVhBxuzlZ/5myv3XaLeUCw676H0glDyuYDdek=
x-amz-request-id: R2Y9H6D9CBATPFTJ
x-amz-version-id: C7T3QLaUxZyq_LE6whtq0t6e_6uBjMHw
x-from-cache: 1
x-envoy-upstream-service-time: 5
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:27 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664064927.304800,VS0,VE76
cache-control: private,max-age=14400
vary: Accept-Encoding, Accept-Encoding
abp: 30
content-length: 26219
X-Firefox-Spdy: h2
tovanillitechan.com/1?z=5149841
139.45.197.239200 OK 4.1 kB URL HTTP/2 tovanillitechan.com/1?z=5149841
IP 139.45.197.239:0
File type ASCII text, with very long lines (7767)
Hash 48a7d2c4c9159a362b8ff861f4595d2e
c07e21214df969b8c6e52c927905deac8d18532c
f1544d4d258a69c2cb4c549934d3e1115161058f52c2c5600dd86c876dd71bc0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5149841 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: db9713061019426dbf32eb43424a3cfd
access-control-expose-headers: X-Sc
x-sc: p6i9ly8SiziTF499h30gmIgvONY6ezFikN_bhOtasjskr9sckSQyEsI5vMUrJ2m4Gvr3GBHoLRWpsFLoIhkXtlchoGw=
set-cookie: scm=1; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
OAID=a9cc16922c674657b908730ab634c189; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
oaidts=1664064927; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sun, 25 Sep 2022 00:15:27 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220921/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sat, 24 Sep 2022 03:27:15 GMT
expires: Sat, 08 Oct 2022 03:27:15 GMT
cache-control: public, max-age=1209600
age: 74892
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1664064926229&ns_c=UTF-8&c7=https%3A%2F%2Famongus-online.net%2F&c8=Play%20Among%20Us%20ONLINE&c9=
143.204.55.25204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1664064926229&ns_c=UTF-8&c7=https%3A%2F%2Famongus-online.net%2F&c8=Play%20Among%20Us%20ONLINE&c9=
IP 143.204.55.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1664064926229&ns_c=UTF-8&c7=https%3A%2F%2Famongus-online.net%2F&c8=Play%20Among%20Us%20ONLINE&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 00:15:27 GMT
set-cookie: UID=1E3cc9666bf7396e22870281664064927; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cSl66ynrzZ9yq228NWuOPEjr2A9XqLguMLgNftBKpkYZi-Dyl61Cfw==
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 9cc89112550e1057316490e674bb3d63
74b57fabe3c1fb62d5efb1133b2c7d6ee7ffe71d
ec0d243428cc468b68337b56137b72a10432fe7901d651cb6105d25c76551be8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 25 Sep 2022 00:15:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 24 Sep 2022 13:21:00 GMT
Expires: Sun, 25 Sep 2022 13:21:00 GMT
ETag: "74b57fabe3c1fb62d5efb1133b2c7d6ee7ffe71d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
zeeshith.net/pfe/current/tag.min.js?z=3932353
139.45.197.250200 OK 9.4 kB URL HTTP/2 zeeshith.net/pfe/current/tag.min.js?z=3932353
IP 139.45.197.250:0
File type C source, ASCII text, with very long lines (14803), with CRLF, LF line terminators
Hash 547159f8648bc9fce5991018583ceda3
8227bff35ead2c5e7dc27a062b7a38064709fd93
219f4155feaa60affe1f20916426fc718c575911e5978183563305e13558f4a8
GET /pfe/current/tag.min.js?z=3932353 HTTP/1.1
Host: zeeshith.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:26 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-747YJ74QHW>m=2oe9l0&_p=1705738255&cid=494884101.1664064926&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664064925&sct=1&seg=0&dl=https%3A%2F%2Famongus-online.net%2F&dt=Play%20Among%20Us%20ONLINE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-747YJ74QHW>m=2oe9l0&_p=1705738255&cid=494884101.1664064926&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664064925&sct=1&seg=0&dl=https%3A%2F%2Famongus-online.net%2F&dt=Play%20Among%20Us%20ONLINE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-747YJ74QHW>m=2oe9l0&_p=1705738255&cid=494884101.1664064926&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664064925&sct=1&seg=0&dl=https%3A%2F%2Famongus-online.net%2F&dt=Play%20Among%20Us%20ONLINE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://amongus-online.net
date: Sun, 25 Sep 2022 00:15:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f88229d1b69c5e62e81d6c1dd37668c3
891695115a67d86c1e731a9f2531b49649903387
80e9c857fa9d80dc98eed6cbc1d71eb042df2ac935653f6853920ffa16947d31
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1101
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:27 GMT
Last-Modified: Sat, 24 Sep 2022 23:57:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6669610813a1e4e2786f7d3f8d40c867
05839bacff46752db344a755d43db959787ae225
1a33b29382a6cb0072b29d29981cd4b04f876b7c4614026f4e96017b8db2eb03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb.scorecardresearch.com/beacon.js
143.204.55.25200 OK 2.3 kB URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.25:0
Hash 5e87799bdfe9c42a986d34dd90b3a1c3
5f766794cb0dcbb6693a0483de844c63049a9f61
08da1ef748889d84c6d2a7709360134616fdb508badfe93d2c853415a50180d2
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 24 Sep 2022 02:41:01 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mOvk61Jm1kfyhplhJzPTwi6kQKT1o39PdXTBPYuG3CFMUBZKrFG_lg==
age: 77670
X-Firefox-Spdy: h2
trc-events.taboola.com/amongusonline/log/2/debug?tim=00%3A15%3A26.365&type=usage&msg=rtus&llvl=2&id=9396&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/amongusonline/log/2/debug?tim=00%3A15%3A26.365&type=usage&msg=rtus&llvl=2&id=9396&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /amongusonline/log/2/debug?tim=00%3A15%3A26.365&type=usage&msg=rtus&llvl=2&id=9396&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
x-fastly-to-nlb-rtt: 22739
access-control-allow-credentials: true
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=amongus-online.net
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=amongus-online.net
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=amongus-online.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 00:15:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
151.101.85.44200 OK 472 B URL HTTP/2 cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
IP 151.101.85.44:0
Hash 6669610813a1e4e2786f7d3f8d40c867
05839bacff46752db344a755d43db959787ae225
1a33b29382a6cb0072b29d29981cd4b04f876b7c4614026f4e96017b8db2eb03
GET /libtrc/impl.20220922-16-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: COg8lMA673OEz5PM+KFXiDXiosSVySM+TdixW+84HZwxLH8GtDt35DYHxlOgtiehZ9ZB4jLgaQI=
x-amz-request-id: W1R6REBMZ25HV30N
last-modified: Thu, 22 Sep 2022 14:15:17 GMT
etag: "b6247ec22fba797cf6f51ae4c86a6509"
content-encoding: br
x-amz-version-id: wNWqo8c3RDyWSxV8p_CKOzvKdfoSb_oq
content-type: application/javascript
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:27 GMT
via: 1.1 varnish
age: 7209
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1332
x-timer: S1664064927.480684,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 97
server: AmazonS3-br
content-length: 145469
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=amongus-online.net
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=amongus-online.net
