among-us.en.uptodown.com Open in urlscan Pro
151.101.67.52  Public Scan

74 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://among-us.en.uptodown.com/ HTTP 301
   https://among-us.en.uptodown.com/ HTTP 301
   https://among-us.en.uptodown.com/android Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

• https://oajs.openx.net/esp?url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&rid=esp&cc=1

Request Chain 119

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=uptodown.com&sn=ChromeSyncframe&so=0&topUrl=among-us.en.uptodown.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=d1aWOnxUS1dpN0hZN216OStWKzJkQkFKclRWU0xmSk1pcW1MZTVyRXF6UlVMNkxjZXR4SURtNjNYVklwODdUQkpieXVuSTIwK0dGQUhSSGdKT3I2cEg2QWZmU2xVR2MvZzB1L2R4YzlDL2Y5cytjcFZHQy9sNURhNmM5UnZuQXl6TDZnMnBNMTdVS2hhNGVRclp5OGZMODNkQzZia1NnbUlWaDlSTEdyNzNjd3dQeXVvUGZRSll4MndaMTNUNTJnRXc1VFR4Y0FOSUliMXVId2pvQTVFd0dYZ2VJTmJtUlQ5Z01URWQ2NG1uaVZVb2k3cXk5MmFnVmF0QjhWbmdPS3JiR1BJSHhLQjh2dWJGZENTeG5aUDREb0dMbDJodEtpTm1JMDhVb1lBSDAvbWE0OD18&cppv=2

Request Chain 121

• https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=75911931-ce52-c183-2321-6a8a79c8c984 HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=75911931-ce52-c183-2321-6a8a79c8c984&dcc=t

Request Chain 122

• https://match.adsrvr.org/track/cmf/openx?oxid=2d47654c-d2f8-7a79-e32f-e81d11fb0264&gdpr=0 HTTP 302
• https://match.adsrvr.org/track/cmb/openx?oxid=2d47654c-d2f8-7a79-e32f-e81d11fb0264&gdpr=0 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072971&val=c354debd-ba5e-41f6-ad6e-d0619436fa79&ttd_puid=2d47654c-d2f8-7a79-e32f-e81d11fb0264&gdpr=0&gdpr_consent=

Request Chain 124

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEADDtqYaMHvpQbbwQeNfYIk&google_cver=1

Request Chain 202

• https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENVx2ydD8YdLnplHtbjvTJ8&google_cver=1&google_push=AXcoOmQCeHhNeF_YTEhhXI2-1y7SWmTWkRMKi5RU2IPOEnMhzNe7sa8sR4FiiM0f0pkRvDLyoo5A0oJiYs4yT-j8LfPkY9le2oRLjA HTTP 302
• https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1127da637e8714d6&is_secure=true&networkId=14000&version=1&google_gid=CAESENVx2ydD8YdLnplHtbjvTJ8&google_cver=1&google_push=AXcoOmQCeHhNeF_YTEhhXI2-1y7SWmTWkRMKi5RU2IPOEnMhzNe7sa8sR4FiiM0f0pkRvDLyoo5A0oJiYs4yT-j8LfPkY9le2oRLjA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF8DuZLpQ3NwNp-6A4AAAAAAA&expiration=1711167531&google_cver=1&is_secure=true&google_gid=CAESENVx2ydD8YdLnplHtbjvTJ8&google_push=AXcoOmQCeHhNeF_YTEhhXI2-1y7SWmTWkRMKi5RU2IPOEnMhzNe7sa8sR4FiiM0f0pkRvDLyoo5A0oJiYs4yT-j8LfPkY9le2oRLjA

Request Chain 203

• https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT6Pp3OmULLSmCF_JRIXORVZf1dOelY3SNYl18ukU0FBeAw4M0hjIRo63gIGJ9jIr5aVFZigrl9V7SroEugAw1ds5oLvIvpPg%26google_hm%3D%5BUID%5D&google_gid=CAESEED_MTaN2duzL4jxhr5N-9U&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT6Pp3OmULLSmCF_JRIXORVZf1dOelY3SNYl18ukU0FBeAw4M0hjIRo63gIGJ9jIr5aVFZigrl9V7SroEugAw1ds5oLvIvpPg&google_hm=06e10b5e-69ef-4ee7-b081-bde54c43530a

Request Chain 204

• https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_br&google_gid=CAESEGiRyF-o9I7vQY1pNuhrhoE&google_cver=1&google_push=AXcoOmQJ6v98jN9lGlOuthEPndADpKxOFFbtB6N2aMa-2HUPbZ9y_Lyqciwe_eLQcKqOa9QzO3uQy_ay26GO50x7rcaXxTyIGpdsag HTTP 302
• https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_br&google_gid=CAESEGiRyF-o9I7vQY1pNuhrhoE&google_cver=1&google_push=AXcoOmQJ6v98jN9lGlOuthEPndADpKxOFFbtB6N2aMa-2HUPbZ9y_Lyqciwe_eLQcKqOa9QzO3uQy_ay26GO50x7rcaXxTyIGpdsag&tc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=RoEsFrB39fIXHGq_hLf6NbWLK2ysmJjw_55hRmKjub4&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_br&google_gid=CAESEGiRyF-o9I7vQY1pNuhrhoE&google_cver=1&google_push=AXcoOmQJ6v98jN9lGlOuthEPndADpKxOFFbtB6N2aMa-2HUPbZ9y_Lyqciwe_eLQcKqOa9QzO3uQy_ay26GO50x7rcaXxTyIGpdsag&tc=1

Request Chain 205

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENFLkoOG0sZoVsXkzYWK3z0&google_cver=1&google_push=AXcoOmT-dGVSMaiTjG1ABpbw6G6iYoyuZ_GntxZl4L5yfPn8rgAGljxzbwdpqb9ng26flH71HK31t6pY0_BIEbJ8P-_wEVaz19cc4A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-dGVSMaiTjG1ABpbw6G6iYoyuZ_GntxZl4L5yfPn8rgAGljxzbwdpqb9ng26flH71HK31t6pY0_BIEbJ8P-_wEVaz19cc4A

Request Chain 206

• https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHGSPW481gN0FBOC6yshJ84&google_cver=1&google_push=AXcoOmRfvS0EPjDOL9sgGX9YsMCifF0zP1UVnb0TRlgNSxGV_oPr9ImdS0mFv8HjXIdJxtcx1i9SUfhH8csvDzmc_dnxqbGatU2Mj8g HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjRhMGUwYjEtYWRiNC00ZDA0LTkwN2EtYmFmYzg0MTU2YmY3&google_push=AXcoOmRfvS0EPjDOL9sgGX9YsMCifF0zP1UVnb0TRlgNSxGV_oPr9ImdS0mFv8HjXIdJxtcx1i9SUfhH8csvDzmc_dnxqbGatU2Mj8g

Request Chain 207

• https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKZA9HpQjT9U82F3UrhRp1E&google_cver=1&google_push=AXcoOmS1rj5tteH6olCPvrcKA2Wc8mazfvh23O3mDSjNXN4FucGp8ap1PkCAjLKm0FqXCZYmzQ1y23-RzXSSVxHamqJd1UuFdf-gk7Q HTTP 302
• https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKZA9HpQjT9U82F3UrhRp1E&google_cver=1&google_push=AXcoOmS1rj5tteH6olCPvrcKA2Wc8mazfvh23O3mDSjNXN4FucGp8ap1PkCAjLKm0FqXCZYmzQ1y23-RzXSSVxHamqJd1UuFdf-gk7Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=628ad7bc-b3e5-4d8e-b5e0-627d2a068a2d&%%GOOGLE_PUSH_PAIR%%

Request Chain 208

• https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAQbQ8K3SLrwjgGr210sdZ8&google_cver=1&google_push=AXcoOmSWMYn1iIvVw4t383O10KfOUN5sZOBe8ZcuXxwcFnF3y3vd82LbgXQnZH2kCTxSb_Q4TyH-JwwV9wULd6YyQU52GCGgRsN9IA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSWMYn1iIvVw4t383O10KfOUN5sZOBe8ZcuXxwcFnF3y3vd82LbgXQnZH2kCTxSb_Q4TyH-JwwV9wULd6YyQU52GCGgRsN9IA