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=amongus-online.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 00:15:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/195.461912c47007775093ae.js
23.38.200.123200 OK 298 B URL HTTP/2 s7.addthis.com/static/195.461912c47007775093ae.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (384), with no line terminators
Hash b3a09bfb320e3798865e9543432f891f
1b852bdc37086072c734acec0af4d1971e6ec320
62048a133b36399f6990ddbf705fc3a2cd9a8a9d010e1fb89ed8bdd25d56fca3
GET /static/195.461912c47007775093ae.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-180"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 298
date: Sun, 25 Sep 2022 00:15:27 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/14.2dfb61b890959f78272d.js
23.38.200.123200 OK 304 B URL HTTP/2 s7.addthis.com/static/14.2dfb61b890959f78272d.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (397), with no line terminators
Hash ca0f404238de96a7e72a7412a43229ba
4f73f2828bffb15fe09660886210e4ec40eeaa8b
d44d9599170c634d819deecceaa0e7964c0eab00f2e424e882c2840b1363dd36
GET /static/14.2dfb61b890959f78272d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-18d"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 304
date: Sun, 25 Sep 2022 00:15:27 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1219
152.199.21.117200 OK 66 kB URL HTTP/2 ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1219
IP 152.199.21.117:0
File type ASCII text, with very long lines (1029)
Hash 7da3370b4a62dfdc5118b8592e30bcdc
9d69f6f482ca2c9297a74fe9c89a9db5f9fa6dda
179e0d72c46de83842c0ee1624aa2473391c851832e2a9a2ad3eb57b34f0d978
GET /cached/zonemasters/mobilemodules.js?ver=1219 HTTP/1.1
Host: ssl.cdne.cpmstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 124961
cache-control: max-age=259200
content-type: application/javascript
date: Sun, 25 Sep 2022 00:15:27 GMT
etag: "2c1cbc512cfd81:0+gzip"
last-modified: Fri, 23 Sep 2022 06:07:32 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
server: ECAcc (ska/F6C0)
vary: Accept-Encoding
x-cache: HIT
content-length: 66302
X-Firefox-Spdy: h2
ssl.cdne.cpmstar.com/cached/zonemasters/cpmstarjsgameapi.js?ver=1219
152.199.21.117200 OK 2.1 kB URL HTTP/2 ssl.cdne.cpmstar.com/cached/zonemasters/cpmstarjsgameapi.js?ver=1219
IP 152.199.21.117:0
File type ASCII text, with very long lines (539)
Hash 224e13e70b40a0bb71029ba0a5436227
2ec2d70fa06cebff082bf71fa27c41c4b2d5c5ef
7832dab6b7b7c897aa8929997c7e73e224df0fafb22610d915c8b46f0f37f850
GET /cached/zonemasters/cpmstarjsgameapi.js?ver=1219 HTTP/1.1
Host: ssl.cdne.cpmstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 37535
cache-control: max-age=259200
content-type: application/javascript
date: Sun, 25 Sep 2022 00:15:27 GMT
etag: "81c8388cbc2d61:0+gzip"
last-modified: Wed, 25 Nov 2020 01:33:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
server: ECAcc (ska/F6CB)
vary: Accept-Encoding
x-cache: HIT
content-length: 2137
X-Firefox-Spdy: h2
trc-events.taboola.com/amongusonline/log/3/bulk-metrics?lti=deflated&bulkSize=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/amongusonline/log/3/bulk-metrics?lti=deflated&bulkSize=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /amongusonline/log/3/bulk-metrics?lti=deflated&bulkSize=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 480
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Famongus-online.net%2F
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Famongus-online.net%2F
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Famongus-online.net%2F HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://amongus-online.net/
last-modified: Sun, 25 Sep 2022 00:00:00 GMT
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 25 Sep 2022 00:15:27 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zeeshith.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: zeeshith.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
zeeshith.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: zeeshith.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Content-Type: application/json
Origin: https://amongus-online.net
Content-Length: 373
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a90f9b36177a871e9c8c61726fa561cb
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=u2lf683282ma337686244l3g2rjlz761
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=u2lf683282ma337686244l3g2rjlz761
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d177bbf66fa040558fa1b561b3890ff0
f6fe38b546ddd338f9f449fa2cb0c9c30cd0c5da
07e1f2702d373a30579fb8e3cd1efb6fa354e5a3b835ab664a42fe944ac87f75
GET /gid.js?userId=u2lf683282ma337686244l3g2rjlz761 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: ID=d39de3b6d7dd4d7e8de53fa41277b6a8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://amongus-online.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d39de3b6d7dd4d7e8de53fa41277b6a8; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=5149841&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Famongus-online.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=u2lf683282ma337686244l3g2rjlz761
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/9?z=5149841&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Famongus-online.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=u2lf683282ma337686244l3g2rjlz761
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5149841&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Famongus-online.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=u2lf683282ma337686244l3g2rjlz761 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://amongus-online.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sun, 25 Sep 2022 00:15:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sun, 25 Sep 2022 00:15:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sun, 25 Sep 2022 00:15:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sun, 25 Sep 2022 00:15:27 GMT
Connection: keep-alive
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Famongus-online.net%2F&callback=_ate.cbs.rcb_54s00
23.38.200.123200 OK 58 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Famongus-online.net%2F&callback=_ate.cbs.rcb_54s00
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash becb1ce037685a0d32aaf7195f0173db
a54c2fd7a45e45362ba4961049c60b13086c9996
7d03ea5e649242345191ea36c5109c4abb8a70343c035a23544e536745f8f12b
GET /url/shares.json?url=https%3A%2F%2Famongus-online.net%2F&callback=_ate.cbs.rcb_54s00 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: amongus-online.net/
last-modified: Sun, 25 Sep 2022 00:15:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 58
date: Sun, 25 Sep 2022 00:15:27 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.reddit.com/api/info.json?url=http%3A%2F%2Famongus-online.net%2F&jsonp=_ate.cbs.rcb_ho350
151.101.85.140200 OK 144 B URL HTTP/2 www.reddit.com/api/info.json?url=http%3A%2F%2Famongus-online.net%2F&jsonp=_ate.cbs.rcb_ho350
IP 151.101.85.140:0
File type ASCII text, with no line terminators
Hash e09bbf503e68c7dcc389dda0f20ff060
658857fc9ad7860b8819429ec8298e8515c48fc0
c0c7bf748a0a3011dfb8466680012413610f13d55f40848b65108866c492211d
GET /api/info.json?url=http%3A%2F%2Famongus-online.net%2F&jsonp=_ate.cbs.rcb_ho350 HTTP/1.1
Host: www.reddit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-ua-compatible: IE=edge
expires: -1
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-remaining: 298
x-ratelimit-used: 2
x-ratelimit-reset: 273
access-control-allow-origin: *
access-control-expose-headers: X-Moose
x-moose: majestic
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:27 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: csv=2; Max-Age=63072000; Domain=.reddit.com; Path=/; Secure; SameSite=None
edgebucket=pFNsqncxLmsttL1j8P; Domain=reddit.com; Max-Age=63071999; Path=/; secure
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 144
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Famongus-online.net%2F&callback=_ate.cbs.rcb_9kr70
23.38.200.123200 OK 58 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Famongus-online.net%2F&callback=_ate.cbs.rcb_9kr70
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 3c88b13711520e37711ca69b0387c2aa
4b349874869ffd74b6c8c54ea0da840ae85a4fc8
e106f5b984878f69891d937b59ae2535e3e2cbba2ac1a217a705971ea3484273
GET /url/shares.json?url=http%3A%2F%2Famongus-online.net%2F&callback=_ate.cbs.rcb_9kr70 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: amongus-online.net/
last-modified: Sun, 25 Sep 2022 00:15:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 58
date: Sun, 25 Sep 2022 00:15:27 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 08:16:28 GMT
age: 57539
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
amongus-online.net/sw.js
174.138.179.141200 OK 1.2 kB IP 174.138.179.141:0
File type ASCII text, with very long lines (2734)
Hash e5a12670837dd3821402f5114006840d
9273aa7b1a4dfe46f592bb1fc9472db358cdc66a
7bb3d43dcebf857ea8cca2f97036515189941e7123bf3b30c30788e892958798
GET /sw.js HTTP/1.1
Host: amongus-online.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Connection: keep-alive
Cookie: amongus_session=eyJpdiI6IlJRQ0l6N2U0eE0raUdmbWpSYkRyK3c9PSIsInZhbHVlIjoiemhWZjRnblpwNG1wL0tIL2dzN2lHRU1VSXpIeWhjWm1jVEpqUmI4QWVBSy9hMU5aZ1Q2YWpXTHpqeGdKTk10YzR6RHVjaStFQTRYb1lYUXdMYU55Vi9YT3pVYkt0VjladHE3aUprQUltc0o3Z3NCTGVoTmVNR0ZWekVDSkJKd24iLCJtYWMiOiJhZWFjM2EwN2ViYTgzOTUyNWZjYzA5OGM0NmQ4ZTMxYmRiOWI4MjY3OTIwYWQ0YjU5ODI1YTI2ZDY4YTI2YjRkIiwidGFnIjoiIn0%3D; __atuvc=1%7C39; __atuvs=632f9d9df8d56391000; _ga_747YJ74QHW=GS1.1.1664064925.1.0.1664064925.0.0.0; _ga=GA1.1.494884101.1664064926; __gads=ID=e1cd1f2d2ff0f5cc-22b414be2cce0012:T=1664064927:RT=1664064927:S=ALNI_MaUXAN_ty19blaeUk6QWvtodB8r6g
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 00:15:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 04 Nov 2021 06:09:12 GMT
ETag: "aaf-5cff05d9683ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1182
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 9488
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ecc2a02c5bf02ae98849085d835b2dd
5fc6f043ab0929c95b84b78c9d03befbe0fadea0
ac308de6a557df495017c8cd16d431711daee7107686c1b74cd4e6f0e63de961
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8883
x-amzn-requestid: 684fdd05-960b-42cb-8544-3347a4bf9b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmEaqIAMFz4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-2642e1df108d0f7a5d98b126;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ww7Y221O3YKYU2YLj-uLBxsJoTTCvV4nZd1Vlh2DK1TAFv2BINUJ4w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 9502
etag: "5fc6f043ab0929c95b84b78c9d03befbe0fadea0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7eba9d4ed7413abb8e8824cc86071b50
1ec47b0f11a2b1173a1dcd32d541e5680b0088b1
399622d6099137974fa30a332c145b45182a7be272523a325418c63bfe70e5a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4320
x-amzn-requestid: 72d102a6-8552-473f-b3f8-99450722017d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHEgIAMFXvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-7e4789b1723913e2500ea5f2;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4XK0s7000jxVbsu88-3ze_Mg_SqTKMDgAWKiLkc3ZCiiqGhS02Cn5w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:12:06 GMT
age: 7401
etag: "1ec47b0f11a2b1173a1dcd32d541e5680b0088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 9501
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 716068d10c9e3a16d3a8e727992f71ec
f18edf7b5080b39e00bde335c16ca0f771428e8e
5991be1a009df210adc123f9f8081f669368a3a1891305717fc40ead172917a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10845
x-amzn-requestid: b819b750-c0b1-46b1-9e6c-010912fa87b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EzFpWoAMFxdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7884-3671ba9f0fc6b3e52e25f8a7;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F8HfbDS4Ki85iwI7IgBulH70M3NwK6_-lmATgGp2myUTSlJKCDiScw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:26 GMT
age: 9361
etag: "f18edf7b5080b39e00bde335c16ca0f771428e8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=5149841&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Famongus-online.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=u2lf683282ma337686244l3g2rjlz761
139.45.197.239200 OK 7 B URL HTTP/2 tovanillitechan.com/9?z=5149841&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Famongus-online.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=u2lf683282ma337686244l3g2rjlz761
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5149841&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Famongus-online.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=u2lf683282ma337686244l3g2rjlz761 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 437
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: scm=1; OAID=a9cc16922c674657b908730ab634c189; oaidts=1664064927
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:27 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://amongus-online.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a89d77ed98d59f863694f3b7ddc03a81
access-control-expose-headers: X-Sc
set-cookie: OAID=u2lf683282ma337686244l3g2rjlz761; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
oaidts=1664064927; expires=Mon, 25 Sep 2023 00:15:27 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ssl.cdne.cpmstar.com/cached/js/anchorad_v100.pack.js?ver=1219
152.199.21.117200 OK 2.9 kB URL HTTP/2 ssl.cdne.cpmstar.com/cached/js/anchorad_v100.pack.js?ver=1219
IP 152.199.21.117:0
File type ASCII text, with very long lines (1095)
Hash 861ffe039ce4095dfcf01c8b0e4ece70
40007433f0c60fe696bc143ccc1cceca259abcc3
76676a246abff32344a141d4b799991589b78cf25ffbbc1d61e59dfc285b7d00
GET /cached/js/anchorad_v100.pack.js?ver=1219 HTTP/1.1
Host: ssl.cdne.cpmstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 12335
cache-control: max-age=14400
content-type: application/javascript
date: Sun, 25 Sep 2022 00:15:28 GMT
etag: "3b6bd387b5bbd71:0+gzip"
last-modified: Thu, 07 Oct 2021 19:57:17 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
server: ECAcc (ska/F6C1)
vary: Accept-Encoding