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request android Show response among-us.en.uptodown.com/ Redirect Chain http://among-us.en.uptodown.com/ https://among-us.en.uptodown.com/ https://among-us.en.uptodown.com/android	115 KB 22 KB	35ms 34ms	Document text/html	151.101.67.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.67.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ebdbd5c546109435f4daa87fce5a06a104fb8bbed1ea43f421f4d95397f21b70 Security Headers Name Value Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 6725 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control must-revalidate, public,max-age=60,private content-encoding gzip content-length 21952 content-type text/html;charset=UTF-8 date Fri, 22 Mar 2024 04:18:48 GMT expires Fri, 22 Mar 2024 04:19:48 GMT referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=300 vary Accept-Encoding via 1.1 varnish, 1.1 varnish x-cache MISS, HIT x-cache-hits 0, 1 x-frame-options SAMEORIGIN x-served-by cache-mia-kmia1760057-MIA, cache-mia-kmia1760088-MIA x-timer S1711081128.103200,VS0,VE1 Redirect headers accept-ranges bytes age 0 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control must-revalidate, public,max-age=60,private content-length 0 content-type text/html;charset=UTF-8 date Fri, 22 Mar 2024 04:18:48 GMT expires Fri, 22 Mar 2024 04:19:48 GMT location https://among-us.en.uptodown.com/android referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=300 vary Accept-Encoding via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-cache-hits 0, 0 x-frame-options SAMEORIGIN x-served-by cache-mia-kmia1760063-MIA, cache-mia-kmia1760088-MIA x-timer S1711081128.906493,VS0,VE162
GET H2	200	geomanist-medium-webfont-test.woff2 stc.utdstc.com/fonts/	17 KB 17 KB	300ms 129ms	Font application/octet-stream	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/fonts/geomanist-medium-webfont-test.woff2 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash fccde017f4c101570f9a09e7fc88c97f45706ddda309799aa1ccb0a7e49e7a99 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://among-us.en.uptodown.com/ Origin https://among-us.en.uptodown.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload date Fri, 22 Mar 2024 04:18:48 GMT referrer-policy strict-origin-when-cross-origin last-modified Fri, 30 Jun 2023 07:23:06 GMT server nginx etag "649e82da-43b0" x-frame-options SAMEORIGIN content-type application/octet-stream access-control-allow-origin * cache-control max-age=15552000 accept-ranges bytes content-length 17328 expires Wed, 18 Sep 2024 04:18:48 GMT
GET H2	200	geomanist-regular-webfont-test.woff2 stc.utdstc.com/fonts/	17 KB 17 KB	237ms 67ms	Font application/octet-stream	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/fonts/geomanist-regular-webfont-test.woff2 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f00d64b58462446057e5093cb434ad1b5bad866d921598392b939e734f5eb438 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://among-us.en.uptodown.com/ Origin https://among-us.en.uptodown.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload date Fri, 22 Mar 2024 04:18:48 GMT referrer-policy strict-origin-when-cross-origin last-modified Fri, 30 Jun 2023 07:23:06 GMT server nginx etag "649e82da-4238" x-frame-options SAMEORIGIN content-type application/octet-stream access-control-allow-origin * cache-control max-age=15552000 accept-ranges bytes alt-svc h3=":443"; ma=93600 content-length 16952 expires Wed, 18 Sep 2024 04:18:48 GMT
GET H2	200	vendor.css stc.utdstc.com/1711021330626/	1 KB 885 B	235ms 65ms	Stylesheet text/css	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1711021330626/vendor.css Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 8b89e261e885c16647d44df70dcc9002f3484bad778e284966a7ebe371c06c98 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 21 Mar 2024 11:42:21 GMT etag W/"65fc1d1d-4a4" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31536000, public content-length 607 expires Fri, 21 Mar 2025 12:29:58 GMT
GET H2	200	detail.css stc.utdstc.com/1711021330626/	62 KB 10 KB	236ms 66ms	Stylesheet text/css	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1711021330626/detail.css Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 4e6e3c7fe93c7a1a4b337822d6904b39a83c4d113af8c1ed1e9c92a011cd0d5a Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 21 Mar 2024 11:42:21 GMT etag W/"65fc1d1d-f912" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31536000, public alt-svc h3=":443"; ma=93600 content-length 9683 expires Fri, 21 Mar 2025 12:29:59 GMT
GET H2	200	tag Show response btloader.com/	54 KB 18 KB	143ms 50ms	Script application/javascript	2606:4700:10::6816:4bd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=5175773613260800&upapi=true Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46bdd143517aceead1ad38a1b6b015e8648736f871f4ee9476fdefa113526c8e Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:48 GMT content-encoding gzip via 1.1 google cf-cache-status HIT last-modified Fri, 22 Mar 2024 04:12:53 GMT server cloudflare age 269 etag "d189c46be4ef4927db7d52026f06a3a5" vary Origin, Accept-Encoding content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 accept-ranges bytes cf-ray 8683613b980f4982-MIA content-length 18393
GET H2	200	icon-bar-menu.svg stc.utdstc.com/img/svgs/	537 B 528 B	283ms 131ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-bar-menu.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 81247798cba8b4d8544a5cb95d5c75c2263f476df5102adcad9dd056badcac33 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 29 Jun 2023 09:23:58 GMT server nginx etag W/"649d4dae-219" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 237 expires Sat, 30 Dec 2023 14:44:17 GMT
GET H2	200	logo-uptodown.svg stc.utdstc.com/img/svgs/	4 KB 1 KB	282ms 131ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/logo-uptodown.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 06b55f0746c6b28ad7772a010963dbef74477f542eb754f5380c8a99ea9ba05f Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:34:01 GMT server nginx etag W/"646b9979-e09" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 1034 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-20-android.svg stc.utdstc.com/img/svgs/	2 KB 989 B	152ms 127ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-20-android.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 939b0ce1efed5c84d5f21ac6d961be3506c38c5313b79e6b7f256ef4c53f3602 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:34:01 GMT server nginx etag W/"646b9979-720" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 699 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-bar-arrow.svg stc.utdstc.com/img/svgs/	409 B 569 B	157ms 132ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-bar-arrow.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a94c989e9aece6cc36d94e5d1a5109e838c6b0d0c962c5a47ffcd78751ae1501 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 29 Jun 2023 09:23:58 GMT server nginx etag W/"649d4dae-199" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 278 expires Sat, 30 Dec 2023 03:25:44 GMT
GET H2	200	icon-20-windows.svg stc.utdstc.com/img/svgs/	583 B 661 B	127ms 123ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-20-windows.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e34462286c17d5aeb3b7dff6c9cf0a78cd1698668363778c3e1614ac50b1b0fd Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Tue, 11 Jul 2023 11:08:21 GMT server nginx etag W/"64ad3825-247" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 371 expires Mon, 05 Feb 2024 08:25:44 GMT
GET H2	200	icon-20-mac.svg stc.utdstc.com/img/svgs/	1 KB 894 B	127ms 124ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-20-mac.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 31ae01315877f1716bb7e997e7a782ff361f53e8421ea0f80650de57b26769b9 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:34:01 GMT etag W/"646b9979-4d7" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 611 expires Sat, 07 Dec 2024 16:09:12 GMT
GET H2	200	icon-bar-search.svg stc.utdstc.com/img/svgs/	636 B 652 B	153ms 128ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-bar-search.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 5e508005eb63be6f62707d27b721114f5b9a838dfbe42217754050e327d38baa Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 29 Jun 2023 09:23:58 GMT server nginx etag W/"649d4dae-27c" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 361 expires Sat, 30 Dec 2023 14:44:17 GMT
GET H2	200	icon-24-login.svg stc.utdstc.com/img/svgs/	924 B 880 B	154ms 129ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-24-login.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 9ff36df1591b86b1b8f3296179e648f34acb401ff24fd2bedf84b60ef0005604 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 29 Feb 2024 12:15:32 GMT etag W/"65e07564-39c" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public accept-ranges bytes content-length 590 expires Tue, 11 Mar 2025 12:11:26 GMT
GET H2	200	uptodown.js Show response scripts.ssm.codes/	250 KB 60 KB	144ms 56ms	Script application/javascript	2606:4700:20::681a:578 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.ssm.codes/uptodown.js Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:578 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a00b367b70d571fe42aab6caeb2a1165cadd4f31f6d3c9c89fabe55bdf1964d Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26506 cf-polished origSize=255977 x-guploader-uploadid ABPtcPoVKUeI31_s3jqEHmNXHdaq8SZ0r3goi-sZ31p3RKTjoukfsKVmxMBHBxlE07bWtlRVupoT7Mr10g x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 21 Mar 2024 08:56:59 GMT server cloudflare etag W/"b164c8019706b0e96c271762f6974dd0" vary Accept-Encoding x-goog-generation 1711011419520840 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=p1OTVA==, md5=sWTIAZcGsOlsJxdi9pdN0A== access-control-expose-headers Content-Type cache-control max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atx2%2BDRHr1YwekdvPrdeKqrA4375u%2F4b6URNsUjHfo21yH29ODUF6GkeBuM8CoZgFAgg9z9HWKTJDe0iIr%2BT502V%2Bpqk3v%2FWdoGgFFxeBiS0xF0wvMBsu51qMaJ586lkvrLuMajcWwBCJMwfRUim"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 255977 cf-ray 8683613b8fc667b6-MIA
GET H2	200	015d1cecf14c3ef529e92d788304fe58aa571c4e3ebaf4d78d5eea44f693c844:100 img.utdstc.com/icon/015/d1c/	2 KB 3 KB	116ms 34ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/015/d1c/015d1cecf14c3ef529e92d788304fe58aa571c4e3ebaf4d78d5eea44f693c844:100 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 54fed6557062b182d8f318dbad4cd71676a625014eae02a94baa6737c65ea2c0 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 2 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 1201204 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 2252 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760089-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 10:58:19 GMT x-timer S1711081128.249648,VS0,VE0 etag "65d87a4b-8cc" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 06:38:44 GMT
GET H2	200	icon-12-star.svg stc.utdstc.com/img/svgs/	626 B 672 B	97ms 72ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-12-star.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b309515c22520439b86c4025733c1a8a6422d76fe9880c459786eb20546f0e Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:34:01 GMT server nginx etag W/"646b9979-272" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 382 expires Sat, 16 Dec 2023 11:12:26 GMT
GET H2	200	icon-12-shield.svg stc.utdstc.com/img/svgs/	800 B 748 B	155ms 130ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-12-shield.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 0eaa4be0b27f9dab155c620a51f79d52ae5f12a1b049ca7ff0205da02c129b42 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:34:01 GMT etag W/"646b9979-320" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 465 expires Sat, 07 Dec 2024 16:09:12 GMT
GET H2	200	icon-20-download-button.svg stc.utdstc.com/img/svgs/	1 KB 710 B	97ms 71ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-20-download-button.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 3ba3625d7565ebc02345f03ede914530e7c76be1b7c41da47b1ce920f9a38a59 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Wed, 11 Oct 2023 15:12:06 GMT etag W/"6526bb46-416" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 427 expires Sat, 07 Dec 2024 16:09:12 GMT
GET H2	200	6bxMXOe0ZIo.jpg:200 img.utdstc.com/videos/	15 KB 15 KB	117ms 35ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/videos/6bxMXOe0ZIo.jpg:200 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3832b9ac168c5b7ab203caa618d81c9606a7b5087728f7637bab1813745c5b14 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 1947289 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 15636 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760032-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Tue, 27 Feb 2024 09:14:21 GMT x-timer S1711081128.249329,VS0,VE2 etag "65dda7ed-3d14" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Thu, 27 Feb 2025 15:23:59 GMT
GET H2	200	13d2a14d708ae9cbaf4ceadf639a629eb5c7c2b07e5d907382f289f6e15ef34c:200 img.utdstc.com/screen/13d/2a1/	8 KB 9 KB	123ms 41ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/13d/2a1/13d2a14d708ae9cbaf4ceadf639a629eb5c7c2b07e5d907382f289f6e15ef34c:200 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 94206de80ef83d51c2a83f2074b2d668485bf913db411038614f1e6aa0e76045 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 666066 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 8564 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760083-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:01:41 GMT x-timer S1711081128.250013,VS0,VE1 etag "65d87b15-2174" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 12:16:26 GMT
GET H2	200	e64eba8ed0f21c8d34d943e878c2f86b84dcdee12453b683c66bb5fba446dc31:200 img.utdstc.com/screen/e64/eba/	17 KB 17 KB	127ms 45ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/e64/eba/e64eba8ed0f21c8d34d943e878c2f86b84dcdee12453b683c66bb5fba446dc31:200 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cfa4bdbc88b500fcf44f3461cacce8ed19b7ce5589cb391c119d8345f78070f0 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 753461 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 17676 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760055-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:01:56 GMT x-timer S1711081128.249674,VS0,VE2 etag "65d87b24-450c" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 13:18:32 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	280 KB 95 KB	235ms 95ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6ed43d2de4821b5efcb685e018f26aa670dba1d883b42f892f27df814bc9e503 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96520 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 22 Mar 2024 04:18:48 GMT
GET H2	200	vendor.js Show response stc.utdstc.com/1711021330626/	33 KB 15 KB	190ms 186ms	Script application/javascript	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1711021330626/vendor.js Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash c027749cb4bb34ce24e94f6376dbeddacd64b18bb493a1533058f37aa04532ce Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 21 Mar 2024 11:42:21 GMT etag W/"65fc1d1d-8203" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes content-length 15561 expires Fri, 21 Mar 2025 12:29:58 GMT
GET H2	200	detail.js Show response stc.utdstc.com/1711021330626/	86 KB 29 KB	128ms 124ms	Script application/javascript	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1711021330626/detail.js Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash cec59db5c7352adb842ec34b3efa1fa64a22f91836bae09e12cb55f90dced367 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 21 Mar 2024 11:42:21 GMT etag W/"65fc1d1d-15650" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes content-length 29133 expires Fri, 21 Mar 2025 12:29:59 GMT
GET H2	200	324a0e5675ad3931647ee3b68608184696b31dd4edf1afc9ae5645ecb4f51017:200 img.utdstc.com/screen/324/a0e/	9 KB 9 KB	42ms 33ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/324/a0e/324a0e5675ad3931647ee3b68608184696b31dd4edf1afc9ae5645ecb4f51017:200 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 33e8242a9e9b8c7891553f3ec98a30205b7959ac4c1e1bf33c525a0c3e36a3d7 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 831594 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 9084 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760039-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:01:41 GMT x-timer S1711081128.299431,VS0,VE1 etag "65d87b15-237c" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 13:18:32 GMT
GET H2	200	a37495c13455602b193317a167cf529964b0cc09f3c1597be7bc648030b3e2bb:200 img.utdstc.com/screen/a37/495/	14 KB 14 KB	46ms 38ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/a37/495/a37495c13455602b193317a167cf529964b0cc09f3c1597be7bc648030b3e2bb:200 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e4f3fd420b76dadd887f7500c6a067681527701972e145e7202b3cb1e9df93c1 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 753462 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 14362 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760067-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:01:55 GMT x-timer S1711081128.299798,VS0,VE1 etag "65d87b23-381a" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Fri, 28 Feb 2025 06:56:00 GMT
GET H2	200	9e545095d378827edc3d9e9d6bacce4995f832d6f482b6cf0a187e94aab102e4:200 img.utdstc.com/screen/9e5/450/	14 KB 14 KB	45ms 37ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/9e5/450/9e545095d378827edc3d9e9d6bacce4995f832d6f482b6cf0a187e94aab102e4:200 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0d45801fde8a6df644f0e74d53cccaf33fa042b538eb1d7c3bce695a6c4fa2f8 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 1947289 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 14318 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760060-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:01:40 GMT x-timer S1711081128.299850,VS0,VE1 etag "65d87b14-37ee" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 12:16:23 GMT
GET H2	200	8ade03ca0f5a07fee86a7c85b6bb4aec767c37e2283768ec7b5aa9eacdfe339f:200 img.utdstc.com/screen/8ad/e03/	9 KB 9 KB	58ms 50ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/8ad/e03/8ade03ca0f5a07fee86a7c85b6bb4aec767c37e2283768ec7b5aa9eacdfe339f:200 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7c2bfde113a9eedd1646cccf212acd2cfe27561f2d3ca86368cca98220384aa0 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 221378 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 9018 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760022-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:01:41 GMT x-timer S1711081128.300417,VS0,VE1 etag "65d87b15-233a" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 13:18:32 GMT