x-cache: HIT
content-length: 2901
X-Firefox-Spdy: h2
ssl.cdne.cpmstar.com/cached/zonemasters/blueprints/instreamvideo.js?ver=1219
152.199.21.117200 OK 1.3 kB URL HTTP/2 ssl.cdne.cpmstar.com/cached/zonemasters/blueprints/instreamvideo.js?ver=1219
IP 152.199.21.117:0
File type ASCII text, with CRLF line terminators
Hash 9d4b1ac6ddbd9112c532ddb07a5eec2b
4bbd284c7b0f1f647827528bfb84219aa833bafe
d4598d43e03ff185571523d2d5f0bca08a660e0dba0b40decdae489dd86acd34
GET /cached/zonemasters/blueprints/instreamvideo.js?ver=1219 HTTP/1.1
Host: ssl.cdne.cpmstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 124773
cache-control: max-age=259200
content-type: application/javascript
date: Sun, 25 Sep 2022 00:15:28 GMT
etag: "4351428cbc2d61:0+gzip"
last-modified: Wed, 25 Nov 2020 01:33:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
server: ECAcc (ska/F7B0)
vary: Accept-Encoding
x-cache: HIT
content-length: 1297
X-Firefox-Spdy: h2
www.reddit.com/api/info.json?url=https%3A%2F%2Famongus-online.net%2F&jsonp=_ate.cbs.rcb_k5sd0
151.101.85.140200 OK 5.8 kB URL HTTP/2 www.reddit.com/api/info.json?url=https%3A%2F%2Famongus-online.net%2F&jsonp=_ate.cbs.rcb_k5sd0
IP 151.101.85.140:0
File type ASCII text, with very long lines (64786), with no line terminators
Hash 8c7307f295208405e5b0a04ad2d1121b
bff02709c561008e1471e6f5065703b25c63c9a1
b42b444ea121c9f69b1b9b7eeae13953f9f4ba5f462f121114dd3f3f889a0013
GET /api/info.json?url=https%3A%2F%2Famongus-online.net%2F&jsonp=_ate.cbs.rcb_k5sd0 HTTP/1.1
Host: www.reddit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-ua-compatible: IE=edge
expires: -1
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-remaining: 299
x-ratelimit-used: 1
x-ratelimit-reset: 273
access-control-allow-origin: *
access-control-expose-headers: X-Moose
content-encoding: gzip
x-moose: majestic
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
via: 1.1 varnish
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: csv=2; Max-Age=63072000; Domain=.reddit.com; Path=/; Secure; SameSite=None
edgebucket=dvpcR7WwF7HjM2z8xg; Domain=reddit.com; Max-Age=63071999; Path=/; secure
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 5754
X-Firefox-Spdy: h2
server.cpmstar.com/country.aspx?cache=true&referer=amongus-online.net&callback=bfwa2i
198.24.170.50200 OK 196 B URL HTTP/1.1 server.cpmstar.com/country.aspx?cache=true&referer=amongus-online.net&callback=bfwa2i
IP 198.24.170.50:0
File type ASCII text, with no line terminators
Hash 71a3a79e4edcc7062820efd24ea8d1c8
d3b332645b234a168f3123cf5a7acde86e6d30a9
7f67ae2cb0caf6b1d339ef1831ca41c8769b40bdec4501f03c7768f8d33d6e87
GET /country.aspx?cache=true&referer=amongus-online.net&callback=bfwa2i HTTP/1.1
Host: server.cpmstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store, no-cache, must-revalidate
Pragma: no-cache,no-cache
Content-Type: application/javascript; charset=utf-8
Expires: -1,Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: USER_ID=%07%83.0%dd%9f%e1%bf%cf%96v5%86%bfs; domain=.server.cpmstar.com; expires=Thu, 25-Sep-2042 00:15:28 GMT; path=/; secure; SameSite=None
r=0_58_1659463982|0_57_1660335534|0_2_1662318599; domain=.server.cpmstar.com; expires=Thu, 25-Sep-2042 00:15:28 GMT; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Date: Sun, 25 Sep 2022 00:15:27 GMT
Content-Length: 196
zeeshith.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: zeeshith.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Content-Type: application/json
Origin: https://amongus-online.net
Content-Length: 737
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:28 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: bdd9a25a75df0fcaf36577eaa73731dc
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=u2lf683282ma337686244l3g2rjlz761
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=u2lf683282ma337686244l3g2rjlz761
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d177bbf66fa040558fa1b561b3890ff0
f6fe38b546ddd338f9f449fa2cb0c9c30cd0c5da
07e1f2702d373a30579fb8e3cd1efb6fa354e5a3b835ab664a42fe944ac87f75
GET /gid.js?userId=u2lf683282ma337686244l3g2rjlz761 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Cookie: ID=d39de3b6d7dd4d7e8de53fa41277b6a8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:28 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://amongus-online.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d39de3b6d7dd4d7e8de53fa41277b6a8; expires=Mon, 25 Sep 2023 00:15:28 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_94%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d521105845c173fb953e64d199e33154.jpg
151.101.85.44200 OK 2.4 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_94%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d521105845c173fb953e64d199e33154.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8af6e9c57f7cea224bab574fbd23e962
e009422289c17c5fb3324b0a88bd8540992b9f06
3c930a8e937d708ccdae0b5f2ec53de09530b0c58cf1b773dfd630f3cfbb291c
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_94%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d521105845c173fb953e64d199e33154.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 492138907706621124196904210773979421999,328094339702835717929925262498190301209,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 492138907706621124196904210773979421999,328094339702835717929925262498190301209,29ecf9b93bbf306179626feeda1fab70
etag: "4682cb65a7ca0b8f52e17e4fa0a1fa5b"
last-modified: Sat, 09 Jul 2022 21:32:58 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 73faadcf236acf243c8bbaacf4d20582
x-envoy-upstream-service-time: 61
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
age: 5118541
x-served-by: cache-iad-kcgs7200071-IAD, cache-iad-kjyo7100084-IAD, cache-lga21920-LGA, cache-iad-kiad7000151-IAD, cache-bma1640-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 1, 0, 1, 1
x-timer: S1664064928.184944,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_94%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d521105845c173fb953e64d199e33154.jpg
x-vcl-time-ms: 1
content-length: 2410
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_94%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjQ3M2U1M2NiZmQ4YTM4YmM4ZDhkYWI4MWY5YTk0ZTRhY2Y5NzgxNTBjYjJkN2VmNmRmY2M3ZDYyNDJlOGQxNzAiLCJ3IjoxMjAwLCJoIjo4MDAsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
151.101.85.44200 OK 4.2 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_94%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjQ3M2U1M2NiZmQ4YTM4YmM4ZDhkYWI4MWY5YTk0ZTRhY2Y5NzgxNTBjYjJkN2VmNmRmY2M3ZDYyNDJlOGQxNzAiLCJ3IjoxMjAwLCJoIjo4MDAsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cac7fbb65c140fe08c58d181d4a6f2f8
3af910fc2331ff71a2e4aae5a2000762acc16cd3
81ab5ed4a2a88fba4d08333620ce8741ce7b3ae56a3880eb331a4309f3e7a816
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_94%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjQ3M2U1M2NiZmQ4YTM4YmM4ZDhkYWI4MWY5YTk0ZTRhY2Y5NzgxNTBjYjJkN2VmNmRmY2M3ZDYyNDJlOGQxNzAiLCJ3IjoxMjAwLCJoIjo4MDAsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 581626475450099491269177512906350703860,328094339702835717929925262498190301209,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 581626475450099491269177512906350703860,328094339702835717929925262498190301209,29ecf9b93bbf306179626feeda1fab70
etag: "0512be667d3b893594e607c360389356"
last-modified: Fri, 22 Jul 2022 11:53:20 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 223700478dd5ef02b22fc340809df650
x-envoy-upstream-service-time: 78
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
age: 4014060
x-served-by: cache-iad-kcgs7200051-IAD, cache-iad-kcgs7200084-IAD, cache-lga21932-LGA, cache-iad-kjyo7100051-IAD, cache-bma1640-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 1, 1
x-timer: S1664064928.184811,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_94%2Cw_140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjQ3M2U1M2NiZmQ4YTM4YmM4ZDhkYWI4MWY5YTk0ZTRhY2Y5NzgxNTBjYjJkN2VmNmRmY2M3ZDYyNDJlOGQxNzAiLCJ3IjoxMjAwLCJoIjo4MDAsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
x-vcl-time-ms: 1
content-length: 4154
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20220922-16-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20220922-16-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash 3e7d8362ae0935052e7b830330333235
a22d41053809368c2a205527d7e07e774704b963
0513cd309debc5c144190b687feb1a1fa3f910c5ae7a44ab98bc1b4d459946b3
GET /libtrc/userx.20220922-16-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: kn+8c7+pwc8IDWanEKFuA2pQuc3imK8Gpd8xRI5g75gTeFaBH118i59Vr5N78FDDUIoHglkysmY=
x-amz-request-id: EBEBBGTC39NQES1T
x-amz-replication-status: PENDING
last-modified: Thu, 22 Sep 2022 14:24:10 GMT
etag: "db9444e762c7677565a6ea28981b5bc1"
x-amz-version-id: Rop466o8w3GHuGp.qUtcSOWXpJVjStIH
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
via: 1.1 varnish
age: 3
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664064928.184834,VS0,VE1
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 97
content-length: 5398
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7b72a082fc5e3bc4aabbb79f73fb604
31cc6cd9b3dfbd31d24cd47dd2fcb29f5522822f
bf20590ab0b6486faa1a22e447f2ae149aa76742fd65fa43993646031d90a1e1
GET /lite-unit/3.9.5/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 09:04:05 GMT
etag: "8b1ffbd4f9c44c447f9a11e92fbb9112"
server: AmazonS3
via: 1.1 828a61ebc3af4e0465a5577a4c08af7a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: AfyrLxGlKNoXsjSvShOJ1QFm2rrv76iJaqEsgbMoQU-1oTsr3wJz-Q==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
age: 1005039
x-served-by: cache-bma1640-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 39217
x-timer: S1664064928.184783,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29884
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=amongus-online.net
178.250.2.146200 OK 16 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=amongus-online.net
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14700)
Hash c306f3d231aeacfe626db0cdfef22937
d7df90a93897e2295718e0cb85e96300064ef665
785b4516cd66fba19e4ad8ccf3532cf0377c2b2b6ef42184fff63173c18ebd73
GET /syncframe?origin=rtus&topUrl=amongus-online.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:27 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=3d818a76-479e-46ea-b090-a6414392ed3a; expires=Fri, 20 Oct 2023 00:15:27 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 534356
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d5f86ddceacf0b5d14b5b74eb60e39e2
a197f1b182fc5aebc30ee5570d7c5e6d7a3f410d
0727801c97c941992fb3a3bf7cc6ca2c44e15326d6e3dc9f0f0b4af54f4908ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 25 Sep 2022 00:15:28 GMT
expires: Sun, 25 Sep 2022 00:15:28 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 11:30:52 GMT
expires: Fri, 22 Sep 2023 11:30:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 218676
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Famongus-online.net%2F&callback=window._ate.cbs.rcb_2qbq0
151.101.84.84200 OK 590 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Famongus-online.net%2F&callback=window._ate.cbs.rcb_2qbq0
IP 151.101.84.84:0
File type ASCII text, with no line terminators
Hash 7de6296c1b6a51dafedb489d57db5db9
9e954d82cb05b145ba5e163d32b451aaccf3311a
629e9dfffa2d84bd937c4b94c20855e6aef4829aeed2a49d653d53d5f2859e9e
GET /v1/urls/count.json?url=http%3A%2F%2Famongus-online.net%2F&callback=window._ate.cbs.rcb_2qbq0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Sun, 25 Sep 2022 00:30:27 GMT
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1031686993318013
date: Sun, 25 Sep 2022 00:15:27 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b4acd1763adaec65488a539ec060e921
aa3af623afb0a753cf027b65ffbdede79167db12
f57d9dec7082b35d702dd2a7efdfbbf455d0277d87646485fcc2dbde6ea3dce1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 506
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:28 GMT
Last-Modified: Sun, 25 Sep 2022 00:07:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 312
il-trc-events.taboola.com/amongusonline/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/amongusonline/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /amongusonline/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 965
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 00:15:28 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:27 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=K4vKE180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g2VXBqeGFxOFJ3ZE9wbVZMZkg1QlRBZ2JyYlJrR1R3JTJGSDdRM2FVbkM1aQ; expires=Fri, 20 Oct 2023 00:15:28 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 260367
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash c355ed9771e902f61a7b25899ee283c4
67f4c542d67acf7b206c6f9d19f04db21c588dbc
75d8d7a6cf95a6bcb3d4176ed97a3adafee0d1371480b7997b9e1361ba133dfa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5800
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:28 GMT
Last-Modified: Sat, 24 Sep 2022 22:38:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 312
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&cmcv=&pix=undefined&cb=1664064927273&uv=3229&tms=1664064927273&abt=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=daeb05e7-14c3-4b2f-9fa9-e63bc526b79f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 708 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&cmcv=&pix=undefined&cb=1664064927273&uv=3229&tms=1664064927273&abt=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=daeb05e7-14c3-4b2f-9fa9-e63bc526b79f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
Hash 925af7d97e9b38a2e386a70cddd9cded
4aa12996a9ab1e49f0c15bbf6cf0b123d3d3385c
44ac8a5141157ab185144e0abedb769ed9866eb99f6971b3c7eeb787840b3d87
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&cmcv=&pix=undefined&cb=1664064927273&uv=3229&tms=1664064927273&abt=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=daeb05e7-14c3-4b2f-9fa9-e63bc526b79f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664064929.560839,VS0,VE23