GET H2	200	21af5328a0906b8864f567179e3c5f01b001834301efa9602ce304324c404528:200 img.utdstc.com/screen/21a/f53/	10 KB 11 KB	57ms 49ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/21a/f53/21af5328a0906b8864f567179e3c5f01b001834301efa9602ce304324c404528:200 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 54a0b9772978a65b3eaa939af70af0e26d4a25eb6851eddc71b5551f95d11cbb Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 2386816 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 10626 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760070-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:01:42 GMT x-timer S1711081128.300171,VS0,VE1 etag "65d87b16-2982" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 13:18:32 GMT
GET H2	200	icon-40-package.svg stc.utdstc.com/img/svgs/	2 KB 1 KB	159ms 155ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-package.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d0c18579854961bc403451cb3e605682709a37c75c77aba9a43d83b30af22fcd Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-916" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 941 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-40-license.svg stc.utdstc.com/img/svgs/	2 KB 1 KB	172ms 168ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-license.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 59baeaa79dac7c7ad52b3df0017693318fbe70b29742e703a5224da1b0efbb5f Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-890" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 842 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-40-system.svg stc.utdstc.com/img/svgs/	2 KB 1006 B	172ms 169ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-system.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f48b34cd607ea053004a503b0cf42b988e24f03f775167afb9d7ffa8f40f6db0 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-7a2" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 716 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-40-category.svg stc.utdstc.com/img/svgs/	1 KB 821 B	186ms 182ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-category.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 32ab8ff835c18c8e91cefc35e921a7d978b797d0f2e3f10c5cb4674d3a1247c8 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-5f8" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 531 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-40-language.svg stc.utdstc.com/img/svgs/	2 KB 907 B	187ms 183ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-language.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4dd10cbf5eafc8d4ca7e7e745d8a3ef001cc8f499c7ec840333185308b21d1af Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-64b" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 617 expires Sat, 09 Dec 2023 11:48:26 GMT
GET H2	200	icon-40-author.svg stc.utdstc.com/img/svgs/	2 KB 976 B	187ms 184ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-author.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 524964caadc68b5cfcadb5cdf262cf957612da488c6eae892542d5610bece057 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-713" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 686 expires Sat, 09 Dec 2023 11:48:26 GMT
GET H2	200	icon-40-downloads.svg stc.utdstc.com/img/svgs/	1 KB 841 B	202ms 199ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-downloads.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2ed16c8c2b64f1ae41ef2bcf1b19e5c0232cced7c3c88e52bc7da794aab1ab1f Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-54e" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 551 expires Sat, 30 Dec 2023 14:44:22 GMT
GET H2	200	icon-40-date.svg stc.utdstc.com/img/svgs/	2 KB 929 B	188ms 185ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-date.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f951deb0c49e185b07282dc3003643f43f6f8ea7e53eb6c42b37e4a863ee1d4d Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-77d" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 639 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-40-rating.svg stc.utdstc.com/img/svgs/	1 KB 854 B	189ms 185ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-rating.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 90d34396d2f62426e0e4328c1adb3c1f76355b97df35fc39b69ca40116a0f379 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT server nginx etag W/"646b996e-5bd" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 564 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-40-why.svg stc.utdstc.com/img/svgs/	2 KB 1 KB	205ms 202ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-40-why.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 0ce9febc0e6680e3accf095809b0cb9fc60f5dee840e476d960fc10f40eb55e5 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:33:50 GMT etag W/"646b996e-897" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 873 expires Sat, 07 Dec 2024 16:09:12 GMT
GET H2	200	icon-rate-star.svg stc.utdstc.com/img/	4 KB 2 KB	205ms 202ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-rate-star.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 0652de705473c2562e77c2267b21144b94ab562261703268e0f04f0b589d92ef Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 03 Oct 2022 16:15:42 GMT server nginx etag W/"633b0aae-10e9" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 2061 expires Thu, 14 Dec 2023 22:48:45 GMT
GET H2	200	icon-12-comment.svg stc.utdstc.com/img/svgs/	419 B 566 B	207ms 204ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-12-comment.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash af5b4dbc9d3cacbce87e7fac7476415307b6248b9ce5932784d5f404a6ac2253 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:34:01 GMT server nginx etag W/"646b9979-1a3" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 276 expires Sat, 30 Dec 2023 14:44:27 GMT
GET H2	200	42eb85d5cb8e4938f3fbf6d69418614d7ded6e18032f3e2802a9347ce22820e8:50 img.utdstc.com/avatars/42e/b85/	4 KB 4 KB	74ms 68ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/avatars/42e/b85/42eb85d5cb8e4938f3fbf6d69418614d7ded6e18032f3e2802a9347ce22820e8:50 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b986bb58799a619db5da5612de44a2bfcb850a67a62c72fc3a40a35bee4c0f88 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 247254 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 4047 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760022-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Wed, 14 Feb 2024 21:32:27 GMT x-timer S1711081128.302514,VS0,VE2 etag "65cd316b-fcf" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 09:46:23 GMT
GET H2	200	icon-12-like.svg stc.utdstc.com/img/svgs/	464 B 604 B	209ms 206ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-12-like.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7512bfbdb6b69d942f931d2e38e6c055b0c690d6560acd0eebe79b97e077312e Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:34:01 GMT server nginx etag W/"646b9979-1d0" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 314 expires Sat, 16 Dec 2023 11:12:32 GMT
GET H2	200	0b2c9cb6c0818de7ad5dadccfd1f49995f53bb68f2bbfe2ed18ab8b7eb896751:50 img.utdstc.com/avatars/0b2/c9c/	3 KB 3 KB	71ms 65ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/avatars/0b2/c9c/0b2c9cb6c0818de7ad5dadccfd1f49995f53bb68f2bbfe2ed18ab8b7eb896751:50 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6db01fdebc8c97b16297334931cfb13a98429f02a819c13d6e51a1f5f571b86b Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 849796 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3134 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760023-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Wed, 14 Feb 2024 20:33:26 GMT x-timer S1711081128.302213,VS0,VE1 etag "65cd2396-c3e" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 10:06:26 GMT
GET H2	200	20bc155692e8237fdb3a105d333452c9a0f9b61c83945d0e8d5f18870e3fa7d5:50 img.utdstc.com/avatars/20b/c15/	2 KB 3 KB	73ms 67ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/avatars/20b/c15/20bc155692e8237fdb3a105d333452c9a0f9b61c83945d0e8d5f18870e3fa7d5:50 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6fb4023a137056ead4039170f825a39b679e0116d45bc033dddc272e9a11e846 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 765116 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 2411 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760075-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Wed, 14 Feb 2024 22:20:34 GMT x-timer S1711081128.302459,VS0,VE1 etag "65cd3cb2-96b" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 10:07:03 GMT
GET H2	200	522ef42869e9a1e112ae3c5e8fd5f0545c9550a090279798057401930618ca82:50 img.utdstc.com/avatars/522/ef4/	2 KB 3 KB	72ms 66ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/avatars/522/ef4/522ef42869e9a1e112ae3c5e8fd5f0545c9550a090279798057401930618ca82:50 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4b0564944f1dec9c7a834bd8963c177f5e68068f61e7e80ac1d29d4666522b24 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 253595 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 2526 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760078-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Wed, 14 Feb 2024 22:50:47 GMT x-timer S1711081128.302186,VS0,VE1 etag "65cd43c7-9de" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 10:15:07 GMT
GET H2	200	ea6b0c76bbe3b36cbeeec20b28aa696f0022ee346469ccff1e229c38df7b233e:50 img.utdstc.com/avatars/ea6/b0c/	4 KB 4 KB	71ms 66ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/avatars/ea6/b0c/ea6b0c76bbe3b36cbeeec20b28aa696f0022ee346469ccff1e229c38df7b233e:50 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3351a08c182b4d91cc73beff37f815b7f650f72e3232ba02a261ec5ce50347a Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 677428 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3743 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760063-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Wed, 14 Feb 2024 17:41:09 GMT x-timer S1711081128.302172,VS0,VE1 etag "65ccfb35-e9f" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 10:00:54 GMT
GET H2	200	6c191b42f5f146866b16e5dcb50753c482f063809810d7a956d429c273f17258:50 img.utdstc.com/avatars/6c1/91b/	3 KB 3 KB	57ms 52ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/avatars/6c1/91b/6c191b42f5f146866b16e5dcb50753c482f063809810d7a956d429c273f17258:50 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e73f6f64afaaa832a8fcd609668d9c61d68bb4a303b20114e1f7626b71578b01 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 1287657 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3085 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760096-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Wed, 14 Feb 2024 16:51:26 GMT x-timer S1711081128.302146,VS0,VE1 etag "65ccef8e-c0d" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 10:07:02 GMT
GET H2	200	Among-Us-1.png:170 img.utdstc.com/blog/2022/12/	72 KB 73 KB	78ms 73ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/blog/2022/12/Among-Us-1.png:170 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 418b1cf85400640360bacddd74cafbf278706dc70f407114286f13903abc1f33 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 665582 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 74007 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760059-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Thu, 01 Feb 2024 04:30:39 GMT x-timer S1711081128.319917,VS0,VE3 etag "65bb1e6f-12117" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sun, 23 Feb 2025 01:18:36 GMT
GET H2	200	dabe86f9ebcf72133e5b9f8259fd3a239fc58410a88a5fa26b548da372d545c5:60 img.utdstc.com/icon/dab/e86/	2 KB 2 KB	75ms 71ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/dab/e86/dabe86f9ebcf72133e5b9f8259fd3a239fc58410a88a5fa26b548da372d545c5:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 57040726e5f65e0c09a7c5cfeab7a92cc1c8427a89b93d74d76e06304e34fb72 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 831851 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1932 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760043-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:08:07 GMT x-timer S1711081128.319658,VS0,VE1 etag "65d87c97-78c" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 13:21:25 GMT
GET H2	200	d58ded67c71676c77792123159ca0dda73bf562af91739e67988c1ba44b0c90e:60 img.utdstc.com/icon/d58/ded/	2 KB 2 KB	75ms 70ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/d58/ded/d58ded67c71676c77792123159ca0dda73bf562af91739e67988c1ba44b0c90e:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dd3aa37a27476b27871129ae2bf8bddcf38c62304732b4bc29498ffaf1a281e2 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 65496 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1984 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760062-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:06:16 GMT x-timer S1711081128.319625,VS0,VE1 etag "65d87c28-7c0" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 13:21:25 GMT
GET H2	200	e7c1c4771336f1138f93af3276360756493b3e3a3eb69b4dd98cb84adc729d2c:60 img.utdstc.com/icon/e7c/1c4/	2 KB 2 KB	77ms 72ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/e7c/1c4/e7c1c4771336f1138f93af3276360756493b3e3a3eb69b4dd98cb84adc729d2c:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6a29bf253edd28d20a26d6db891228c8792b3f6c295ea3fbd97fabb6fb63e799 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 2396431 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1658 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760086-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 09:46:06 GMT x-timer S1711081128.319917,VS0,VE2 etag "65d8695e-67a" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 10:38:17 GMT
GET H2	200	d67e2518bbcf77b41396bedc0e7e91d52549aaa844016e04d50f9e2e42a73460:60 img.utdstc.com/icon/d67/e25/	2 KB 2 KB	77ms 73ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/d67/e25/d67e2518bbcf77b41396bedc0e7e91d52549aaa844016e04d50f9e2e42a73460:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 53e01cba523748af80dce7fa70a11dc9e89154bd6b49a634d885becea69f2460 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 834115 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1876 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760043-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 10:52:27 GMT x-timer S1711081128.320248,VS0,VE1 etag "65d878eb-754" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sat, 22 Feb 2025 11:40:00 GMT
GET H2	200	3b972dbe6adf057c6e398ab88e415a0f600d9ead2bf68e67762ea73db0557582:60 img.utdstc.com/icon/3b9/72d/	2 KB 3 KB	76ms 72ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/3b9/72d/3b972dbe6adf057c6e398ab88e415a0f600d9ead2bf68e67762ea73db0557582:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c57443fdb9998f519e1c11ec4bb23094e0bfc8f7c638f3e03f47d394cb814e26 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 150797 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 2324 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760042-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Wed, 20 Mar 2024 06:38:33 GMT x-timer S1711081128.319781,VS0,VE1 etag "65fa8469-914" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Thu, 20 Mar 2025 06:44:46 GMT
GET H2	200	e91737a7943bf4522ecaa20f5b613b3e0744824d6c37ac90e35a2e303332ef42:60 img.utdstc.com/icon/e91/737/	2 KB 2 KB	73ms 69ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/e91/737/e91737a7943bf4522ecaa20f5b613b3e0744824d6c37ac90e35a2e303332ef42:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash eb157fccdecccfdc2396261a425473199324694d3dc479c8e15e4942b1f21b25 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 845750 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1898 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760031-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 10:57:30 GMT x-timer S1711081128.319355,VS0,VE1 etag "65d87a1a-76a" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Sun, 23 Feb 2025 12:58:40 GMT
GET H2	200	e88cfe8fcdef90b523f109cacbf14421b821df325c9427fc731d64a54ecf9ebc:60 img.utdstc.com/icon/e88/cfe/	2 KB 2 KB	74ms 70ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/e88/cfe/e88cfe8fcdef90b523f109cacbf14421b821df325c9427fc731d64a54ecf9ebc:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 78fb7a88c92133c9187be79653fef90bec6c415b67e284917fcb6e32bea78bb5 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 2046845 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 2216 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760084-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:03:46 GMT x-timer S1711081128.319704,VS0,VE1 etag "65d87b92-8a8" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Wed, 26 Feb 2025 11:44:43 GMT
GET H2	200	6e733b576ad8a0a874fab7f3e347715724ae2fcb76f894d2b849d226588d37d9:60 img.utdstc.com/icon/6e7/33b/	2 KB 2 KB	84ms 80ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/6e7/33b/6e733b576ad8a0a874fab7f3e347715724ae2fcb76f894d2b849d226588d37d9:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash adbc0a7904dc88568e027e6ee5b9f33a7e20df7c2086209bbcf6787d0f9ba742 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 752737 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1804 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760088-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 10:51:49 GMT x-timer S1711081128.319402,VS0,VE7 etag "65d878c5-70c" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 11:13:11 GMT
GET H2	503	8fadd16087183e4ceada51449c52c88a7461911fc39ed6f27fa63b9f37ed1fc3:60 img.utdstc.com/icon/8fa/dd1/	0 0	115ms 111ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/8fa/dd1/8fadd16087183e4ceada51449c52c88a7461911fc39ed6f27fa63b9f37ed1fc3:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	503	6abaabdfe2e2af1716b0c8f9f606b5832eb73e7ae5a4221ed71cd6d53420c248:60 img.utdstc.com/icon/6ab/aab/	0 0	228ms 225ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/6ab/aab/6abaabdfe2e2af1716b0c8f9f606b5832eb73e7ae5a4221ed71cd6d53420c248:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	200	3ccedc43f8fe65d8c229cda4647950b246c1863e856a8c899b269ed7ecec7508:60 img.utdstc.com/icon/3cc/edc/	2 KB 2 KB	75ms 71ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/3cc/edc/3ccedc43f8fe65d8c229cda4647950b246c1863e856a8c899b269ed7ecec7508:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0706b1e986547f175af44d90b12dc732b9556ed6c70c55d918f0fc9a3cde7b19 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 183114 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1694 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760095-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Sat, 02 Mar 2024 17:30:06 GMT x-timer S1711081128.319644,VS0,VE1 etag "65e3621e-69e" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Thu, 20 Mar 2025 01:26:54 GMT