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&cmcv=&pix=31589837&cb=1664064927273&uv=3229&tms=1664064927273&abt=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664064923915!ts:1664064927273&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&cmcv=&pix=31589837&cb=1664064927273&uv=3229&tms=1664064927273&abt=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664064923915!ts:1664064927273&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&cmcv=&pix=31589837&cb=1664064927273&uv=3229&tms=1664064927273&abt=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664064923915!ts:1664064927273&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:28 GMT
content-length: 0
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_2_9/assets/css/cmOsUnit.css
151.101.85.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_2_9/assets/css/cmOsUnit.css
IP 151.101.85.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_2_9/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: YBA8MkOnSXGMHUW+oVvQoFupvyARRHmqtg6k7qFddu1XWVWRf5ux18wab0s+hW6jcugQFdn6WKg=
x-amz-request-id: MQP6BTGQ4RXV0EH2
last-modified: Tue, 20 Sep 2022 09:22:13 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1663665732
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1663665732
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
via: 1.1 varnish
age: 399089
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 67092
x-timer: S1664064929.678414,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_2_9/infra/cmTagWIDGET_ITEM.js
151.101.85.44200 OK 127 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_2_9/infra/cmTagWIDGET_ITEM.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 127 kB (126981 bytes)
Hash 5d99aaf0e372677c12f5af139f965aa0
5fc2a79ff8cb3952b1dfdee012de37ccf15b2472
1a795724b5c9baa38ae220a84eb900b4cf03154f6293da3d9525626b10a9efde
GET /vpaid/units/32_2_9/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: cs9ICKLP0R/5CLtgXIhcynhvBQoSDhjNS7ZyPNvKFsN1GWVFHztEv87kdWzYDJyDp3eGa2GvZIk=
x-amz-request-id: MQP3TDD7RBXG6KSZ
last-modified: Tue, 20 Sep 2022 09:21:20 GMT
etag: "5d99aaf0e372677c12f5af139f965aa0"
x-amz-meta-ctime: 1663665679
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1663665678
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
via: 1.1 varnish
age: 399089
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 34099
x-timer: S1664064929.696710,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 126981
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:28 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://amongus-online.net
server-processing-duration-in-ticks: 628179
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aa493a3cea4ae63051441d46d074c6a5
d9e87204fe8db36e7c7d3b0de8e1735607d0d2d1
3f76f9469d546d38c2abdef48f4c6a4d00ec446575c455124a8a24a6ba972f54
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2362
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:28 GMT
Last-Modified: Sat, 24 Sep 2022 23:36:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aa493a3cea4ae63051441d46d074c6a5
d9e87204fe8db36e7c7d3b0de8e1735607d0d2d1
3f76f9469d546d38c2abdef48f4c6a4d00ec446575c455124a8a24a6ba972f54
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2362
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:28 GMT
Last-Modified: Sat, 24 Sep 2022 23:36:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 25 Sep 2022 00:15:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=2921a299-3c67-11ed-bcb2-1bce7de30106; expires=Sun, 23-Oct-2022 00:15:28 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2921a2e6-3c67-11ed-bcb2-1bce7de30106
X-fe: 95
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 25 Sep 2022 00:15:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=2925df8c-3c67-11ed-9214-1d03a5b20506; expires=Sun, 23-Oct-2022 00:15:28 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2925dfca-3c67-11ed-9214-1d03a5b20506
X-fe: 87
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2921a2e6-3c67-11ed-bcb2-1bce7de30106
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2921a2e6-3c67-11ed-bcb2-1bce7de30106
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2921a2e6-3c67-11ed-bcb2-1bce7de30106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 25 Sep 2022 00:15:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=29264f6c-3c67-11ed-8062-1d21b9eb0406; expires=Sun, 23-Oct-2022 00:15:28 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 73
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2925dfca-3c67-11ed-9214-1d03a5b20506
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2925dfca-3c67-11ed-9214-1d03a5b20506
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2925dfca-3c67-11ed-9214-1d03a5b20506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 25 Sep 2022 00:15:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=292a630d-3c67-11ed-94cd-13ae17dc0206; expires=Sun, 23-Oct-2022 00:15:28 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 43
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash e4238a8dce680f044e300a42d1abd3cf
18787cec62a1957ee6141e4792543384d7c2b229
656116cbc32f529cf600bd32bdd26bbe4fbaac5a676251a0b7a5ff0562005f23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 00:15:28 GMT
Last-Modified: Sat, 24 Sep 2022 22:58:32 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 312
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.2.150200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.2.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:28 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 10 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash bfa210ea602e8138dd4bfaa5327ce998
526760303501ec5b16492851fe4daea506929eca
d180f316956736d74169b46dba51271b28c5a6d0f880dacacf7c013e45c9ec07
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
x-crto-bundle: RnoiAl9ObjlhT2xzcnclMkJ3QUJNUVg0RHZyb3RvJTJCMXpMbkJ3Nno4Z04xRU9saWV3OWhkaSUyRlNYYkVTJTJCSkpENkR5MVh0aDFjJTJCenJINEElMkIxN1U3a05QaHZ5ekRZanAwZ2lsQnB5ZzFaWTFqRFR3Y0lBcmtLQ3VuTzU4V1VVQVVWJTJGWWswU0NRY3RjSjd3YjlPanE0clJIRmpVWjJidyUzRCUzRA
Origin: https://amongus-online.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:28 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://amongus-online.net
server-processing-duration-in-ticks: 1862554
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=amongus-online.net&sn=FirefoxSyncframe&so=0&topUrl=amongus-online.net&info=Dr0YIV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g2VXBqeGFxOFJ3ZE9wbVZMZkg1QlFnRVdRZ2p5SXQ2T0tkWXZ1UnAxOE4&idsd=-556905830,-1831901706&cw=1&rtusCallerId=72&lsw=1
178.250.2.146200 OK 395 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=amongus-online.net&sn=FirefoxSyncframe&so=0&topUrl=amongus-online.net&info=Dr0YIV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g2VXBqeGFxOFJ3ZE9wbVZMZkg1QlFnRVdRZ2p5SXQ2T0tkWXZ1UnAxOE4&idsd=-556905830,-1831901706&cw=1&rtusCallerId=72&lsw=1
IP 178.250.2.146:0
Hash 6eec1556862bc43ae5b677770a09923e
347438ac67189968bd49efa662c43fbfaf45a8f5
1d0d5ee899e7ad3c9141b9de433d2dc05b8faceb5e81621142bdce4355d1a09d