GET H2	503	95f09234658581f67d4457b3c7c9c4cc3a09b6f5e33452a8951cb7d774b9fbc6:60 img.utdstc.com/icon/95f/092/	0 0	113ms 110ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/95f/092/95f09234658581f67d4457b3c7c9c4cc3a09b6f5e33452a8951cb7d774b9fbc6:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	503	af9032005145ff897d6f26afe11018cae563e18871b4c68907fd74fb7071b916:60 img.utdstc.com/icon/af9/032/	0 0	105ms 103ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/af9/032/af9032005145ff897d6f26afe11018cae563e18871b4c68907fd74fb7071b916:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	503	56f32fb02658e9823d4f8824435e37de98e71eceb447c4f5ee3cdb29d6e10893:60 img.utdstc.com/icon/56f/32f/	0 0	180ms 177ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/56f/32f/56f32fb02658e9823d4f8824435e37de98e71eceb447c4f5ee3cdb29d6e10893:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	200	9fb9f2e1955e06c71804c5b8e68639ad28df6b553c8d306dac7519b1cd43820f:60 img.utdstc.com/icon/9fb/9f2/	1 KB 2 KB	71ms 69ms	Image image/webp	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/9fb/9f2/9fb9f2e1955e06c71804c5b8e68639ad28df6b553c8d306dac7519b1cd43820f:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 824085823e144693a71130f5c5407c5e56f10d416dec087cab8fb9b7d3b9be3f Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 1 content-security-policy default-src 'self' via 1.1 varnish, 1.1 varnish date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=300 age 2163945 x-cache MISS, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1532 x-xss-protection 1; mode=block x-served-by cache-mia-kmia1760070-MIA, cache-mia-kmia1760079-MIA referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Feb 2024 11:44:26 GMT x-timer S1711081128.318966,VS0,VE1 etag "65d8851a-5fc" x-frame-options SAMEORIGIN content-type image/webp cache-control max-age=31536000 accept-ranges bytes expires Tue, 25 Feb 2025 03:13:02 GMT
GET H2	503	607e25699dc69c224e1b9d9941f287c54e9f40232fa0456be46366cc71933ec5:60 img.utdstc.com/icon/607/e25/	0 0	108ms 105ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/607/e25/607e25699dc69c224e1b9d9941f287c54e9f40232fa0456be46366cc71933ec5:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	200	icon-bar-close.svg stc.utdstc.com/img/svgs/	863 B 698 B	210ms 207ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-bar-close.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 36800adc29c76c8ded03056d559c6c8a249aacfa0d747c9974c00de60b1eb26d Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 29 Jun 2023 09:23:58 GMT server nginx etag W/"649d4dae-35f" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 407 expires Tue, 15 Oct 2024 00:41:18 GMT
GET H2	200	icon-20-user.svg stc.utdstc.com/img/svgs/	2 KB 1 KB	210ms 207ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-20-user.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b92d722891624ca8851dfb770bfdb059e3e07165f6ef2f5dd0c32546c2e7ad1b Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Fri, 26 May 2023 11:23:17 GMT server nginx etag W/"647096a5-7b7" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 914 expires Sat, 30 Dec 2023 14:44:18 GMT
GET H2	200	icon-20-blog.svg stc.utdstc.com/img/svgs/	2 KB 1 KB	211ms 208ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-20-blog.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4d736c3ae4162c380e02398990bc37e0ff0ea7a91fc09c9d1d1475bef66b583d Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 22 May 2023 16:34:00 GMT server nginx etag W/"646b9978-758" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 822 expires Sat, 16 Dec 2023 11:12:25 GMT
GET H2	200	icon-20-store.svg stc.utdstc.com/img/svgs/	2 KB 1 KB	212ms 209ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-20-store.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 6b5d4f535fb7ef1f79e67579126e4fb8364aaf312341861de5acd878a010aca8 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Tue, 11 Jul 2023 11:07:37 GMT server nginx etag W/"64ad37f9-78b" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 751 expires Mon, 05 Feb 2024 08:25:44 GMT
GET H2	200	icon-bar-info.svg stc.utdstc.com/img/svgs/	3 KB 1 KB	213ms 210ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-bar-info.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7c7e37cc8b9f4c852b86065fa46451852848076474bf9babebae16589feb5519 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Wed, 30 Aug 2023 10:46:34 GMT server nginx etag W/"64ef1e0a-a61" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 1140 expires Tue, 12 Mar 2024 07:53:25 GMT
GET H2	200	x.svg stc.utdstc.com/img//social/	716 B 727 B	214ms 211ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img//social/x.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 1ad54dbf4f6837e6d55d3dcc91e3d3a8a3913750f2e419905a2501884d726d8e Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 18 Sep 2023 16:39:28 GMT server nginx etag W/"65087d40-2cc" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 437 expires Tue, 24 Sep 2024 09:51:01 GMT
GET H2	200	facebook.svg stc.utdstc.com/img//social/	656 B 675 B	214ms 212ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img//social/facebook.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 633fe73b58abb1282dfd5ae30cc2eccf07b37aece94ea4f8c600a22ca717ff2f Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 14 Mar 2022 12:45:37 GMT server nginx etag W/"622f38f1-290" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 385 expires Tue, 19 Dec 2023 05:40:06 GMT
GET H2	200	youtube.svg stc.utdstc.com/img//social/	1008 B 770 B	216ms 214ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img//social/youtube.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash dc656d0dab9872e936aab42de1b1b562a493e2b8450ccd0b048396204639cf2b Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 14 Mar 2022 12:45:49 GMT server nginx etag W/"622f38fd-3f0" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 480 expires Thu, 30 Nov 2023 04:01:17 GMT
GET H2	200	linkedin.svg stc.utdstc.com/img//social/	814 B 714 B	217ms 214ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img//social/linkedin.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash fc76ec28205f90aced519994ee4f155657eb6972ddf954d3efafcfe26299a2aa Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Mon, 14 Mar 2022 12:46:16 GMT server nginx etag W/"622f3918-32e" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-length 424 expires Tue, 19 Dec 2023 05:40:06 GMT
GET H2	200	instagram.svg stc.utdstc.com/img//social/	781 B 747 B	217ms 215ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img//social/instagram.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 935353af0470ac9e20616dff29f66d39f66ca889481cef0d81552d577976b6e9 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip content-security-policy default-src 'self' date Fri, 22 Mar 2024 04:18:48 GMT content-length 402 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Mon, 14 Mar 2022 12:45:15 GMT server nginx etag W/"622f38db-30d" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public expires Wed, 28 Dec 2022 07:48:29 GMT
GET H2	200	logo-element.svg stc.utdstc.com/img/svgs/	1 KB 875 B	218ms 215ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/logo-element.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 1c665aab225facc4d560cc71f1a5968643eb3b47118c3d46b36f4f15eaf95463 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 12 Oct 2023 08:25:55 GMT etag W/"6527ad93-5c8" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 592 expires Wed, 12 Mar 2025 09:36:20 GMT
GET H2	204	state Show response api.btloader.com/mw/	0 101 B	166ms 71ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/mw/state?bt_env=prod Requested by Host: btloader.com URL: https://btloader.com/tag?o=5175773613260800&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin * date Fri, 22 Mar 2024 04:18:48 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	px.gif ad-delivery.net/	43 B 340 B	127ms 42ms	Image image/gif	2606:4700:20::681a:346 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:48 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 43 x-guploader-uploadid ABPtcPqb6gNhI4uzY9osvFhuKeHGxBROgC1s1bPDsKLpUSG0-_fotkeRvrH0SrMJszn70yVOnRM x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers * cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjZFvba3u3e896yXUVAIKh0PaH03RlUipMPGaEBrn9Hj6sbTSvZ2g8XV5%2Faxz2vNHQzznnb7dNfqyyvsCIhv2gkhjaHVDH5%2FS0LJdlIzfZ5v%2F691TAqcm%2BgEl7uxjWrb0tRwCmbspU%2BMt0asng%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 8683613c8c656dcd-MIA expires Sat, 23 Mar 2024 04:18:48 GMT
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 571 B	229ms 63ms	Image image/x-icon	142.251.40.102 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:58:34 GMT content-encoding gzip x-content-type-options nosniff age 73214 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 22 Mar 2024 07:58:34 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 849 B	126ms 41ms	Image image/gif	2606:4700:20::681a:346 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.2343557926677513 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:48 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 43 x-guploader-uploadid ABPtcPqb6gNhI4uzY9osvFhuKeHGxBROgC1s1bPDsKLpUSG0-_fotkeRvrH0SrMJszn70yVOnRM x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers * cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dPmv6q1Q1K%2FP%2FpOoO1nD6GEokcWm9%2BJEqzIrS6%2F3Eqv0Vu5Ema2TKItJ1dzAPGScrnejMkcyRIbnq%2BBJvWWYc9w22hTMh82Wd%2FCAZi%2F8%2Fb3xAxyRzcVlc3DZ66MunEQofHuJHfbW7Cv31Buquw%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 8683613c8c676dcd-MIA expires Sat, 23 Mar 2024 04:18:48 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	130 KB 37 KB	280ms 137ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: scripts.ssm.codes URL: https://scripts.ssm.codes/uptodown.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 23a2e2431787f90458ec728d252c1e8cc7e8928900cc917fcd0ccf3c0eb67cf1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:48 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37630 x-xss-protection 0 server cafe etag 539 / 19804 / 31082082 / config-hash: 166869955028549038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 22 Mar 2024 04:18:48 GMT
GET H3	503	af9032005145ff897d6f26afe11018cae563e18871b4c68907fd74fb7071b916:60 img.utdstc.com/icon/af9/032/	0 0	84ms 84ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/af9/032/af9032005145ff897d6f26afe11018cae563e18871b4c68907fd74fb7071b916:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	503	607e25699dc69c224e1b9d9941f287c54e9f40232fa0456be46366cc71933ec5:60 img.utdstc.com/icon/607/e25/	0 0	86ms 85ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/607/e25/607e25699dc69c224e1b9d9941f287c54e9f40232fa0456be46366cc71933ec5:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	503	95f09234658581f67d4457b3c7c9c4cc3a09b6f5e33452a8951cb7d774b9fbc6:60 img.utdstc.com/icon/95f/092/	0 0	110ms 109ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/95f/092/95f09234658581f67d4457b3c7c9c4cc3a09b6f5e33452a8951cb7d774b9fbc6:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	503	8fadd16087183e4ceada51449c52c88a7461911fc39ed6f27fa63b9f37ed1fc3:60 img.utdstc.com/icon/8fa/dd1/	0 0	93ms 93ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/8fa/dd1/8fadd16087183e4ceada51449c52c88a7461911fc39ed6f27fa63b9f37ed1fc3:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	503	56f32fb02658e9823d4f8824435e37de98e71eceb447c4f5ee3cdb29d6e10893:60 img.utdstc.com/icon/56f/32f/	0 0	98ms 97ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/56f/32f/56f32fb02658e9823d4f8824435e37de98e71eceb447c4f5ee3cdb29d6e10893:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	login-pop-up Show response among-us.en.uptodown.com/ajax/	876 B 810 B	202ms 202ms	Fetch text/html	151.101.67.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://among-us.en.uptodown.com/ajax/login-pop-up Requested by Host: stc.utdstc.com URL: https://stc.utdstc.com/1711021330626/vendor.js Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.67.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 36d000bf7361f36a7d424360060b1f0824b171c54a813823a376455c0e0a124a Security Headers Name Value Strict-Transport-Security max-age=300 X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/android User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-cache-hits 0, 0 date Fri, 22 Mar 2024 04:18:48 GMT via 1.1 varnish, 1.1 varnish content-encoding gzip strict-transport-security max-age=300 x-cache MISS, MISS alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-served-by cache-mia-kmia1760054-MIA, cache-mia-kmia1760063-MIA referrer-policy strict-origin-when-cross-origin x-timer S1711081129.540800,VS0,VE169 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html;charset=UTF-8 cache-control no-cache, no-store, must-revalidate, proxy-revalidate, private, max-age=0, s-maxage=0 accept-ranges bytes expires Fri, 22 Mar 2024 04:19:48 GMT
GET H2	200	country Show response api.btloader.com/	16 B 132 B	74ms 73ms	Fetch application/json	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country Requested by Host: btloader.com URL: https://btloader.com/tag?o=5175773613260800&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:48 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16
GET H3	503	6abaabdfe2e2af1716b0c8f9f606b5832eb73e7ae5a4221ed71cd6d53420c248:60 img.utdstc.com/icon/6ab/aab/	0 0	83ms 82ms	Image text/html	151.101.131.52 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/6ab/aab/6abaabdfe2e2af1716b0c8f9f606b5832eb73e7ae5a4221ed71cd6d53420c248:60 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.131.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	204	pv Show response api.btloader.com/	0 66 B	72ms 71ms	XHR text/plain	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=nDrzs4v4&w=6320147589758976&o=5175773613260800&cv=2.1.38-3-g408da7f&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&sid=vXOR29yu&pm=true&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5175773613260800&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin * date Fri, 22 Mar 2024 04:18:48 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
POST H2	204	collect www.google-analytics.com/g/	0 260 B	213ms 77ms	Ping text/plain	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=45je43k0v888089788za200&_p=1711081128153&gcd=13l3l3l3l1&npa=0&dma=0&cid=1749588089.1711081129&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711081128&sct=1&seg=0&dl=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&dt=Among%20Us%20for%20Android%20-%20Download%20the%20APK%20from%20Uptodown&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=886 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:48 GMT server Golfe2 content-type text/plain access-control-allow-origin https://among-us.en.uptodown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/	438 KB 138 KB	65ms 64ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 10:00:57 GMT content-encoding br x-content-type-options nosniff age 65871 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 141049 x-xss-protection 0 server cafe etag 7927512453849819874 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 21 Mar 2025 10:00:57 GMT
GET H2	200	icon-google.svg stc.utdstc.com/img/svgs/	1 KB 903 B	67ms 66ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-google.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash d3b9fe9d4420eca45fa3dfe05e03250110ef874bb595d846673f57036fe13aac Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Wed, 21 Feb 2024 12:19:29 GMT etag W/"65d5ea51-5e7" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 621 expires Wed, 05 Mar 2025 08:54:49 GMT
GET H2	200	login-element.svg stc.utdstc.com/img/svgs/	17 KB 7 KB	68ms 67ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/login-element.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software / Resource Hash 9daf4fb0451ab0051ec65c9d6577ad8e64111e29f18400cbafabb93177fc7181 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Wed, 21 Feb 2024 12:19:11 GMT etag W/"65d5ea3f-433d" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 6651 expires Wed, 05 Mar 2025 08:54:49 GMT
GET H2	200	icon-bar-close.svg stc.utdstc.com/img/svgs/	863 B 698 B	69ms 69ms	Image image/svg+xml	104.67.6.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/svgs/icon-bar-close.svg Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.67.6.138 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-6-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 36800adc29c76c8ded03056d559c6c8a249aacfa0d747c9974c00de60b1eb26d Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public strict-transport-security max-age=16000000; includeSubDomains; preload content-encoding gzip referrer-policy strict-origin-when-cross-origin date Fri, 22 Mar 2024 04:18:48 GMT last-modified Thu, 29 Jun 2023 09:23:58 GMT server nginx etag W/"649d4dae-35f" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public content-length 407 expires Tue, 15 Oct 2024 00:41:18 GMT
GET H2	200	DFPAudiencePixel;ord=1757463149757214;dc_seg=7386413202 pubads.g.doubleclick.net/activity;dc_iu=/78011819/	42 B 542 B	289ms 127ms	Image image/gif	2607:f8b0:4006:816::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pubads.g.doubleclick.net/activity;dc_iu=/78011819/DFPAudiencePixel;ord=1757463149757214;dc_seg=7386413202? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	93 KB 27 KB	131ms 46ms	Script text/javascript	2606:4700:10::6816:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ce36a5c23014e57122d7997692e9863b532d08d7e21d227e1184099a5666be2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Wed, 20 Mar 2024 11:38:58 GMT server cloudflare x-amz-request-id 49F294GCGYSPNTPY age 1633 etag W/"7ceb45871763bd74cf4140e0b5fe846a" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 868361408b614c15-MIA x-amz-id-2 uSUHkV5SoIAANN/OXxqSBxVoiWAh4UytkqRSZGOVRTkp+Y63RPtbCuLrCcH/r5DS4QImzJ+MQ4o=
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	39 KB 12 KB	237ms 68ms	Script text/javascript	108.138.128.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-46.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:34:31 GMT content-encoding gzip via 1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront) last-modified Wed, 14 Feb 2024 17:39:57 GMT server AmazonS3 x-amz-cf-pop JFK50-P4 age 74659 etag W/"21f8671135afbd2e874c42d3dc478afa" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id WGVKXSROEWwf9prJQYckBDFv3QADTx79UaQEwDZrP0bB5t_99ivdaQ==
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	236ms 154ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT via 1.1 google, 1.1 google last-modified Mon, 05 Feb 2024 22:07:56 GMT server Google Frontend etag cd19e0900da0cdbc6697310fd9330fb6 content-type text/javascript; charset=utf-8 x-cloud-trace-context fbecc035deeb642a2b6e6d96bf9ab5ab alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1195
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	116ms 35ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 05:36:12 GMT content-encoding gzip age 600157 x-guploader-uploadid ABPtcPoeZX5IgSpuomAIkNvpOSBM4x7PbaQmaGSFJeSXk0VG0ew7Q1adSNrMjFVUwc3NFWdf2OY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Sat, 15 Mar 2025 05:36:12 GMT
GET H2	200	ob.js Show response cdn-ima.33across.com/	16 KB 6 KB	137ms 42ms	Script application/javascript	104.18.35.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ima.33across.com/ob.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 595b6576e594c3553ce7a36527799e7e613828aa6b3e178831b087a8e6980412 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 20 Mar 2024 17:01:57 GMT server cloudflare age 53314 etag W/"65fb1685-3e0d" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 86836140997bda33-MIA expires Mon, 25 Mar 2024 04:18:49 GMT
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	41 KB 13 KB	223ms 110ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 2ac6aef1d4396fbf199ae8dc0a823013452ca6573bd210a77bbab1ac10f93fb5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 19 Mar 2024 00:48:43 GMT server nginx etag W/"65f8e0eb-a5db" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sat, 23 Mar 2024 04:18:49 GMT
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 902 B	128ms 34ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 22 Mar 2024 04:18:49 GMT x-content-type-options nosniff content-encoding br age 14397 x-jsd-version master x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 439 x-served-by cache-fra-eddf8230042-FRA, cache-mia-kmia1760098-MIA x-jsd-version-type branch etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	uid2SecureSignal.js Show response cdn.prod.uidapi.com/	3 KB 3 KB	238ms 66ms	Script text/javascript	2600:9000:2511:7c00:a:e047:753:eb41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.uidapi.com/uid2SecureSignal.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:7c00:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3 Date Thu, 21 Mar 2024 08:27:55 GMT Via 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront) X-Amz-Cf-Pop JFK50-P6 Age 71455 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Content-Length 2776 Last-Modified Thu, 19 Oct 2023 06:40:11 GMT Server AmazonS3 ETag "a3a9a9ee8e72db69d54e805f0586c651" Content-Type text/javascript Accept-Ranges bytes X-Amz-Cf-Id uUcafh66DypYH6e9CrHTyg9TFboWNRDIOJ4Shht3bxTOnDzYIysrrA==
GET H2	200	connectId-gpt.js Show response connectid.analytics.yahoo.com/	9 KB 9 KB	246ms 71ms	Script application/javascript	2600:9000:21ea:2000:10:dd8:5e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://connectid.analytics.yahoo.com/connectId-gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:2000:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a Security Headers Name Value Content-Security-Policy default-src 'self' Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:14:52 GMT via 1.1 759533d02225fb7e951ea4dc2b01fd48.cloudfront.net (CloudFront) content-security-policy default-src 'self' x-amz-cf-pop EWR50-C1 age 238 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 8730 x-amz-expiration expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle" last-modified Tue, 17 Oct 2023 13:17:45 GMT server AmazonS3 etag "c46e30de24d0f12167e302e9e32ff4a5" content-type application/javascript cache-control max-age=3600 accept-ranges bytes x-amz-cf-id ameT1IRhRKrcjv8KeWiGu_yJ4zNBqQdbmu1SDNxvhh1f8QTVdZGi6g==
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 689 B	678ms 677ms	Fetch text/plain	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=825040765976331&correlator=4444063974366304&eid=31081972%2C31081980%2C31082082&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fif&iu_parts=78011819%3A1060150%2CUPTODOWN_BACKUP%2CSSM_INTERSTITIAL&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=3295046121&sfv=1-0-40&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1711081128937&lmt=1711081128&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1749588089.1711081129&ga_sid=1711081129&ga_hid=89251592&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjmh4ij5jFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjmh4ij5jFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGOaHiKPmMUgAUgIIZBIZCgpwdWJjaWQub3JnGOaHiKPmMUgAUgIIZBIXCghydGJob3VzZRjmh4ij5jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y5oeIo-YxSABSAghkEhQKBW9wZW54GOaHiKPmMUgAUgIIZBIZCgp1aWRhcGkuY29tGOaHiKPmMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5oeIo-YxSABSAghk&dlt=1711081128125&idt=761&ppid=a573a1d0-f5f3-430b-8509-9f2fc1aa2de0&cust_params=ssmasdomain%3Damong-us.en.uptodown.com%26ssmasin%3D1%26ssmashour%3D4%26ssmcontenttaxonomy%3Dandroid%252Cgames%252Caction%252Cadventure%252Camong%2520us%26ssmuuid%3Da573a1d0-f5f3-430b-8509-9f2fc1aa2de0&adks=241863825&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 10919bb54d1232568fae218586c65c49a65eb0f46337f7315e4e823c51ccbafd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 658 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://among-us.en.uptodown.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	287ms 149ms	XHR application/json	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403190101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b12740cdcc22872aef7bc29b8b3063b6d7505aab45b072ab03aeaf241da7e156 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12373 x-xss-protection 0
GET H2	200	container.html Show response 6462ed1804f72fcc44b58d0482f26b72.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA4C	6 KB 3 KB	239ms 77ms	Document text/html	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6462ed1804f72fcc44b58d0482f26b72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:49 GMT expires Sat, 22 Mar 2025 04:18:49 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/	47 KB 15 KB	65ms 65ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl_page_level_ads.js?cb=31082082 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 96b429351bef3c8cc82b74e73fd559fa4dde0330788e13ec378308c29d5417f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 10:04:20 GMT content-encoding br x-content-type-options nosniff age 65668 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15238 x-xss-protection 0 server cafe etag 6913313005948454676 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 21 Mar 2025 10:04:20 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	46 KB 18 KB	747ms 747ms	Fetch text/plain	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=825040765976331&correlator=597804798218218&eid=31081972%2C31081980%2C31082082&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fif&iu_parts=1060150%2CMPU_lateral_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300&ifi=2&didk=2487164444&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1711081128960&lmt=1711081128&adxs=1178&adys=121&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1749588089.1711081129&ga_sid=1711081129&ga_hid=89251592&ga_fc=true&dlt=1711081128125&idt=761&ppid=a573a1d0-f5f3-430b-8509-9f2fc1aa2de0&cust_params=ssmasdomain%3Damong-us.en.uptodown.com%26ssmasin%3D1%26ssmashour%3D4%26ssmcontenttaxonomy%3Dandroid%252Cgames%252Caction%252Cadventure%252Camong%2520us%26ssmuuid%3Da573a1d0-f5f3-430b-8509-9f2fc1aa2de0&adks=123440218&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b182fc27fe025c5b5626ff1d3501ba7bd7ef53245238af4fab2362cb9522fa97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18856 x-xss-protection 0 google-lineitem-id 6049988864 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138395800166 content-type text/plain; charset=UTF-8 access-control-allow-origin https://among-us.en.uptodown.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	63 KB 14 KB	762ms 762ms	Fetch text/plain	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=825040765976331&correlator=597804798218218&eid=31081972%2C31081980%2C31082082&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fif&iu_parts=78011819%3A1060150%2CUPTODOWN_BACKUP%2CLeaderboard_App_Info&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C970x250%7C970x90%7C728x90%7C468x60&ifi=3&didk=451496644&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1711081128969&lmt=1711081128&adxs=452&adys=379&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1749588089.1711081129&ga_sid=1711081129&ga_hid=89251592&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjmh4ij5jFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjmh4ij5jFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGOaHiKPmMUgAUgIIZBIZCgpwdWJjaWQub3JnGOaHiKPmMUgAUgIIZBIXCghydGJob3VzZRjmh4ij5jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y5oeIo-YxSABSAghkEhQKBW9wZW54GOaHiKPmMUgAUgIIZBIZCgp1aWRhcGkuY29tGOaHiKPmMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5oeIo-YxSABSAghk&dlt=1711081128125&idt=761&ppid=a573a1d0-f5f3-430b-8509-9f2fc1aa2de0&cust_params=ssmasdomain%3Damong-us.en.uptodown.com%26ssmasin%3D1%26ssmashour%3D4%26ssmcontenttaxonomy%3Dandroid%252Cgames%252Caction%252Cadventure%252Camong%2520us%26ssmuuid%3Da573a1d0-f5f3-430b-8509-9f2fc1aa2de0&adks=3426566216&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b58e4101e149007e4cb4f7db27f616a7d17eb64999c698ac43ac77e9deb5c52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14724 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://among-us.en.uptodown.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	46 KB 18 KB	644ms 644ms	Fetch text/plain	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=825040765976331&correlator=4444063974366304&eid=31081972%2C31081980%2C31082082&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fif&iu_parts=1060150%2CMPU_content_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C336x280&ifi=4&didk=3141441570&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1711081128975&lmt=1711081128&adxs=152&adys=789&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&vis=1&psz=360x0&msz=360x0&fws=4&ohw=360&ga_vid=1749588089.1711081129&ga_sid=1711081129&ga_hid=89251592&ga_fc=true&dlt=1711081128125&idt=761&ppid=a573a1d0-f5f3-430b-8509-9f2fc1aa2de0&cust_params=ssmasdomain%3Damong-us.en.uptodown.com%26ssmasin%3D1%26ssmashour%3D4%26ssmcontenttaxonomy%3Dandroid%252Cgames%252Caction%252Cadventure%252Camong%2520us%26ssmuuid%3Da573a1d0-f5f3-430b-8509-9f2fc1aa2de0&adks=279737453&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4c0407595e792c5cd5f55564a54fb33e0319871425593e68eab6085f0ad280c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18720 x-xss-protection 0 google-lineitem-id 6049988864 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138395912379 content-type text/plain; charset=UTF-8 access-control-allow-origin https://among-us.en.uptodown.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&rid=esp&cc=1	85 B 195 B	71ms 70ms	Fetch application/json	34.120.135.53 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&rid=esp&cc=1 Protocol H2 Server 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 53.135.120.34.bc.googleusercontent.com Software / Express Resource Hash 5570b2a52c03789af035649f12d25bdc6c836e9468a840c446a6fd6720d49241 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT via 1.1 google x-powered-by Express etag W/"55-OXDFSM9lL76VVb+LgyZjAZWY0qU" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://among-us.en.uptodown.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Fri, 22 Mar 2024 04:18:49 GMT via 1.1 google x-powered-by Express vary Origin access-control-allow-origin https://among-us.en.uptodown.com location /esp?url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	204	increment Show response id5-sync.com/api/esp/	0 240 B	468ms 152ms	XHR text/plain	162.19.138.83 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532338.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://among-us.en.uptodown.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://among-us.en.uptodown.com date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	syncframe Show response gum.criteo.com/ Frame A6B6	14 KB 6 KB	183ms 63ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=among-us.en.uptodown.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:49 GMT server Kestrel server-processing-duration-in-ticks 732569 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
POST H2	200	map Show response bcp.crwdcntrl.net/6/	156 B 620 B	206ms 78ms	XHR application/json	44.205.216.19 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.205.216.19 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-205-216-19.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 95b60abb5954b8bf2e461beea54ca0d7428d2c0a2740b6d886791abfc26b4bd7 Request headers Referer https://among-us.en.uptodown.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:49 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://among-us.en.uptodown.com cache-control no-cache x-server 10.40.63.112 access-control-allow-credentials true content-length 156 expires 0
GET H2	400	fed Show response ups.analytics.yahoo.com/ups/58813/	0 371 B	184ms 62ms	XHR application/json	3.225.218.10 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid Requested by Host: connectid.analytics.yahoo.com URL: https://connectid.analytics.yahoo.com/connectId-gpt.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-218-10.compute-1.amazonaws.com Software ATS/9.1.10.106 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.106 age 0 vary Origin p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV access-control-allow-origin https://among-us.en.uptodown.com content-type application/json access-control-allow-credentials true content-length 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	212ms 77ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Mar 2024 04:18:49 GMT
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame AEE5	725 B 867 B	132ms 49ms	Document text/html	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 478195481f62ffea56b522f5896d927754f67fca182ecb0eced36a01e2f5bdf5 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 450 content-type text/html date Fri, 22 Mar 2024 04:18:49 GMT p3p CP="CUR ADM OUR NOR STA NID" server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H2	200	sid Show response mug.criteo.com/ Frame A6B6 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=uptodown.com&sn=ChromeSyncframe&so=0&topUrl=among-us.en.uptodown.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=d1aWOnxUS1dpN0hZN216OStWKzJkQkFKclRWU0xmSk1pcW1MZTVyRXF6UlVMNkxjZXR4SURtNjNYVklwODdUQkpieXVuSTIwK0dGQUhSSGdKT3I2cEg2QWZmU2xVR2MvZzB1L2R4YzlDL2Y5cytjcFZHQy9sNURhNmM5Un...	433 B 1 KB	190ms 70ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=d1aWOnxUS1dpN0hZN216OStWKzJkQkFKclRWU0xmSk1pcW1MZTVyRXF6UlVMNkxjZXR4SURtNjNYVklwODdUQkpieXVuSTIwK0dGQUhSSGdKT3I2cEg2QWZmU2xVR2MvZzB1L2R4YzlDL2Y5cytjcFZHQy9sNURhNmM5UnZuQXl6TDZnMnBNMTdVS2hhNGVRclp5OGZMODNkQzZia1NnbUlWaDlSTEdyNzNjd3dQeXVvUGZRSll4MndaMTNUNTJnRXc1VFR4Y0FOSUliMXVId2pvQTVFd0dYZ2VJTmJtUlQ5Z01URWQ2NG1uaVZVb2k3cXk5MmFnVmF0QjhWbmdPS3JiR1BJSHhLQjh2dWJGZENTeG5aUDREb0dMbDJodEtpTm1JMDhVb1lBSDAvbWE0OD18&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 892d14593564f26060c6a7c19a62a32ed3f2980b73b864b17c7435427d503b6c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:49 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 14255508 expires 0 Redirect headers pragma no-cache date Fri, 22 Mar 2024 04:18:48 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=d1aWOnxUS1dpN0hZN216OStWKzJkQkFKclRWU0xmSk1pcW1MZTVyRXF6UlVMNkxjZXR4SURtNjNYVklwODdUQkpieXVuSTIwK0dGQUhSSGdKT3I2cEg2QWZmU2xVR2MvZzB1L2R4YzlDL2Y5cytjcFZHQy9sNURhNmM5UnZuQXl6TDZnMnBNMTdVS2hhNGVRclp5OGZMODNkQzZia1NnbUlWaDlSTEdyNzNjd3dQeXVvUGZRSll4MndaMTNUNTJnRXc1VFR4Y0FOSUliMXVId2pvQTVFd0dYZ2VJTmJtUlQ5Z01URWQ2NG1uaVZVb2k3cXk5MmFnVmF0QjhWbmdPS3JiR1BJSHhLQjh2dWJGZENTeG5aUDREb0dMbDJodEtpTm1JMDhVb1lBSDAvbWE0OD18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 536695 content-length 0 expires 0
GET H2	200	b9800308-4254-e830-d2f8-fee8eeaccf2d pr-bh.ybp.yahoo.com/sync/openx/ Frame AEE5	43 B 603 B	185ms 64ms	Image image/gif	2600:1f18:4e9:5a02:5ce2:5b3d:34e2:7ec0 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/openx/b9800308-4254-e830-d2f8-fee8eeaccf2d?gdpr=0 Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:4e9:5a02:5ce2:5b3d:34e2:7ec0 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif content-length 43
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame AEE5 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=75911931-ce52-c183-2321-6a8a79c8c984 https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=75911931-ce52-c183-2321-6a8a79c8c984&dcc=t	43 B 855 B	82ms 80ms	Image image/gif	52.46.128.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=75911931-ce52-c183-2321-6a8a79c8c984&dcc=t Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol HTTP/1.1 Server 52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Pragma no-cache Date Fri, 22 Mar 2024 04:18:49 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid H9QTMTY6GF6EEM76FRRW Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 22 Mar 2024 04:18:49 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 304K4GG8N5WF8TZFE8Y1 Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=75911931-ce52-c183-2321-6a8a79c8c984&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame AEE5 Redirect Chain https://match.adsrvr.org/track/cmf/openx?oxid=2d47654c-d2f8-7a79-e32f-e81d11fb0264&gdpr=0 https://match.adsrvr.org/track/cmb/openx?oxid=2d47654c-d2f8-7a79-e32f-e81d11fb0264&gdpr=0 https://us-u.openx.net/w/1.0/sd?id=537072971&val=c354debd-ba5e-41f6-ad6e-d0619436fa79&ttd_puid=2d47654c-d2f8-7a79-e32f-e81d11fb0264&gdpr=0&gdpr_consent=	43 B 240 B	49ms 49ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072971&val=c354debd-ba5e-41f6-ad6e-d0619436fa79&ttd_puid=2d47654c-d2f8-7a79-e32f-e81d11fb0264&gdpr=0&gdpr_consent= Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:49 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?id=537072971&val=c354debd-ba5e-41f6-ad6e-d0619436fa79&ttd_puid=2d47654c-d2f8-7a79-e32f-e81d11fb0264&gdpr=0&gdpr_consent= date Fri, 22 Mar 2024 04:18:49 GMT server Kestrel content-length 335