GET /sid/json?origin=rtus&domain=amongus-online.net&sn=FirefoxSyncframe&so=0&topUrl=amongus-online.net&info=Dr0YIV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g2VXBqeGFxOFJ3ZE9wbVZMZkg1QlFnRVdRZ2p5SXQ2T0tkWXZ1UnAxOE4&idsd=-556905830,-1831901706&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=amongus-online.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 929522
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.3/OvaMediaPlayer.js
151.101.85.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.3/OvaMediaPlayer.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash b5eb5deb3896df163984797d27b4d980
85da436ef9c38206cb926fed093c96f911506b75
19d2b834877874de4a1d488214d7c574cd00d7db6b68cc48b7b4c988cd5e7b51
GET /vpaid/vPlayer/player/v14.8.3/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: o6xcpPhv775RpZGpaP2atU207+TUcpD7v+IADo0lB/dpMr/QhFwz3nqd46XzsxrPcE5MsZmdhb0=
x-amz-request-id: PAKC81N915AWRTDK
last-modified: Sat, 24 Sep 2022 09:01:25 GMT
etag: "b5eb5deb3896df163984797d27b4d980"
x-amz-meta-ctime: 1664010084
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1664010068
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
via: 1.1 varnish
age: 54790
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1586
x-timer: S1664064929.996986,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 86888
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.85.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.85.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:29 GMT
age: 2567021
x-served-by: cache-bma1640-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 598036
x-timer: S1664064929.054793,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 25 Sep 2022 00:15:29 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=294fc0b2-3c67-11ed-87fe-1131174c0506; expires=Sun, 23-Oct-2022 00:15:29 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=294fc0ee-3c67-11ed-87fe-1131174c0506
X-fe: 86
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-match.taboola.com/sync?dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash e212b134cabf80f8be66f676e09c0097
c6f5b87bdb324d5acc99af18d97d5d9835c65c7a
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
GET /sync?dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:29 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=294fc0ee-3c67-11ed-87fe-1131174c0506
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=294fc0ee-3c67-11ed-87fe-1131174c0506
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=294fc0ee-3c67-11ed-87fe-1131174c0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 25 Sep 2022 00:15:29 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=295472e3-3c67-11ed-ab2f-1e87ce780306; expires=Sun, 23-Oct-2022 00:15:29 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 49
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9d0c4d31db713f6e0c4045953eb2c36e
41c25a649d9653c0e830e9aa2b75cd5142db32c4
3599c0d19052550915e434cb4456eebc40b02fe17d937e3008ffde3f07cbc13c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 00:15:29 GMT
Last-Modified: Sat, 24 Sep 2022 23:12:35 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MAmQbmldr2KpJd0BR6-d6yMPiQKBkqgE-r0bx3NfNAfNXL1AYYCVmQ==
Age: 3774
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:29 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:29 GMT
via: 1.1 varnish
age: 2692
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 65
x-timer: S1664064929.249051,VS0,VE0
cache-control: private,max-age=31536000
abp: 97
content-length: 254
X-Firefox-Spdy: h2
trc.taboola.com/amongusonline/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/amongusonline/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /amongusonline/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2104
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:29 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664064929.170079,VS0,VE82
x-vcl-time-ms: 82
X-Firefox-Spdy: h2
trc.taboola.com/amongusonline/log/3/visible?route=AM%3AIL%3AV<i=deflated
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/amongusonline/log/3/visible?route=AM%3AIL%3AV<i=deflated
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /amongusonline/log/3/visible?route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3839
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:29 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664064929.176001,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.85.44200 OK 923 B URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (2312), with no line terminators
Hash 26cdd3fcc80c31abb5e56a5be502737e
a6a67fd2591deaa331e11376972b2dd06616242a
ac58c61fa356670a0b14838061e474db061cc73d27cd8495d6a80499e1ec340e
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: w6fgNIMZM2fENM2mjLHAxJhEvZ7OhJ+orh5+d/mAuz+tqM7fgRp+7Y73K8+rKM3qB+G/FeTtVqo=
x-amz-request-id: 158FK1E03H5TYFXQ
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Sep 2022 14:11:45 GMT
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
x-amz-version-id: NrP0zRqJgdqCAFOGjLJOgaX1BFZQx8TJ
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:30 GMT
via: 1.1 varnish
age: 800
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 213
x-timer: S1664064930.136921,VS0,VE0
vary: Accept-Encoding
abp: 97
cache-control: private, max-age=3600
content-length: 923
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.85.44200 OK 4 B IP 151.101.85.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://amongus-online.net
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
cds.taboola.com/?uid=e48cb4ac-334d-416c-b86f-4a066ccc8484-tucta29231f
141.226.224.32204 No Content 0 B URL HTTP/2 cds.taboola.com/?uid=e48cb4ac-334d-416c-b86f-4a066ccc8484-tucta29231f
IP 141.226.224.32:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?uid=e48cb4ac-334d-416c-b86f-4a066ccc8484-tucta29231f HTTP/1.1
Host: cds.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 00:15:30 GMT
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=672a27e949414f19bf5126a3d12c0d0e&zoneId=3932353&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=672a27e949414f19bf5126a3d12c0d0e&zoneId=3932353&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d177bbf66fa040558fa1b561b3890ff0
f6fe38b546ddd338f9f449fa2cb0c9c30cd0c5da
07e1f2702d373a30579fb8e3cd1efb6fa354e5a3b835ab664a42fe944ac87f75
GET /gid.js?pub=0&userId=672a27e949414f19bf5126a3d12c0d0e&zoneId=3932353&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
Connection: keep-alive
Cookie: ID=d39de3b6d7dd4d7e8de53fa41277b6a8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://amongus-online.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d39de3b6d7dd4d7e8de53fa41277b6a8; expires=Mon, 25 Sep 2023 00:15:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
zeeshith.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: zeeshith.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Content-Type: application/json
Origin: https://amongus-online.net
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:34 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 40746ee49a1319f310badaf5b6d33e73
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:26 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 672061