GET H2	200	pixel cm.g.doubleclick.net/ Frame AEE5	170 B 409 B	229ms 79ms	Image image/png	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDEyOGI2ODYtMWI4Zi0yNGRkLWY2Y2YtYjJhNGRiMTljYzA0 Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:49 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame AEE5 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEADDtqYaMHvpQbbwQeNfYIk&google_cver=1	43 B 171 B	51ms 48ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEADDtqYaMHvpQbbwQeNfYIk&google_cver=1 Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:49 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 22 Mar 2024 04:18:49 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEADDtqYaMHvpQbbwQeNfYIk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6819	13 KB 5 KB	64ms 63ms	Document text/html	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 160001 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 20 Mar 2024 07:52:08 GMT expires Thu, 20 Mar 2025 07:52:08 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame ED50	829 B 1 KB	223ms 86ms	Document text/html	2607:f8b0:4006:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 01a4d26c7233a755408f694c45ad0132dbf61f3925edcd32aefcd0116dae4c14 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-QXtx1GAWdJSBDYnN6nCVKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-QXtx1GAWdJSBDYnN6nCVKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:49 GMT expires Fri, 22 Mar 2024 04:18:49 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response pagead2.googlesyndication.com/bg/ Frame 6819	40 KB 16 KB	193ms 63ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 00:27:58 GMT content-encoding br x-content-type-options nosniff age 100251 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15865 x-xss-protection 0 last-modified Thu, 14 Mar 2024 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Mar 2025 00:27:58 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 1D0F	0 0	129ms 128ms	Fetch image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssU8sBoLoZisDH6hfFPcR4R8SBgzFgDJtyrcDCcW91MdWdT0SmRV5_YglKMJMaHfWzyoix6-kASXHa2eQHO8xbxkXEE86VhlcfpPi4dUY0Wq9YMA_eoJhzRrv8E4ZQXSdMW4UXZmJnM0TI-9I9x-Isned9UYwtVGhfpeVZskX9KyviemRAYWmMOczdBMUkor_ZLzRhhRJVWG5vYi4ZFX_Z1IH8tyUTAjzo_G01w9Q8mAg1hYtqUC6ABvS5R2KmJxL82EdbtCvcmfJOrTD8EAb5cPeVqKrqV1mGXbYCLnk0e1dGfmLK1H6RINb9h0oFXC13ib68iHW_fTxIuAE92Q-upjcYoYPz8boQNefYdoW8DWEAV8ldJpd8jOX2n8IUYQFDpKdaZ_8aV6g&sai=AMfl-YT_IFCKagLjlN_zTnCyK4n0PhyrJzaeqWZf_XxUD4KJtjl7gOhTF02JZRUOQdF9nAemU_5Wqdtvro7BkH9pWtc6gfyze5Nk9cFqmvuL7dxAPBu0tfqLwwylgzsTNgUVtzshyZOfyBDDmOx0VkStA18&sig=Cg0ArKJSzGUu8zSwsfgJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 22 Mar 2024 04:18:49 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 1D0F	23 KB 9 KB	65ms 64ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 22:21:07 GMT content-encoding br x-content-type-options nosniff age 21462 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9106 x-xss-protection 0 server cafe etag 8408112003982630589 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Apr 2024 22:21:07 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 1D0F	130 KB 37 KB	157ms 156ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a57e81958167b69853665898b349cc8f178722a31072d3d1283c1c69a5bd3a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37626 x-xss-protection 0 server cafe etag 397 / 19804 / m202403180101 / config-hash: 166869955028549038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 22 Mar 2024 04:18:49 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1D0F	206 KB 62 KB	78ms 66ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 03:27:56 GMT content-encoding br x-content-type-options nosniff age 3053 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63909 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 22 Mar 2024 04:27:56 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame ED50	0 0	184ms 184ms	Image text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403190101&jk=825040765976331&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 5197	0 0	129ms 129ms	Fetch image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX-15lf8z2jkkomvErBI4T-NoEdp5f2cunoq36m3J924r7LLhpsZwe9gbC4TRjpem7-L4ylaqN9tufjyHkrU8Tuz8kRKfbdUWIY4fm9HpByk35zc8S2IPAG7TgMAjp_6VrXAeT0TckRH85F5OEseWobXQ7V05ua0oAytjFUw7O0OypfFln8bK3cCHSNeHkoUOve33KfGOYbxUp7ukMbqJNDzSNrcvYwhNw_tSmITH1S48wgGgbDzZkEIcSE-epm8RoZuvOZ5KZijoeUuRIWuQHGTrZPXBiAOPD2qLFxaNKXPYF6b0j-zxp34SbP2-30FsoE1F7afoJTI7MGgbAse656S3-qjGzYKCcojGVftJzjJEwXDWnx4wod6_KX-FSoa7kFMOxPiNMuA&sai=AMfl-YSHHkQRJSoiqII6NrIwTuJbPmxcnKOvVzb1r5msKoKv2MhQy6NfwCBzvyotqesUkgEPGlXgC_9PHtrsjoY4OzqJyqIyqrg8a0di-FQ4RXnpJ68XaSQsIgm2UoMYVqaXasx8RtAG5qWvPfkcDSzl9Fjj&sig=Cg0ArKJSzP35gdyXH7WyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 5197	23 KB 9 KB	63ms 63ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 22:21:07 GMT content-encoding br x-content-type-options nosniff age 21462 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9106 x-xss-protection 0 server cafe etag 8408112003982630589 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Apr 2024 22:21:07 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 5197	130 KB 37 KB	132ms 131ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4ce6c57e6209aa52c067c7ed5eae6120c09deb3f4d18924d9e1f79cef124ecbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:49 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37620 x-xss-protection 0 server cafe etag 932 / 19804 / m202403180101 / config-hash: 166869955028549038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 22 Mar 2024 04:18:49 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5197	206 KB 62 KB	66ms 65ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 03:27:56 GMT content-encoding br x-content-type-options nosniff age 3053 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63909 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 22 Mar 2024 04:27:56 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012402262017000/ Frame FBF7	196 KB 56 KB	228ms 62ms	Script text/javascript	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Mar 2024 07:52:30 GMT age 159979 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56141 x-xss-protection 0 server sffe etag "28cb2d39d2a36ad8" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Mar 2025 07:52:30 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012402262017000/v0/ Frame FBF7	15 KB 5 KB	378ms 213ms	Script text/javascript	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Mar 2024 07:56:07 GMT age 159762 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5220 x-xss-protection 0 server sffe etag "49cab81f34612748" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Mar 2025 07:56:07 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012402262017000/v0/ Frame FBF7	95 KB 28 KB	345ms 180ms	Script text/javascript	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Mar 2024 08:13:02 GMT age 158747 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29016 x-xss-protection 0 server sffe etag "d87e4eaec13170fc" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Mar 2025 08:13:02 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012402262017000/v0/ Frame FBF7	5 KB 2 KB	381ms 217ms	Script text/javascript	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Mar 2024 07:47:31 GMT age 160278 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1906 x-xss-protection 0 server sffe etag "92d49a70059f031a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Mar 2025 07:47:31 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012402262017000/v0/ Frame FBF7	40 KB 13 KB	383ms 219ms	Script text/javascript	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Mar 2024 07:47:30 GMT age 160279 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12941 x-xss-protection 0 server sffe etag "abc788b0a91a2b6d" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Mar 2025 07:47:30 GMT
GET H2	200	css fonts.googleapis.com/ Frame FBF7	4 KB 1 KB	215ms 82ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 22 Mar 2024 04:18:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 22 Mar 2024 02:36:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 22 Mar 2024 04:18:49 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBF7	2 KB 2 KB	63ms 63ms	Image image/png	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 08:00:08 GMT x-content-type-options nosniff server cafe age 73121 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Fri, 22 Mar 2024 08:00:08 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBF7	295 B 319 B	68ms 68ms	Image image/png	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:53:15 GMT x-content-type-options nosniff server cafe age 73534 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 22 Mar 2024 07:53:15 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/10246229842597644889/ Frame FBF7	12 KB 12 KB	64ms 63ms	Image image/png	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10246229842597644889/14763004658117789537 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b4861439113e37294818756c23463ee061657dbcff4ec22f8f1e942a70474f7a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Thu, 20 Mar 2025 08:03:23 GMT date Wed, 20 Mar 2024 08:03:23 GMT x-content-type-options nosniff age 159326 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11888 x-xss-protection 0 last-modified Fri, 24 Jun 2022 09:55:33 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/9514505082908873864/ Frame FBF7	3 KB 3 KB	82ms 81ms	Image image/jpeg	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9514505082908873864/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 792676f4dfa529acda9f33ec0566029f937f3c36f8b6c5ea5dfc29501c3d6ba4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Thu, 20 Mar 2025 07:50:24 GMT date Wed, 20 Mar 2024 07:50:24 GMT x-content-type-options nosniff age 160105 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3499 x-xss-protection 0 last-modified Thu, 12 Jan 2023 19:36:54 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET DATA	200 OK	truncated / Frame FBF7	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9591142cda7d511890d2309ec2709933134f0feb1fc10ec1d3301a741b5bd6b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 1D0F	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 290f5f8df80c9da478ee08308360904cef8619bd7b38f7362ca76c4f3a9c3b24 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 5197	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bf1aff7c0a378b65605f2529492f3ab3f3aaf4237fd0adcad119be59317ea098 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/ Frame 1D0F	438 KB 138 KB	68ms 67ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 76fba6648453b23170cad60f9b012845cfa045212e23d1d3274fafadab490efc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:49:44 GMT content-encoding br x-content-type-options nosniff age 73745 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 141196 x-xss-protection 0 server cafe etag 15665118708942118582 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 21 Mar 2025 07:49:44 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/ Frame 5197	438 KB 138 KB	100ms 100ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 76fba6648453b23170cad60f9b012845cfa045212e23d1d3274fafadab490efc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:49:44 GMT content-encoding br x-content-type-options nosniff age 73746 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 141196 x-xss-protection 0 server cafe etag 15665118708942118582 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 21 Mar 2025 07:49:44 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame FBF7	16 KB 16 KB	204ms 63ms	Font font/woff2	2607:f8b0:4006:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://among-us.en.uptodown.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 07:57:26 GMT x-content-type-options nosniff age 159684 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Mar 2025 07:57:26 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame FBF7	15 KB 15 KB	217ms 80ms	Font font/woff2	2607:f8b0:4006:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://among-us.en.uptodown.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 09:04:28 GMT x-content-type-options nosniff age 155662 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Mar 2025 09:04:28 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 6819	0 10 B	64ms 63ms	Image text/plain	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?4pIc6w Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 1D0F	56 KB 18 KB	422ms 421ms	Fetch text/plain	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3807874126781569&correlator=1058685867852933&eid=95327889%2C31081720&output=ldjh&gdfp_req=1&vrg=202403180101&ptt=17&impl=fif&iu_parts=78011819%3A1060150%2CUPTODOWN_UPR&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&didk=1872351528&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D5d1f9e853b0fa168%3AT%3D1711081129%3ART%3D1711081129%3AS%3DALNI_MaE3RbnWdMiukNORM697mnus3IE2A&gpic=UID%3D00000a13d7a44db4%3AT%3D1711081129%3ART%3D1711081129%3AS%3DALNI_MYLeBdrAih08DlFmmS42dfr-z6YLw&abxe=1&dt=1711081130159&adxs=134&adys=979&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=0&ucis=kqs668p0zw0l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&top=among-us.en.uptodown.com&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ga_vid=1749588089.1711081129&ga_sid=1711081130&ga_hid=1999904585&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi_i4ij5jFIABIbCgwzM2Fjcm9zcy5jb20Y5oeIo-YxSABSAghkEhkKCnB1YmNpZC5vcmcY-IiIo-YxSABSAghqEhgKCXlhaG9vLmNvbRiFioij5jFIAFICCG8SFwoIcnRiaG91c2UY5YmIo-YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOaHiKPmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lMM1YwWVVaWWRDOVNXVFkxSzFORU1XUmtkM2h0VVQwOUluMD0Y1oqIo-YxSAASGQoKdWlkYXBpLmNvbRjmh4ij5jFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNOMiKPmMUgAUgIIag..&dlt=1711081129655&idt=476&adks=1197143995&frm=23&eo_id_str=ID%3D155eed1f096141b8%3AT%3D1711081129%3ART%3D1711081129%3AS%3DAA-Afja11wMi_5A64JVMssXRpPw6 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fccd210b2f30cee04168a8a5feeb7ffcbc2fce83630bb8e6096cb5a78f751554 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18807 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://among-us.en.uptodown.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6C78	6 KB 3 KB	96ms 77ms	Document text/html	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:50 GMT expires Sat, 22 Mar 2025 04:18:50 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 5197	53 KB 21 KB	495ms 495ms	Fetch text/plain	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2208240908608895&correlator=2103259221880765&eid=31081972%2C95327886%2C44807747&output=ldjh&gdfp_req=1&vrg=202403180101&ptt=17&impl=fif&iu_parts=78011819%3A1060150%2CUPTODOWN_UPR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=1761823602&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D5d1f9e853b0fa168%3AT%3D1711081129%3ART%3D1711081129%3AS%3DALNI_MaE3RbnWdMiukNORM697mnus3IE2A&gpic=UID%3D00000a13d7a44db4%3AT%3D1711081129%3ART%3D1711081129%3AS%3DALNI_MYLeBdrAih08DlFmmS42dfr-z6YLw&abxe=1&dt=1711081130237&adxs=1178&adys=121&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=gq8ycndy3abu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&top=among-us.en.uptodown.com&vis=1&psz=300x250&msz=300x-1&fws=256&ohw=0&ga_vid=1749588089.1711081129&ga_sid=1711081130&ga_hid=568781526&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi_i4ij5jFIABIbCgwzM2Fjcm9zcy5jb20Y5oeIo-YxSABSAghkEhkKCnB1YmNpZC5vcmcY-IiIo-YxSABSAghqEhgKCXlhaG9vLmNvbRiFioij5jFIAFICCG8SFwoIcnRiaG91c2UY5YmIo-YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOaHiKPmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lMM1YwWVVaWWRDOVNXVFkxSzFORU1XUmtkM2h0VVQwOUluMD0Y1oqIo-YxSAASGQoKdWlkYXBpLmNvbRjmh4ij5jFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNOMiKPmMUgAUgIIag..&dlt=1711081129748&idt=471&adks=357935417&frm=23&eo_id_str=ID%3D155eed1f096141b8%3AT%3D1711081129%3ART%3D1711081129%3AS%3DAA-Afja11wMi_5A64JVMssXRpPw6 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 29eb6cf8baf1247bf9fcd7de0d928b406251f3b7e4e8a18b5ecdab5d6dab45ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20966 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://among-us.en.uptodown.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0FEE	6 KB 3 KB	95ms 77ms	Document text/html	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:50 GMT expires Sat, 22 Mar 2025 04:18:50 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBF7	2 KB 2 KB	64ms 63ms	Image image/png	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 08:00:08 GMT x-content-type-options nosniff server cafe age 73122 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Fri, 22 Mar 2024 08:00:08 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBF7	295 B 319 B	64ms 64ms	Image image/png	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:53:15 GMT x-content-type-options nosniff server cafe age 73535 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 22 Mar 2024 07:53:15 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 1D0F	0 0	257ms 127ms	Fetch image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuD8lwD8ZqcK8FvegVSYpKbvByEOK8G0Yf9cGJb7PeR1Zk4UQYCcdp4NIsPo5zygWe_KtO8IoTkmBaQtioDGVYQvWNXmmHw0KBmbUwUyJB44Te8vvYxCnN3HPpJoqkqI20l5iJdE1QBApgOR0kTHckJgEDUIDe9IXsIVh_VdBBs32dIiRT_ffGz0UyuBlTXP1xfZ1m6YiN95FYnvy-uxy8DHlG_8I5jWOk_1Phrk_klnWoguGFxe2Vdgl1eg15jtkNih9nB8DQmo07fCRfnHUjLdDpN30md0jCYb8kvEdkP9Z7HGbZ5NDJbXti7z9sbIsfif0dWc4LQ5PT7fTfbkmcr-Wr-_GFvYhLXe6Ccymq-b8-47l4YxPg8s0fk0DPaMu8JERyHu1aQpPEr&sai=AMfl-YSA6QiaGohBSef0uYKtqnsZK_6ugf_IObNMu4q8U3pEeB6WuGQtEvv0uKtZFOfXB3lsz8Rb5j7Art28Saq7nZ7EUqRN_Nyd-StAvurH2gM17uGcwFpZMJOReyAqYdiKDN57hoqXOvAm0hLrPed7ErQ&sig=Cg0ArKJSzIBHprNmu4GeEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 22 Mar 2024 04:18:50 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 1D0F	16 KB 12 KB	147ms 147ms	XHR application/json	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403180101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 55c5257839ae4b31353134ef8bb1dbdd1db80309300c864a4a78a2e08fb4e8bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12159 x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 5197	0 0	219ms 127ms	Fetch image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-hfxkp9XOuDErbgCK01vYCQn5ZoXv50coHJrxx60VtHUzZEoUPyzP8H6DZwnBm9QMb7dgWvgAc2OwM6u9_POchbj-YPopX2hgUMdDkBpBsTplqTqul9yzwEoGvq-f0Qh8h7u8IgD96ZnBrR2WuvXSc6nIaZH_P19G9JZAnlDuAgpaC5sP9NCB8iPAwksVt9xIeQ5ctk-VpuS-QZ_1QiQ2pS-y8rM1t6H16ShgRcw4buqdsIKbkVoMae8h10U5h02Wa1GE1eFcVHybYHsp4lSsBEMypOZayc8p9HqPsgsKAse9QXyRy7q8hQ4yhhesd0C9Vu_ZJgFqXRix-tbUfhrmogdzVPn456UkBm7DG9uAuGEwDLZ9f6JmZNtUraBeLIArlvW3QSQv9raa&sai=AMfl-YRNL5TM7IPLswz82ga9M6ylir83y5gp2D-JCJisYnQZWGhMPZ03zRWVG-QI9ZGNkbBhZrlj3UCU_1O98bF_lj6BVUf_wHdQBRrQ1bbGr_KYyqjSwE-EV0-c_HNaoQzHZ8xKqHcKUbVDicNb0SbO4xJD&sig=Cg0ArKJSzN-I76Y59EyNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 22 Mar 2024 04:18:50 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 5197	16 KB 12 KB	268ms 268ms	XHR application/json	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403180101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e5e4913be0c2cd6cc2fb14f1402ed275c3877b37d4084604a5650598fd1a4157 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12271 x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame FBF7	0 0	137ms 136ms	Image text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CGFpcqQb9Zba9A7KD6toP7fa6sA74sMekdtSH5abPErntv7zcDhABIOPIrCJgyYaAgNyjxBCgAfGaoNAByAEJ4AIAqAMByAMKqgTZAk_Q3QA3hMTHwocJNSSS58M7EDzmQDMVnsFm6FqLGFshwdD-nu5zPKETkkYX67_2cOH0tDnG9sE3V4UTr6NHs9Ureh5EBy7GP7KwUMA82te2TTEqv1qm7E2imVTap9lIcoGwh_GEvA90_tjBAUx8STfBKy2VCPiEdTQ0bL-zuhKcyY1FRka9H3EIpm04YhvtEg0anebRhRM4iB0aljSFLNQNIb9OxlUAX50X1Iv2LiLBH53e8vQO3Li8cye2G8IQ98Aqu2LYj5OZ1Su4eoA4rIT7jVNQj_c-Zw9B3ypZtvGK0tTFiBewmFdzaQYPlkyUMCd5iWnBjKc_qQ8vGhGBUlDVaXcFZCUPBFilN82zFceUP4BD-j7ThC9y32kY5Jl4xFgPfvzDKt1P_ajxgEVzQetI_nH3Fn4mx11Gt2K615gj0bjZPPcBbkXuv-czeU3Z_bC0Jp6mHUmL1cAEuK762t8E4AQBiAXcove9TZIFBAgEGAGSBQQIBRgEoAYugAf35N-vAqgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcFEOPShQHSCCQIgGEQARgdMgKKAjoJgECAwICAgKAoSL39wTpYkZWC94GHhQPyCBthZHgtc3Vic3luLTMxNTk3ODgwODI2Mjg4NTGaCSBodHRwczovL2Rvd25sb2FkLndhdmVicm93c2VyLmNvL4AKA8gLAdoMEAoKEJColL7c8bX7cxICAQPiDRMI_sWC94GHhQMVsoFaBR1tuw7muBPkA9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMTkyNzYzMjQxMjEzODUzGLvaFLIYCRIC3mgYLiIBAOgYAQ&sigh=qw4-ONjc6lo&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSigEAexS7amQg_W4R5fGTJo0wPKYXQHe3O28F-DbWGbMq0z4tRwl_aEpYsrjGPUfhAMaRjAui08tcI6s6Xr8MiUNtU4N4tfxf5xD0sWFsyU3PNmQ1u_awzUAsNQ6dP4qpb991P1ASE9qJQtULC4PTRhzdGgBzYtmNzmXQom0ru1Bch_Xb0dkl5fca7Y0YAQ&template_id=484&cbvp=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 1D0F	17 KB 6 KB	78ms 77ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Mar 2024 04:18:50 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4664	13 KB 5 KB	65ms 64ms	Document text/html	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 160002 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 20 Mar 2024 07:52:08 GMT expires Thu, 20 Mar 2025 07:52:08 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame B150	829 B 792 B	87ms 86ms	Document text/html	2607:f8b0:4006:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash eb995bd4b0d837a4e9c75e93a3e2b950003e2f6feddb29993091151a7eede3b3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-DIe2Udnd7yMPDB0xM7HY4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-DIe2Udnd7yMPDB0xM7HY4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:50 GMT expires Fri, 22 Mar 2024 04:18:50 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	127ms 126ms	Image text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403190101&jk=825040765976331&bg=!paalpunNAAZaswqNerM7ADQBe5WfOHC0qv-U21PX7Ef-d0s27KCuIff9b94RkxRc_WKkaG0ymYrM5WGjEW00JcH1cNn9AgAAAGxSAAAAAmgBB34ANesF1yYmxBoXAJCIIRj3LySNdYVGtveUoOhGXCFs_5N4j9RJv3mO9nSHgpRrWZSLXiPABN4mCgAd5Pg3bVHvQlisfGdGj0Gw9CBfFN2MqwpIvzwb5cyZAlWkjdq18JvzAh6ynQO-eUxMnQFudhKkvBFBOPur3L2I79Y08C82k7DGNNr2LpgmFOerOyvjJpegKKsRODa73saL_VRyc-SYoySI7hezorMThryM4gtlDgFd4A8GfY5v1MsSPQlrGzf_X1mdWETWQwWel9C2cKp_J6ewcEC_vUZuHia4X4QjnlUizeecRSwmLfRoKwRPZp-qWTEQFwXfpe6GuLWU2Bc9j2zMG92hYFeCHTLA7KGBxaM_W-xwiuW8fZv6j8DqZPHryDOXqZY_0_yRSkeG7H6ZLGG9Ble1GY1Fd5Rb7nuxBuYK15YF47xVT3uhUqJLT-Pow472Gg_AEZgZcdFF_Z2ky3CLWkD5Pco80CCv87jV9_mQuI3LhOgcOyp_QDNWzN-AwCHP6uQXAB8cLZuqKbVh1evtQ3h9qBzLetJw__fKLx78WvLQCJ79qczPuIESc5THWd-EOuI62UqY0235crwu709qYwLVROsNgsGoNJ5l55pO_uEDmGF-PKOYwWbJSi3RFJG5Q2IuhWbElucd17G44qKafB_ZYrn9_j8tj6WbfoRjMnL3-TCmL-2jUz5BX2L5hyB0YwO6dPnRPxXGYgeSJXF3W1jOWEEkhnYV6JAeswOKrOri_Sa27XPZ-rW_0ybR9qH_y1eAWUW0CgPA_7pj67RezaJGlYY3GuhdTfg_CISkbrfVbLNJ6bVz8BPG7nbfABCiQUI7q2eo8s1M-FNGZ7TXWJfMfCqOF44RJ6fOWKKHRpb9p_XE_oYLjM4TI5_SKhPdNrc3XPUPmoMLXq0 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	200	container.html Show response b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F17E	6 KB 3 KB	65ms 65ms	Document text/html	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:50 GMT expires Sat, 22 Mar 2025 04:18:50 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 5197	17 KB 6 KB	77ms 77ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Mar 2024 04:18:50 GMT
GET H3	200	ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response pagead2.googlesyndication.com/bg/ Frame 4664	40 KB 16 KB	64ms 64ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 00:27:58 GMT content-encoding br x-content-type-options nosniff age 100252 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15865 x-xss-protection 0 last-modified Thu, 14 Mar 2024 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Mar 2025 00:27:58 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame B150	0 0	123ms 122ms	Image text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403180101&jk=3807874126781569&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 3AD5	20 KB 8 KB	64ms 63ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 22:20:53 GMT content-encoding br x-content-type-options nosniff age 21477 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8355 x-xss-protection 0 server cafe etag 17564575596476239644 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Apr 2024 22:20:53 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 3AD5	0 0	83ms 82ms	Image text/html	2607:f8b0:4006:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ27DGq9dV7Ocih5UlrSVO-qFqe4j6_WYcaTlT7t3ygEWrCYO2N18dIFbI54a-u2HCBDx9izUttDFJ06mB6V-Cc4MugaA Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3AD5	24 KB 6 KB	74ms 73ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 08:56:57 GMT content-encoding br x-content-type-options nosniff age 156113 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 20 Mar 2025 08:56:57 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3AD5	206 KB 62 KB	64ms 64ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: among-us.en.uptodown.com URL: https://among-us.en.uptodown.com/android Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 03:27:56 GMT content-encoding br x-content-type-options nosniff age 3054 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63909 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 22 Mar 2024 04:27:56 GMT
GET H2	200	montserrat-v25-latin-800.woff2 storage.googleapis.com/iadx_storage/assets/fonts/ Frame A075	13 KB 13 KB	223ms 78ms	Font application/octet-stream	2607:f8b0:4006:80a::201b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2 Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::201b , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac Request headers Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ Origin https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 03:42:55 GMT age 2155 x-guploader-uploadid ABPtcPq2lvjLjKqoh165MGfiErdJ7jMYidvgpKEJcMGzMl2dOSK7iBcrg2Odrpp1COtXrhVqkfpPoiT_zQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12896 last-modified Mon, 23 Oct 2023 09:53:31 GMT server UploadServer etag "47adf1610f40ec74b72068c5a111d3ad" x-goog-generation 1698054811260784 x-goog-hash crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ== access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl cache-control public, max-age=3600 x-goog-stored-content-length 12896 accept-ranges bytes content-type application/octet-stream expires Fri, 22 Mar 2024 04:42:55 GMT
GET H2	200	montserrat-v25-latin-600.woff2 storage.googleapis.com/iadx_storage/assets/fonts/ Frame A075	12 KB 13 KB	210ms 65ms	Font application/octet-stream	2607:f8b0:4006:80a::201b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2 Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::201b , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31 Request headers Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ Origin https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:15:38 GMT age 192 x-guploader-uploadid ABPtcPpSaX-KUIOdZMiFxzWzpl9VvWJU6Fb4wc9yLmItVT91lBSqcw3TXWdSuLarhy7KwHPDFtg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12700 last-modified Mon, 23 Oct 2023 09:53:31 GMT server UploadServer etag "e571167fbcce8d5081bce96a09930063" x-goog-generation 1698054811605570 x-goog-hash crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw== access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl cache-control public, max-age=3600 x-goog-stored-content-length 12700 accept-ranges bytes content-type application/octet-stream expires Fri, 22 Mar 2024 05:15:38 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57BD	13 KB 5 KB	64ms 63ms	Document text/html	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 160002 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 20 Mar 2024 07:52:08 GMT expires Thu, 20 Mar 2025 07:52:08 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame B9E7	829 B 558 B	86ms 85ms	Document text/html	2607:f8b0:4006:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 17d323f548d8400b28880fa618974c1c7405fb07b8127ce76d5caccf6141cf9b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zkAom7MWLS4wEmOLOp8njg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-zkAom7MWLS4wEmOLOp8njg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:50 GMT expires Fri, 22 Mar 2024 04:18:50 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	container.html Show response b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 54DC	6 KB 3 KB	65ms 65ms	Document text/html	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://among-us.en.uptodown.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 04:18:50 GMT expires Sat, 22 Mar 2025 04:18:50 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 3AD5	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a8e19f6834c518537e0228ba44c7af45fd6cb5138f2ba3b8e366d5b6ba1c72c7 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 4664	0 10 B	63ms 63ms	Image text/plain	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?g2TVbQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	polyfills-c5be5138.js Show response cdn.bidbrain.app/ng-assets/creative/assets/ Frame 54DC	12 KB 6 KB	145ms 48ms	Script application/javascript	2606:4700:3037::ac43:b0a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bidbrain.app/ng-assets/creative/assets/polyfills-c5be5138.js Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 148449481e55a7d47ff793f70744d4cd472a149afc1a0a99655f94f44d1f3fe1 Request headers Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ Origin https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ABPtcPpdkBategpxgu8FBVaYWlHcWcl7aCrhCy743xiyM6i6agDb1bAoO0VljnnDMWjCYn86ea9_xD4D4A x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Tue, 19 Mar 2024 15:55:51 GMT server cloudflare etag W/"e4d8009d3510a95f8a3902505f6b4482" vary Accept-Encoding x-goog-generation 1710863751058853 content-language en content-type application/javascript x-goog-hash crc32c=LvxLYA==, md5=5NgAnTUQqV+KOQJQX2tEgg== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=14400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZDb2Nqh8Sc5tJnLv8M2EZw2UmgEQ3wIw5L%2FEKMUrrtvk%2FWXB9XjzBtknJEyaHS5zblaxstKDWJD2H%2Bn0bSbg1QeitTM03tH0cYXJc6bj1kKnLqi1gzzbXlx5x7wxU3Re73xz6Q23XQLtYJDyBSl"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 11824 access-control-allow-origin * cf-ray 8683614cac37222d-MIA expires Fri, 22 Mar 2024 05:09:47 GMT
GET H2	200	index-be69d0ff.js Show response cdn.bidbrain.app/ng-assets/creative/assets/ Frame 54DC	111 KB 41 KB	145ms 50ms	Script application/javascript	2606:4700:3037::ac43:b0a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bidbrain.app/ng-assets/creative/assets/index-be69d0ff.js Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 129d28ce8a6b315ef325709b9885335a6622917cf30e65e3b9e498ebd5b0205e Request headers Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ Origin https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ABPtcPqJ_1qA7D_PcSSdhznjYYaB82hBy5jeIniA7rIaLe15nvuXUIy7Vq95j-xuDemCfrNtGkM x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 14:12:56 GMT server cloudflare etag W/"786881f331ef2cb088dbe9d7bd681a5d" vary Accept-Encoding x-goog-hash crc32c=ynNdkA==, md5=eGiB8zHvLLCI2+nXvWgaXQ== x-goog-generation 1710417382502992 content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=14400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPmK4KTjw2M9bsKmI5gS7Igo1UHmYSB5Phw27IVOWfwo2FcAMOaj9xNvadYiw8n6VIQp7gBDB5FfKcgxxbC4iQmkrILoqN1n3t0i%2BWnxYJdV6Ke2KqUmqGwFVJBuCc3MQ3YWk0sJkdHyD9qW1k7m"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 113931 cf-ray 8683614cac34222d-MIA expires Fri, 22 Mar 2024 04:24:34 GMT
GET H2	200	index-5ff488ba.css cdn.bidbrain.app/ng-assets/creative/assets/ Frame 54DC	13 KB 4 KB	139ms 44ms	Stylesheet text/css	2606:4700:3037::ac43:b0a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bidbrain.app/ng-assets/creative/assets/index-5ff488ba.css Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ff488ba8a49d41b55898ce4c5c03f2a499bc443cbcfc668bc0f067d0ae0964f Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2543 x-guploader-uploadid ABPtcPrT4LQ9LDHvj41Gp0IwT5rh38Yl3h4LRHJoTKGc7dd7OUqzHXYncD0M-zw50x1nKhIUrtSEM2VFyg x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Tue, 05 Mar 2024 08:37:03 GMT server cloudflare etag W/"4db86410d8b5a7b97d01b017048c5649" vary Accept-Encoding x-goog-hash crc32c=SUyqwA==, md5=TbhkENi1p7l9AbAXBIxWSQ== x-goog-generation 1709627823511181 content-type text/css access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=14400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zMiSnUcVgMe9ZrjNO7ljELNVMAfSlqRaRWVHLKlmQ9%2FC57GpT425vO3mAHOOHtIHSUZlcwZNKknBZ2wHnnYrPq%2B%2Bi5FPtpoeOelVF%2F7ad1NHXKhi8KIVwAMVkQhs6HyCWMOdvphxiWwIRnPxaa6w"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 12941 cf-ray 8683614cadcf09de-MIA expires Fri, 22 Mar 2024 04:33:42 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 54DC	3 KB 1 KB	64ms 63ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 22:20:53 GMT content-encoding br x-content-type-options nosniff age 21477 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Apr 2024 22:20:53 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 54DC	20 KB 8 KB	66ms 64ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 22:20:53 GMT content-encoding br x-content-type-options nosniff age 21477 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8355 x-xss-protection 0 server cafe etag 17564575596476239644 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Apr 2024 22:20:53 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 54DC	0 0	84ms 83ms	Image text/html	2607:f8b0:4006:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSb2O86wxcj8NWNF7QPyWAYgqrdp7l-TlN_7QdnoTt4gIuVLiYkoHC_qOxw8jsxTSCIB1fXICg423bv6ixMRxR8UTRBw Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 54DC	24 KB 6 KB	67ms 66ms	Script text/javascript	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 08:56:57 GMT content-encoding br x-content-type-options nosniff age 156113 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 20 Mar 2025 08:56:57 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 54DC	206 KB 62 KB	65ms 65ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 03:27:56 GMT content-encoding br x-content-type-options nosniff age 3054 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63909 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 22 Mar 2024 04:27:56 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame B9E7	0 0	129ms 128ms	Image text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403180101&jk=2208240908608895&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response pagead2.googlesyndication.com/bg/ Frame 57BD	40 KB 16 KB	70ms 69ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 00:27:58 GMT content-encoding br x-content-type-options nosniff age 100252 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15865 x-xss-protection 0 last-modified Thu, 14 Mar 2024 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Mar 2025 00:27:58 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 3AD5	0 0	135ms 134ms	Image text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CKGQtqgb9ZZaMD7-66toPso-xoAb6j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTU5MTg1NTIyNzA3NDczMTPIAQngAgCoAwHIAwKqBLgCT9C0kN2Jr3sJFEO0Rq5dxxkF_h6ZpKCFwUHd0QVynhGUJFnPH4evyed9SGxWaNB8CsxjikyiCKZQIYWHZetuN05ggCw0wOX4h4hER4OG9uEzSLM82CVDgDM63SUErdWDQPGNrtNLG09IkszKAxVLNtXLK3FnyPbfGJxFa8XZAAlB3o8eP29MbdnLcAwA-fuWtfdx_AS2cgsj3s2uNuUMmWRjuVC8QgMi_DR6Y8u7jg8nlIWvVEk5r68XUznIW988DEtruxXIuNA9xZfeXQrU86lXVKtCHtCXiXAn5HLS42SPHNlvNV7fHKu8oa27_A3UHdvKbOOh5kwkEJYumTCPO9sYw-NSXOn3-7d0dabs1BN_6m0ttxvywcY5m4Y1np6hb8iHuPX-xXoj4EWeeEwDwyrPp7dWn8HI4AQBgAb35Oeg8NDzkvwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY4obL94GHhQPyCBthZHgtc3Vic3luLTMxNTk3ODgwODI2Mjg4NTGACgP6CwIIAYAMAeINEwjpuMv3gYeFAxU_nVoFHbJHDGTQFQGAFwGyFxwKGhIUcHViLTU5MTg1NTIyNzA3NDczMTMYu9oU&sigh=I3BdWlBSU0c&uach_m=%5BUACH%5D&cid=CAQSOwB7FLtqGigoyVwtS2U4RhrwDfXZqXzS2krRcx5ZGquqs7L6U_TvmVf0c3mPbo3tEo8V-mtif6qPQ44qGAE&cbvp=2&vis=1 Requested by Host: b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com URL: https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H/1.1	200	win 8proof.com/app/ Frame 3AD5	0 112 B	216ms 66ms	Image text/plain	52.116.53.150 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://8proof.com/app/win?id=748295578743&ap=Zf0GqgADxhYFWp0_AAxHstdLNgMpsJQKll84yg&brid=HDwTuNexSWW-csUBsQIO_A&t=b&cbvp=2 Requested by Host: b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com URL: https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS 96.35.7434.ip4.static.sl-reverse.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Fri, 22 Mar 2024 04:18:51 GMT Server nginx Connection keep-alive Content-Length 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 115D	1 KB 643 B	65ms 64ms	Document text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 25658 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Mar 2024 21:11:13 GMT etag 48472445140208031 expires Fri, 22 Mar 2024 21:11:13 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 54DC	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0f9ae8bf7effe4f85b61e53039bdf9aa1abe914101b551e00cd7c6e2c0996bd1 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 57BD	0 11 B	64ms 63ms	Image text/plain	2607:f8b0:4006:824::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?CgmDIg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:51 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	RobotoRegular.woff2 cdn.bidbrain.app/compressedFonts/ Frame 54DC	60 KB 61 KB	49ms 48ms	Font application/octet-stream	2606:4700:3037::ac43:b0a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2 Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e Request headers Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ Origin https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:51 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ABPtcPp-1cT5b8yWQD0e2xRJFwso3l2UjSK5vewBzFp-P6tnUidrhG3NhsAjiQ4IfLcRqyQlbOv2U9gDMg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 61736 last-modified Wed, 29 Nov 2023 10:07:40 GMT server cloudflare etag "ede84d96808c486e3de74cbd8f2a2c80" vary Accept-Encoding x-goog-generation 1701252459996546 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=14400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yAJ9ToL7%2FLBHSpbSR0FPN7b2iquyKcP1%2BJgF2cVwE8X2FinjuTbYy5CMB2WjSRPARXjdYbaBjWqvw%2F3PZxIIF%2BJ1gnmYTBROFy1ri1hkOOWZN3bnJXPkZZgQ0XFJS1I7D11%2BugLbK4hZ9a%2F%2FmPDr"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 61736 accept-ranges bytes cf-ray 8683614d8d2e222d-MIA expires Fri, 22 Mar 2024 05:12:39 GMT