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:28 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Famongus-online.net%2F&callback=window._ate.cbs.rcb_32nm0
151.101.84.84200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Famongus-online.net%2F&callback=window._ate.cbs.rcb_32nm0
IP 151.101.84.84:0
GET /v1/urls/count.json?url=https%3A%2F%2Famongus-online.net%2F&callback=window._ate.cbs.rcb_32nm0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Sun, 25 Sep 2022 00:30:27 GMT
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1740588838600704
date: Sun, 25 Sep 2022 00:15:27 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=113&height=63&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1664064927288&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=1323437061&tz=0&viewable=true&ddast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3103665&dpubid=497885&abtst=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&mPre=0.033&cirf=https%3A%2F%2Famongus-online.net&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=113&height=63&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1664064927288&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=1323437061&tz=0&viewable=true&ddast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3103665&dpubid=497885&abtst=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&mPre=0.033&cirf=https%3A%2F%2Famongus-online.net&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=113&height=63&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1664064927288&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=1323437061&tz=0&viewable=true&ddast=V7xaMCFgP1FzshKm-v3QT1FzshKm-v3QUAAAAGBuIHJORwWQyrlW-tGG08a9HEMnMrZw7nWmXbTDyuyWziW86MQEIOl8WwWvnWitHGsxZNLDO3cuZwrlW2zcTjmswmvuXMChXS9BlNB0nDaTaIiq63xe5wmj1v2EDT6fC57vUKt9_uc33eervZaXfZ5S7TXw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAJwgNldAvCyFXvy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMXTM_p3FH_WpSFTwXMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg3H_uAhZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03ozZUiLWjFlULtFxAAYO0XEACATdwAAN4C4IKOoBWDweoCYnYAAAAAd_____96IDQcGTa-kcM32dg2LstiNzEsRo6ZabmaGTcWz8J7ajTcmey9sud9FdL0GU0HScNpNoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwP4GcDZCiJYvVcrjaTRajzWIxWe6Go8kEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBGmTMONxbTwuDWb0cgtWsw2bolxNnOLFobZbOPxGEfD0Vr0-pgeluVks5h5UTCgYi-Sp0U6EWx2s5FnMtvMTKvNZGEyzTye4cQx8ThspsnMMLKIJZqTRTqRXfal4ciw8Y0cvsnGtnFZFruJYTFyzEzL1cy4sXgW_pZpuLGYFh63ZjMauUWL2cYtMc5mbtHCMJttPB7jaDhai14f08OynGwWM39jNhsNZqPlZLdvzGajwWy0nOz2HTrDd_U5G20lydXjksj-vluz5jAoXAaL9_e5SJvRxs2o0oYtFtW1uHNNrDpt7GTsHMwGhe9vLm3FwW3kXO5LDmKDQRFLBBfpROH2232uz99udtpdFrFEabpIJ3qJWCI4XaQTjcP08vktz4v6jwy5mCsHc9FkrliNVgkAAAAAAAAAYAlz5k0AAAAATgNa7obD1ToPZjHYzGar5QJUDODr_uzj0jV24_7uUo3ftMPF5kcXN37cEG6_3ef6_O1mp91l5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D7QVY0HbtR6IT_BDZeDAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3103665&dpubid=497885&abtst=amplean_vB!dfrc_vA!lotc_vB!ntvc_vA!pl1483_vA!spa2_vA!t45!ufm!ul3230_vB&mPre=0.033&cirf=https%3A%2F%2Famongus-online.net&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1479
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664064929.604094,VS0,VE51
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdrvrs.com/5/3932376
139.45.197.238200 OK 0 B IP 139.45.197.238:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /5/3932376 HTTP/1.1
Host: cdrvrs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:26 GMT
content-type: application/javascript
x-trace-id: d9d79e961010a18f854a5b600ef6cce8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=d39de3b6d7dd4d7e8de53fa41277b6a8; expires=Mon, 25 Sep 2023 00:15:26 GMT; path=/; secure; SameSite=None
oaidts=1664064926; expires=Mon, 25 Sep 2023 00:15:26 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
zeeshith.net/pfe/current/universal.min.js?v=3.1.395
139.45.197.250200 OK 0 B URL HTTP/2 zeeshith.net/pfe/current/universal.min.js?v=3.1.395
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1
Host: zeeshith.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amongus-online.net/
Origin: https://amongus-online.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 00:15:26 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/amongusonline/trc/3/json?tim=00%3A15%3A26.369<i=deflated&data=%7B%22id%22%3A992%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663857540980%2C%22vi%22%3A1664064926368%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Famongus-online.net%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Famongus-online.net%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1394%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A56%2C%22mw%22%3A113%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/amongusonline/trc/3/json?tim=00%3A15%3A26.369<i=deflated&data=%7B%22id%22%3A992%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663857540980%2C%22vi%22%3A1664064926368%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Famongus-online.net%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Famongus-online.net%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1394%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A56%2C%22mw%22%3A113%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
GET /amongusonline/trc/3/json?tim=00%3A15%3A26.369<i=deflated&data=%7B%22id%22%3A992%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663857540980%2C%22vi%22%3A1664064926368%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Famongus-online.net%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Famongus-online.net%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1394%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A56%2C%22mw%22%3A113%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://amongus-online.net
Connection: keep-alive
Referer: https://amongus-online.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://amongus-online.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 00:15:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664064928.665789,VS0,VE380
vary: Accept-Encoding
x-vcl-time-ms: 380
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=K4vKE180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g2VXBqeGFxOFJ3ZE9wbVZMZkg1QlRBZ2JyYlJrR1R3JTJGSDdRM2FVbkM1aQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Dr0YIV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g2VXBqeGFxOFJ3ZE9wbVZMZkg1QlFnRVdRZ2p5SXQ2T0tkWXZ1UnAxOE4; expires=Fri, 20 Oct 2023 00:15:28 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 270510
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.233200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.233:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 83032
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
44.197.31.165200 OK 0 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 44.197.31.165:0
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 00:15:29 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2