GET H2	200	RobotoBold.woff2 cdn.bidbrain.app/compressedFonts/ Frame 54DC	60 KB 61 KB	46ms 46ms	Font application/octet-stream	2606:4700:3037::ac43:b0a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2 Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798 Request headers Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ Origin https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:51 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ABPtcPpgLCg4hoLyznpmh6bfvqMLJWg1se0pTsXq1WnncpjtkS16Be78Le3JCJ4KwhM9TD2bWbM x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 61628 last-modified Wed, 29 Nov 2023 10:09:00 GMT server cloudflare etag "1033a47731e45f7bd46a1962359e96b4" vary Accept-Encoding x-goog-generation 1701252540208192 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=14400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PwGKdOoJft9rJnxQOOXwXhlBI5BSjGGjGZ0lbmg%2FcOxQhUQ21w5RnXLGSXI%2FLGpjw57uitTB2NcuIJMyCUWdAqZrRMHzTOM5fft50IylbZbRmEPx8iVLNgsLLeXiOyi13NNS7Oh5s6Nljb9kJ2eE"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 61628 accept-ranges bytes cf-ray 8683614d8d31222d-MIA expires Fri, 22 Mar 2024 04:41:56 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 115D Redirect Chain https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENVx2ydD8YdLnplHtbjvTJ8&google_cver=1&google_push=AXcoOmQCeHhNeF_YTEhhXI2-1y7SWmTWkRMKi5RU2IPOEnMhzNe7sa8... https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1127da637e8714d6&is_secure=true&networkId=14000&version=1&google_gid=CAESENVx2ydD8YdLnplHtbjvTJ8&google_cver=1&google_push=AXcoOmQCeHhN... https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF8DuZLpQ3NwNp-6A4AAAAAAA&expiration=1711167531&google_cver=1&is_secure=true&google_gid=CAESENVx2ydD8YdLnplHtbjvT...	170 B 188 B	140ms 140ms	Image image/png	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF8DuZLpQ3NwNp-6A4AAAAAAA&expiration=1711167531&google_cver=1&is_secure=true&google_gid=CAESENVx2ydD8YdLnplHtbjvTJ8&google_push=AXcoOmQCeHhNeF_YTEhhXI2-1y7SWmTWkRMKi5RU2IPOEnMhzNe7sa8sR4FiiM0f0pkRvDLyoo5A0oJiYs4yT-j8LfPkY9le2oRLjA Protocol H3 Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF8DuZLpQ3NwNp-6A4AAAAAAA&expiration=1711167531&google_cver=1&is_secure=true&google_gid=CAESENVx2ydD8YdLnplHtbjvTJ8&google_push=AXcoOmQCeHhNeF_YTEhhXI2-1y7SWmTWkRMKi5RU2IPOEnMhzNe7sa8sR4FiiM0f0pkRvDLyoo5A0oJiYs4yT-j8LfPkY9le2oRLjA cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 115D Redirect Chain https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT6Pp3OmULLSmCF_JRIXORVZf1dOelY3SNYl18ukU0FBeAw4M0hjIRo63gIGJ9jIr5aVFZigrl9V7... https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT6Pp3OmULLSmCF_JRIXORVZf1dOelY3SNYl18ukU0FBeAw4M0hjIRo63gIGJ9jIr5aVFZigrl9V7SroEugAw1ds5oLvIvpPg&google_hm=06e10b5e-69ef-4ee7-...	170 B 188 B	78ms 78ms	Image image/png	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT6Pp3OmULLSmCF_JRIXORVZf1dOelY3SNYl18ukU0FBeAw4M0hjIRo63gIGJ9jIr5aVFZigrl9V7SroEugAw1ds5oLvIvpPg&google_hm=06e10b5e-69ef-4ee7-b081-bde54c43530a Protocol H3 Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server sonobi-go vary negotiate,Accept-Encoding x-go-server go-iad-2-6-89 content-type text/plain; charset=utf8 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT6Pp3OmULLSmCF_JRIXORVZf1dOelY3SNYl18ukU0FBeAw4M0hjIRo63gIGJ9jIr5aVFZigrl9V7SroEugAw1ds5oLvIvpPg&google_hm=06e10b5e-69ef-4ee7-b081-bde54c43530a cache-control no-cache, no-store, private tcn Choice content-length 0 x-xss-protection 0 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 115D Redirect Chain https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_br&google_gid=CAESEGiRyF-o9I7vQY1pNuhrhoE&google_cver=1&google_push=AXcoOmQJ6v98jN9lGlOuthEPndADpKxOFFbtB6N2aMa-2HUPbZ9y_Lyqciwe_eLQc... https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_br&google_gid=CAESEGiRyF-o9I7vQY1pNuhrhoE&google_cver=1&google_push=AXcoOmQJ6v98jN9lGlOuthEPndADpKxOFFbtB6N2aMa-2HUPbZ9y_Lyqciwe_eLQc... https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=RoEsFrB39fIXHGq_hLf6NbWLK2ysmJjw_55hRmKjub4&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_br&google_gid=CAESEGiRyF-o9I7vQY1pNuhrhoE&go...	170 B 188 B	140ms 140ms	Image image/png	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=RoEsFrB39fIXHGq_hLf6NbWLK2ysmJjw_55hRmKjub4&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_br&google_gid=CAESEGiRyF-o9I7vQY1pNuhrhoE&google_cver=1&google_push=AXcoOmQJ6v98jN9lGlOuthEPndADpKxOFFbtB6N2aMa-2HUPbZ9y_Lyqciwe_eLQcKqOa9QzO3uQy_ay26GO50x7rcaXxTyIGpdsag&tc=1 Protocol H3 Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=RoEsFrB39fIXHGq_hLf6NbWLK2ysmJjw_55hRmKjub4&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_br&google_gid=CAESEGiRyF-o9I7vQY1pNuhrhoE&google_cver=1&google_push=AXcoOmQJ6v98jN9lGlOuthEPndADpKxOFFbtB6N2aMa-2HUPbZ9y_Lyqciwe_eLQcKqOa9QzO3uQy_ay26GO50x7rcaXxTyIGpdsag&tc=1 pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT, Fri, 22 Mar 2024 04:18:51 GMT cache-control no-cache, no-store, must-revalidate, private, max-age=0 content-length 0 vary Accept-Encoding expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 115D Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENFLkoOG0sZoVsXkzYWK3z0&google_cver=1&google_push=AXcoOmT-dGVSMaiTjG1ABpbw6G6iYoyuZ_GntxZl4L5yfPn8rgAGljxzbwdpqb9ng26flH71HK31t6pY0_BI... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-dGVSMaiTjG1ABpbw6G6iYoyuZ_GntxZl4L5yfPn8rgAGljxzbwdpqb9ng26flH71HK31t6pY0_BIEbJ8P-_wEVaz19cc4A	170 B 188 B	78ms 77ms	Image image/png	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-dGVSMaiTjG1ABpbw6G6iYoyuZ_GntxZl4L5yfPn8rgAGljxzbwdpqb9ng26flH71HK31t6pY0_BIEbJ8P-_wEVaz19cc4A Protocol H3 Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-dGVSMaiTjG1ABpbw6G6iYoyuZ_GntxZl4L5yfPn8rgAGljxzbwdpqb9ng26flH71HK31t6pY0_BIEbJ8P-_wEVaz19cc4A strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H3	200	pixel cm.g.doubleclick.net/ Frame 115D Redirect Chain https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHGSPW481gN0FBOC6yshJ84&google_cver=1&google_push=AXcoOmRfvS0EPjDOL9sgGX9YsMCifF0zP1UVnb0TRlgNSxGV_oPr9ImdS0mFv8HjXIdJxtcx1i9SUfhH8csvDzmc_... https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjRhMGUwYjEtYWRiNC00ZDA0LTkwN2EtYmFmYzg0MTU2YmY3&google_push=AXcoOmRfvS0EPjDOL9sgGX9YsMCifF0zP1UVnb0TRlgNSxGV_oPr9ImdS0mFv8Hj...	170 B 188 B	79ms 78ms	Image image/png	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjRhMGUwYjEtYWRiNC00ZDA0LTkwN2EtYmFmYzg0MTU2YmY3&google_push=AXcoOmRfvS0EPjDOL9sgGX9YsMCifF0zP1UVnb0TRlgNSxGV_oPr9ImdS0mFv8HjXIdJxtcx1i9SUfhH8csvDzmc_dnxqbGatU2Mj8g Protocol H3 Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjRhMGUwYjEtYWRiNC00ZDA0LTkwN2EtYmFmYzg0MTU2YmY3&google_push=AXcoOmRfvS0EPjDOL9sgGX9YsMCifF0zP1UVnb0TRlgNSxGV_oPr9ImdS0mFv8HjXIdJxtcx1i9SUfhH8csvDzmc_dnxqbGatU2Mj8g date Fri, 22 Mar 2024 04:18:51 GMT content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 115D Redirect Chain https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKZA9HpQj... https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKZ... https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=628ad7bc-b3e5-4d8e-b5e0-627d2a068a2d&%%GOOGLE_PUSH_PAIR%%	170 B 188 B	83ms 83ms	Image image/png	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=628ad7bc-b3e5-4d8e-b5e0-627d2a068a2d&%%GOOGLE_PUSH_PAIR%% Protocol H3 Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=628ad7bc-b3e5-4d8e-b5e0-627d2a068a2d&%%GOOGLE_PUSH_PAIR%% Date Fri, 22 Mar 2024 04:18:51 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 115D Redirect Chain https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAQbQ8K3SLrwjgGr210sdZ8&google_cver=1&google_push=AXcoOmSWMYn1iIvVw4t383O10KfOUN5sZOBe8ZcuXxwcFnF3y3vd82LbgXQnZH2kCTx... https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSWMYn1iIvVw4t383O10KfOUN5sZOBe8ZcuXxwcFnF3y3vd82LbgXQnZH2kCTxSb_Q4TyH-JwwV9wULd6YyQU52GCGgRsN9IA	170 B 188 B	77ms 77ms	Image image/png	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSWMYn1iIvVw4t383O10KfOUN5sZOBe8ZcuXxwcFnF3y3vd82LbgXQnZH2kCTxSb_Q4TyH-JwwV9wULd6YyQU52GCGgRsN9IA Protocol H3 Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-akamai-request-id 1a4ac4a.1351031c date Fri, 22 Mar 2024 04:18:51 GMT x-bytefaas-request-id 20240322041851481231B4782277037888 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240322041851481231B4782277037888-034B179F3FC59ED9-00 x-cache TCP_MISS from a104-126-119-93.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4-55059070) (-) x-parent-response-time 25,104.126.119.93 server-timing cdn-cache; desc=MISS, edge; dur=9, origin; dur=16, inner; dur=6 content-length 0 pragma no-cache server nginx x-tt-logid 20240322041851481231B4782277037888 x-cache-remote TCP_MISS from a23-32-17-41.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54729273) (-) access-control-max-age 86400 access-control-allow-methods * location https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSWMYn1iIvVw4t383O10KfOUN5sZOBe8ZcuXxwcFnF3y3vd82LbgXQnZH2kCTxSb_Q4TyH-JwwV9wULd6YyQU52GCGgRsN9IA x-bytefaas-execution-duration 4.83 access-control-allow-origin * access-control-allow-credentials true x-gw-dst-psm ad.union.pangle_web_traffic x-tt-trace-host 016bf285dc537b0934aa5de72f43179eae352cca576e603ecdc9215dea2dd1086b837d8daea8b008d5601239e5a286333bb4bca9dd60b3b2373fec1c3b10fb74b806180b20a2c1c923eb7e728ce49d55824204c0fb79ca472221040d589c3f2d549bba6605becd3a085e77feea7a93ad6c x-origin-response-time 16,23.32.17.41 cache-control max-age=0, no-cache, no-store access-control-allow-headers * expires Fri, 22 Mar 2024 04:18:51 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 115D	0 59 B	77ms 76ms	Image text/html	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kv4TchNdWVlUuA_N5BdrrIL4DMWKpWYfuE7Ow_GXPW5RICjDnP6U9b0ituAW9R4CgNisjtrW6H Requested by Host: b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com URL: https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:51 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
POST H2	204	rtimp g.bidbrain.app/ Frame 54DC	0 456 B	350ms 324ms	Ping text/plain	2606:4700:3037::ac43:b0a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://g.bidbrain.app/rtimp Requested by Host: cdn.bidbrain.app URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-be69d0ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 22 Mar 2024 04:18:51 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 0 pragma no-cache server cloudflare access-control-allow-methods GET,HEAD,OPTIONS,POST,PUT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNOtrp2j9RnMjtGIsJX%2BnRJvPVqcm2DyHb9LVAAtMZgSDfpwG3PWpds6yP3F9326Krmgi9gbPlRZWRU%2FJEsygWoGQXIJuL3xKJeLst5i9tNWdQM2Ybsaq0pVadUh%2BkWkv7MDz8wx1%2FW4RHoFfw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 8683614e1ef309de-MIA access-control-allow-headers Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version expires 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 54DC	0 0	133ms 133ms	Image text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CvLUzqgb9ZbPtE9nD6toP0OOj-AO9qs_Ndemi3NbEEsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTU5MTg1NTIyNzA3NDczMTPIAQngAgCoAwHIAwKqBLUCT9Abtg8FCNFFCmCRgoQOqVHeWeEZSoyupzNxBC7V1us8e8GJmNmg7hi_Q34lRD1t7rNk9g2Sxf_MnoTBmT7RftrrKHAa2Xd31N55VHjS5xB9TLf6y__RLzzqyPJbA6avPOpMp19rqDTKgnN8gFagwpkBtf_peR3ge-vGqtcvyI2vTRyLJfpGAXXnJvq5p3r_6y2_PWKDG6I3GSgdI8blJkhhRqXdwWZfea4H8U1RICOOIVoi2o8nb775alcdZZoSc2wkCypIaJHBK8n15yIzhOA9Z-pUahuA5gWvwDPGCpDjA44zMApCLqrrMco76EAqZhFVaioO8NH9XOTcExe2iECpZlBp-0EE9IsFq-wsjdPdJkEZ7LH0jZObH99zKv3RN_EJL5ji1DxZwnN3SMZS2OD4DGUE4AQBgAaP47XZnZCGlfQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY9cnP94GHhQPyCBthZHgtc3Vic3luLTMxNTk3ODgwODI2Mjg4NTGACgP6CwIIAYAMAeINEwjp-8_3gYeFAxXZoVoFHdDxCD_QFQGAFwGyFxwKGhIUcHViLTU5MTg1NTIyNzA3NDczMTMYu9oU&sigh=s1SUc6s8_Pw&uach_m=%5BUACH%5D&cid=CAQSOwB7FLtq4vBcT59zYP-oXCcdWd2pV3BszwTI2VxkkXFpUoOdNbj2hpec-Tk4EjdvzIlMSbBjUhkMW_t6GAE&cbvp=2&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	204	rtimp g.bidbrain.app/ Frame 54DC	0 968 B	94ms 93ms	Image text/plain	2606:4700:3037::ac43:b0a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://g.bidbrain.app/rtimp?sid=49216182-e803-11ee-8ce2-3a4d4ab833d3&d=among-us.en.uptodown.com&cr=ext_ngt_start_fires8&gid=CAESEGBlF292uW5vXiS66IJpxdU&a=imp&p=Zf0GqgAE9rMFWqHZAAjx0KgnHuXZ02OldTggtA&im=6lpNEzpfaHKBW4WuxenKRgJ32FHz2ka3oXt1ImHDDLzWMjY6c1oQl8vrxngo1PXN2l1nyvYDMchvqHqjjgCGkldEoDfjOlpSBvsciY96hfzexDoWXd9aC63OpHmHfEcBE6TJT4J9PO-Qk7RuoExe1CNV3rgdHPIiN3Gg2qb50UVsYGrRHRV5u8sWDAF5GI4n9M-WTBBlgCECE3Mi7zx6iqyx-wB3UhbDM2faP-tIjxgsRF1XWkWnYkH1w99MWP2WuY4hIeHxjJaLxJhVyM0F_dDdunUAeWq4m4wGIsKPiNGTXfOpXgnmNYbV2beEvA6DuDRxQYktstsLqNECU5wSRAVbS6rr1ZQQ4alCRbzpfr0&cbvp=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 04:18:51 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 0 pragma no-cache server cloudflare access-control-allow-methods GET,HEAD,OPTIONS,POST,PUT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zqqYQOTOKrN4zp%2BnyT4kH7%2F9ntkyVF4bApJRHD5dmdwFEhN%2BspXL%2F%2FmFyAhXdgjbcn%2F8LlVJ2eZxVl4IVNKYLeS6wpg9VXCY7A6zhleHCFTqYPjYZvAUyw7Z58lMr0b%2B%2FHI3l7suimc2MQriMw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 8683614e1f0209de-MIA access-control-allow-headers Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version expires 0
POST H2	204	rtimp g.bidbrain.app/ Frame 54DC	0 514 B	85ms 84ms	Ping text/plain	2606:4700:3037::ac43:b0a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://g.bidbrain.app/rtimp Requested by Host: cdn.bidbrain.app URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-be69d0ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 22 Mar 2024 04:18:51 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 0 pragma no-cache server cloudflare access-control-allow-methods GET,HEAD,OPTIONS,POST,PUT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HV%2FT2v5tTb0OsATGc%2FDky4yVF9wDSbTyl5kXovqD%2BHVChLe2g%2FqQ9tdD831m0ZT5EgPzeUDQB4lzyHrBQbyzqq%2F3iv10lmLINV2BfBPAfJINc4uTeYX%2BdvIf2x6IiLUCQMSRjVqGw6%2Bl%2FmE3xQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 8683614e8f5309de-MIA access-control-allow-headers Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version expires 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1D0F	42 B 64 B	127ms 126ms	Fetch image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNzPnLje8_KdTCvkdvyrLd70SmgxJT1D_VwUWFJQh_C9Qt7mWm-ciSa1-xlcZwVmhFTwBOBLM5dSXsb3EfFc3MsZdGuoYlwJZu3aaqXxCrPasVT5OaMMkE-uCmTjFBG5WXmcNUoiWbFov_m5uf5J5tQRAQ5vxG6RE&sig=Cg0ArKJSzALTYIMckDk3EAE&id=lidar2&mcvt=1002&p=979,134,1259,470&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20240320&bin=7&avms=nio&bs=1600,1200&mc=0.79&vu=1&app=0&itpl=19&adk=279737453&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=701392900&rst=1711081129655&rpt=656&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5197	42 B 64 B	128ms 128ms	Fetch image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXLYPIc6Cm9TqeuTeAN0R0Ql7uUROYBXahRluLKmbqHqSSQYKWSSDvH3P5hcvs7LRigzdqqJxxUBpd7wPGVLn27JYZPbSoMBYTv-8dJc4whAoCe9yUPLzOxP7c5bqEnUyVzF34wgHbYeiZ84K0niSmf1-YjlZwDrA&sig=Cg0ArKJSzEU0QKE2jFx8EAE&id=lidar2&mcvt=1004&p=121,1178,371,1478&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240320&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=123440218&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=701392900&rst=1711081129748&rpt=603&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame FBF7	42 B 64 B	128ms 127ms	Image image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY9clGBgEAGsqbeYJf2Bd8Kam-fyMCaXWWbpzIy_q4Rvsjp2zMDiUB2MisC4BWLoo6Oj0jbET_s2mui90w55o2JoTltyDWo8jUg6gQGbE_mVJRk4IPFm5B9z2PA01C-R4RHkgdA0JgqV2Zxp8TuUi5Sms2quDjLic&sai=AMfl-YT_Yb3JNPaOy3DfvhuTH6f9-X8CTNgyNC6SOXc8JCwMN005-Wue99lbS40BNMxNXAT-efpQ-YOynA5JKE91XTqCie1Zq47Miiuo2PZf0q8QqZZAI1cOYQxRtRN9oLZ6ai9QvdjZTHo_o5fG1ZzrqdYaSTEjfnBxKGlBx_4KSQfmiPZeiYu209_l_KrtMcpQKyRmxoo0x9-hIdKr_rpASnjpeeXI1BHt3Mn3upnUzw&sig=Cg0ArKJSzIYls9GzxTcCEAE&cid=CAQSigEAexS7amQg_W4R5fGTJo0wPKYXQHe3O28F-DbWGbMq0z4tRwl_aEpYsrjGPUfhAMaRjAui08tcI6s6Xr8MiUNtU4N4tfxf5xD0sWFsyU3PNmQ1u_awzUAsNQ6dP4qpb991P1ASE9qJQtULC4PTRhzdGgBzYtmNzmXQom0ru1Bch_Xb0dkl5fca7Y0YAQ&id=ampim&o=117,334&d=970,280&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,0,1004,1004&tos=0,0,0,1004,0&tfs=596&tls=1600&g=100&h=100&tt=1600&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:51 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 1D0F	0 0	125ms 125ms	Image text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403180101&jk=3807874126781569&bg=!VFelVxjNAAZaswqNerM7ADQBe5WfOF8HNOno39vbQ2PaBN442KNBl3y9uXcTXyylYqWg4dbPtvYLVbmdeik2nUQosA9YAgAAAHVSAAAAA2gBB34ANQql2ORefhnQiiyhicaDvkdYM_CLB_Zq0Jql2GR9Nad_36W4xsZmxUvst11Yl1RCTC3dUGN_mQKHxnwpgsCbGAzeJb85D4sufFenXp-OUkS5mSlQDGdtuNLIUD1OO7PM-qIeKgt6608HGlSCvg8giU6U_vun0Wk96IdoiUATeagRR7JRtWnNvb3cRy7IsmnOyTN7sMFujycVdazszzYkP2l5rXs3bqjA0fzg2nNtqjADvYBCF3AbUnhJhv7QR6dk7bsSNAmdiTW8dkRAq7-ICrKMEAs_IEEhjVr3r7EpLfKz113qAfJILBpUqQPRAOO9R5sixZmxQmg9d9NNXTlfS0W0WMJ1qcCFTfb9lS-jhr-mCaUHTC4fs-jcFerk_nstpSvgbCkgVwy7Kh6PE4LPe313YuBNyh775qVPCE702meHAhiFMDdqKTMRTCfvFNOIYCsApuatDfy1yMRmL1olyyCICr7ifkyHYJ2i-iRKNzFvYuVeTtNzrzT4fQi_l9j21N5Rq93iGRqBsx9R39gKkoG3yE0j27L3_yPrBTwwQ3o5m0em7JMOZ8PpvqutkXV5up-ZjhgbS-pLkeDtftWvg1NFCBschmlO_kuMYUFzzdlwskp_cKSLSRqs8fHmZdFGtRBF_25e6Sr6sn758KlPmEPL6-jHAX5r11OioFMF7S31AVSZV30iZeS-cZo8hnNAoqqVNKj5JDyxw4oTz_VKiq9iGE9cuPgWcKxGoovIBj5CdU8RSlSeH1mR5YQVJ6QKQMKXF5pMlL5kD7nYT0nEbTxx_jvCsMgRKMx5YfanSU3Mf-SKWtlaDsmklhsPgvxzuJVOkboiLC3JRFUnM-fH1EFDTDedmF1LmGMbIJ_wv5FwBxlidpA_9N8RBtdmr7IHbHOmkk_UptOdUenakcOxlDwfqOotKZLoyCAJSONZnas Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 5197	0 0	127ms 126ms	Image text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403180101&jk=2208240908608895&bg=!AAOlA0zNAAZaswqNerM7ADQBe5WfOJ2AdGcjIJuNpoJMJshxdMgyGcC_97iieWz2Z2Fx9uhbiSHZB5QH4I8BSGoCCX2qAgAAAI5SAAAAA2gBB34ANeUl2w-aiLXIjsNSXJM7odh62FBynJUvU1u7ZuH8d-OhDq5VMAY01HeGsOi_NeYez155VIoAmQJ6R-WLRJPnN520k8s0r9fKs0qKVa0Wig4ic-ntyW6ZOJ4zWhBv9bx0Id-rUfpNamCE19KtJ_J0JUbQVYdWFVLUOGesYJqmS3L5yiatFIlcIQ--NYq00c03vwp4xEfM_OauwqUMnEpp9rxIlj0VB1t-hLgTqex1Q1H6IsI02NBH-ZpEmBAlfOj2FuWaLKx7ebW2CURjeqRi1Ms27HL3zlYDrVmYV3mYxR6FnVAfcQpZ4IlFVFSpX8BVmtDWUhoo58X0_5AqUTtLEk1CRJY-0fiMECNe6JYJZxrrzcyi7IDqs6Ir4hcHgRVsIF_GBf9uG_qoREWyvt0iiyPGyN39aaoI67VNQy_b0xGvYqN3w9rVYsy0qMfqQCkChOuED_kTcmIHAghPMZXrGl8h2cNTDk7sxPm0nXYmCrMfJECvo0u1RQnIQ5H__o1GpJW70zj1T862UR2h_adHrjS3vqDdex9jUHKiRuzjLNEXefgXTazVLtPcOj7S8Nl8afIUyleIlAhGLRNPrfahJj40MjNooN1xm1BgYhKNXn2jc2nJcy76p9oENwp7VXwUr1gBApR6mgdb1ta2m_iXPLdalqAj91uB-e2kIlD6w8dE13VD3LIpHsBFtuDcBC-6wYpnZwOpGjTC73S1cTrk44kkU196kbD2x2gx6_PIFAL7mTBxHOGa-vIT-VV2DXisfc8vLKsqgkkNRrfGjeAWfVfuVRfzAwWIbCkaFh-H18Msa0uk7G25gHeNHKGBRVRcyIKO_5YLCMj5jZfzdLBc-WwODhG6TDE52-zBQzrntV-TEYvsN_o6pMjN2Pz2r7fexKJ353rFSdbfgv9ZhKG3ttCbNQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://among-us.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 3AD5	42 B 64 B	127ms 127ms	Fetch image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVjVj4oDuclS6Of9pgQHd_buH94MSr6K_QbowM1RZc9nEKQXTJoJfX4hz_20lK_Ssri7wiQu8uU5lM6yKMX89Eki8oe1IRMRNxw04QJBf-xW8UOnBvWNzfTHWOVwpoT1MJlqGTYmk&sig=Cg0ArKJSzDtQcooqimU6EAE&id=lidar2&mcvt=1001&p=0,0,100,320&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1197143995&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=701393000&rst=1711081130689&rpt=302&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b1f00d689f16b5c9b5028c6478b5bb55.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:52 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 54DC	42 B 64 B	128ms 127ms	Fetch image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst44MFF8VIy9ws1Vx88oZ68oFio5GKZRewu1kYhyVDBMcP_CJPurX3VkC9c0XNEc4GkFuWQWAoUnF3gMFX-xbHn4-fskoN5UUjLox-Qhf82yHAy60lE1ORXvMYL099mvMTS6x0YQrI&sig=Cg0ArKJSzN6IEy-Xt7XYEAE&id=lidar2&mcvt=1003&p=121,1178,371,1478&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=357935417&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=701393100&rst=1711081130759&rpt=440&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://b125afde590853e2fd72f1301c0a51cf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:52 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect www.google-analytics.com/g/	0 54 B	78ms 77ms	Ping text/plain	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=45je43k0v888089788za200&_p=1711081128153&gcd=13l3l3l3l1&npa=0&dma=0&cid=1749588089.1711081129&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1711081128&sct=1&seg=0&dl=https%3A%2F%2Famong-us.en.uptodown.com%2Fandroid&dt=Among%20Us%20for%20Android%20-%20Download%20the%20APK%20from%20Uptodown&_s=2&tfd=6967 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://among-us.en.uptodown.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 22 Mar 2024 04:18:54 GMT server Golfe2 content-type text/plain access-control-allow-origin https://among-us.en.uptodown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT