now.us Open in urlscan Pro
18.238.4.63 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://now.us/play/dra/51076/imposter
Submission: On May 05 via manual (May 5th 2023, 5:42:32 pm UTC) from IN — Scanned from US

Summary HTTP 110 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 2 countries across 29 domains to perform 110 HTTP transactions. The main IP is 18.238.4.63, located in United States and belongs to AMAZON-02, US. The main domain is now.us. The Cisco Umbrella rank of the primary domain is 171623.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 19th 2023. Valid for: a year.

This is the only time now.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	18.238.4.63 18.238.4.63	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:25c... 2600:9000:25c8:be00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
2	2620:116:800b... 2620:116:800b:21:4cb8:1820:80ca:50f7	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
10	2600:9000:20e... 2600:9000:20ed:4800:f:194f:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:25c... 2600:9000:25c8:4600:19:b6f1:d180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25c... 2600:9000:25c8:dc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25c... 2600:9000:25c8:b000:5:4275:8dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3c77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:c00... 2a04:4e42:c00::282	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20ed:4400:1d:cf37:95c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:a7e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:46d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	50.19.214.112 50.19.214.112	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:25c... 2600:9000:25c8:4000:1f:b62c:41c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.214.86 13.224.214.86	16509 (AMAZON-02) (AMAZON-02)
1	44.212.189.64 44.212.189.64	14618 (AMAZON-AES) (AMAZON-AES)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	18.238.8.230 18.238.8.230	16509 (AMAZON-02) (AMAZON-02)
1	45.76.12.142 45.76.12.142	20473 (AS-CHOOPA) (AS-CHOOPA)
4	34.194.192.152 34.194.192.152	14618 (AMAZON-AES) (AMAZON-AES)
1	23.206.46.154 23.206.46.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.238.4.43 18.238.4.43	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.223.150.68 159.223.150.68	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	34.226.36.92 34.226.36.92	14618 (AMAZON-AES) (AMAZON-AES)
2	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
110	39

36 18.238.4.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-63.phl51.r.cloudfront.net

now.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25c8:be00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:20ed:4800:f:194f:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.now.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:25c8:4600:19:b6f1:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)

dn0qt3r0xannq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200e (New York, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:b000:5:4275:8dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

html5.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3c77 (United States)

ASN13335 (CLOUDFLARENET, US)

edge.aditude.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (New York, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:4400:1d:cf37:95c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1ag38bbwvwx1z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a7e0 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:46d (United States)

ASN13335 (CLOUDFLARENET, US)

static.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (New York, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.214.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-214-112.compute-1.amazonaws.com

apis.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25c8:4000:1f:b62c:41c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

geo-location.prebid.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-86.phl50.r.cloudfront.net

netv2.now.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.189.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-189-64.compute-1.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.8.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-8-230.phl51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.76.12.142 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.12.142.vultrusercontent.com

wserver.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.194.192.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-192-152.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.46.154 (Englewood, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-46-154.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-43.phl51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.223.150.68 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

bis1.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.36.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-36-92.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	now.us now.us — Cisco Umbrella Rank: 171623	366 KB
11	now.gg cdn.now.gg — Cisco Umbrella Rank: 27193 netv2.now.gg — Cisco Umbrella Rank: 32996	2 MB
6	cloudfront.net dn0qt3r0xannq.cloudfront.net d1ag38bbwvwx1z.cloudfront.net	290 KB
4	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 674	906 B
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 287	63 KB
4	vidazoo.com static.vidazoo.com — Cisco Umbrella Rank: 2942 wserver.vidazoo.com — Cisco Umbrella Rank: 8175 bis1.vidazoo.com — Cisco Umbrella Rank: 6734	56 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 74 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	126 KB
4	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 724	252 B
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 887 id5-sync.com — Cisco Umbrella Rank: 431	19 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1116 bcp.crwdcntrl.net — Cisco Umbrella Rank: 874	13 KB
3	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2737 apis.cmp.quantcast.com — Cisco Umbrella Rank: 5800	50 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 969	786 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1284	104 B
2	prebid.cloud geo-location.prebid.cloud — Cisco Umbrella Rank: 19194	926 B
2	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 5416 vtrk.doubleverify.com — Cisco Umbrella Rank: 1313	12 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 253	302 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1033 pixel.quantserve.com — Cisco Umbrella Rank: 799	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	143 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1081	17 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 200	13 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1446	673 B
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 456	121 KB
1	aditude.io edge.aditude.io — Cisco Umbrella Rank: 15211	147 KB
1	gamedistribution.com html5.gamedistribution.com — Cisco Umbrella Rank: 20119 html5.api.gamedistribution.com Failed	3 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 920	634 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94	47 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	25 KB
110	29

	Domain	Requested by
36	now.us	now.us
10	cdn.now.gg	now.us
5	dn0qt3r0xannq.cloudfront.net	now.us dn0qt3r0xannq.cloudfront.net
4	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
4	c.amazon-adsystem.com	d1ag38bbwvwx1z.cloudfront.net c.amazon-adsystem.com
4	sessions.bugsnag.com	now.us
2	id5-sync.com	cdn.id5-sync.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	i.clean.gg	d1ag38bbwvwx1z.cloudfront.net
2	geo-location.prebid.cloud	now.us
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	static.vidazoo.com	dn0qt3r0xannq.cloudfront.net static.vidazoo.com
2	fonts.gstatic.com	now.us
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cmp.quantcast.com	now.us cmp.quantcast.com
2	www.googletagmanager.com	now.us www.googletagmanager.com
1	bis1.vidazoo.com	static.vidazoo.com
1	cdn.id5-sync.com	d1ag38bbwvwx1z.cloudfront.net
1	tags.crwdcntrl.net	d1ag38bbwvwx1z.cloudfront.net
1	secure.cdn.fastclick.net	d1ag38bbwvwx1z.cloudfront.net
1	wserver.vidazoo.com	static.vidazoo.com
1	pixel.quantserve.com	now.us
1	vtrk.doubleverify.com	pub.doubleverify.com
1	netv2.now.gg	now.us
1	apis.cmp.quantcast.com	cmp.quantcast.com
1	pub.doubleverify.com	dn0qt3r0xannq.cloudfront.net
1	d1ag38bbwvwx1z.cloudfront.net	dn0qt3r0xannq.cloudfront.net
1	cdnjs.cloudflare.com	dn0qt3r0xannq.cloudfront.net
1	polyfill.io	dn0qt3r0xannq.cloudfront.net
1	imasdk.googleapis.com	dn0qt3r0xannq.cloudfront.net
1	edge.aditude.io	dn0qt3r0xannq.cloudfront.net
1	html5.gamedistribution.com	now.us
1	rules.quantcount.com	secure.quantserve.com
1	pagead2.googlesyndication.com	now.us
1	secure.quantserve.com	cmp.quantcast.com
1	www.googletagservices.com	now.us
0	html5.api.gamedistribution.com Failed	html5.gamedistribution.com
110	40

This site contains no links.

Subject Issuer	Validity	Valid
now.us Amazon RSA 2048 M01	`2023-01-19` - `2024-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
cmp.quantcast.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.now.gg Amazon RSA 2048 M02	`2023-03-01` - `2023-11-20`	9 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
gamedistribution.com Amazon RSA 2048 M01	`2023-02-22` - `2023-10-18`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
aditude.io GTS CA 1P5	`2023-05-01` - `2023-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
geo-location.prebid.cloud Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2024-01-06`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-03-27` - `2023-06-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.vidazoo.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-12` - `2024-04-03`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://now.us/play/dra/51076/imposter
Frame ID: 5A3669C9870D7E11FAF3C6E655788266
Requests: 105 HTTP requests in this frame

Frame: https://html5.gamedistribution.com/9abe6af0fbb440b98a3e24bf7fb0636a/?gd_sdk_referrer_url=https://now.us/play/dra/51076/imposter
Frame ID: 6E5FDA6A0D8301A94CD091EF3CA77926
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Imposter Online

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

110
Requests

99 %
HTTPS

63 %
IPv6

29
Domains

40
Subdomains

39
IPs

2
Countries

4059 kB
Transfer

7967 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request imposter Show response
now.us/play/dra/51076/ 38 KB
10 KB 166ms
48ms Document
text/html 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

c9c94e4d858eefb74403b07663bd667a7db49ba71adb4db2b13b79a90f9204cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 19163
cache-control: public, s-maxage=86400, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 05 May 2023 12:23:03 GMT
etag: "97a7-Gf9oEYix/queJqyfZJ/4c77+tiw"
origin-trial: AnNwlqXgPIvT5wFRveNz75MZmkMXXtvU9NyBK0R6akaXzccWcDYr24cCZKhSCJZYlHgP0WC9BC1ELrCNg9CKMgQAAAB3eyJvcmlnaW4iOiJodHRwczovL21hdGhzc3BvdC5jb206NDQzIiwiZmVhdHVyZSI6IlVucmVzdHJpY3RlZFNoYXJlZEFycmF5QnVmZmVyIiwiZXhwaXJ5IjoxNjg4MDgzMTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
referrer-policy: origin-when-cross-origin
vary: Accept-Encoding
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-id: Zgn3NvdfhCCFtNk44KA8PS8A0niW2HgcESsRuxH3sBf_uhpfZKsGNw==
x-amz-cf-pop: PHL51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 73 KB
25 KB 160ms
72ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a23ea34e3e5242887a3fe4082270f19cd0b16738948a77c2267105a63356e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24697
x-xss-protection: 0
server: cafe
etag: 421 / 19482 / m202305020101 / config-hash: 9242847435160049959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:42:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
66 KB 145ms
56ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRM8BWR

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97176053c649685f1c749f627ae67ffc536bf2cdce3d2f58c3cca869886d5e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66673
x-xss-protection: 0
last-modified: Fri, 05 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 May 2023 17:42:26 GMT

GET
H2 200 a9c637291e4a50ef.css
now.us/6/play/_next/static/css/ 37 KB
5 KB 52ms
52ms Stylesheet
text/css 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/css/a9c637291e4a50ef.css

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

d832bde8ef6a9274fa93f2afea9e9866496600e2fb91d8b71543cf115f008725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"92aa-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: TUtjPYP5PuAl0oZ81wgaez5pN18emMk3x-8QZArluscKkIxAlkNevA==

GET
H2 200 webpack-f31c1753a06184f5.js Show response
now.us/6/play/_next/static/chunks/ 5 KB
3 KB 49ms
47ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/webpack-f31c1753a06184f5.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

a3e833b076d7d3fed9aa933fee96fce3c86f38e77acf0724f0d78f9ffc1f3093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"1301-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: GzjIjboe53xdFsjQF-gdpQvIq5uhDKJRLxRrwPpAE0e-4dNXWHtz9w==

GET
H2 200 framework-37f184a7445c0fca.js Show response
now.us/6/play/_next/static/chunks/ 24 KB
9 KB 51ms
49ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/framework-37f184a7445c0fca.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

1fdf6c1d7409adcae814585261f62394431e8d89438640aac3778f0f963cd4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"6155-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: h5owJcwWStftqfqOdqkL2Zt1uUdj6LbT2ZjG4Q0KQDBwQySmOMpIAg==

GET
H2 200 main-6115e9ec8ed9fa75.js Show response
now.us/6/play/_next/static/chunks/ 105 KB
32 KB 97ms
95ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/main-6115e9ec8ed9fa75.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

b35a386e6bd2e2878a761740af9afbd344b6a3ae934940ad4ccc80f905d2c88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"1a591-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: CtpDH2ZvhKdkn8kjVo9leLwNMmnWdNML8Qs3R0zdTEIsKGckbbOcoQ==

GET
H2 200 _app-cd3a0183c8367461.js Show response
now.us/6/play/_next/static/chunks/pages/ 399 KB
125 KB 60ms
58ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

5201159aa25e08059259d443a2d494533e20c39f8ae1a033e4fe7882e6f9f29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"63d24-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: ugRej8Tzd6-ZmEInOj6zWHkkAgIK6B1zk7kpL0BLyfSpqx824F-iMA==

GET
H2 200 675-1539a2a581a5ea1e.js Show response
now.us/6/play/_next/static/chunks/ 9 KB
4 KB 54ms
53ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/675-1539a2a581a5ea1e.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

76b79a8db565a952f3bbabb5e7860a08d85f5895e9cfea76a1ea62749dafccae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"2546-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: k2kHERPAOS1eFFclmUIkDujfNV56D1eoOxNbOMnrDyX0ZTsGHp-BnA==

GET
H2 200 661-be1f7fd94b6d9ad1.js Show response
now.us/6/play/_next/static/chunks/ 58 KB
19 KB 72ms
71ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/661-be1f7fd94b6d9ad1.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

7c4f01ac2971de41d1c796be54959bbacc5894fddc3da461e6e30baa9961ba14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"e7de-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: Dx-5BCZQ5zfAds-Ys3jSPMttYKvb73FtL3BE2kMm7ZcICJMBJX0gdg==

GET
H2 200 258-8b4006b0107acab9.js Show response
now.us/6/play/_next/static/chunks/ 23 KB
9 KB 161ms
159ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/258-8b4006b0107acab9.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

8649f3a6b7a7ca8b6827f23f755683e65ca9ec5871535bd3ec67580702798b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"5dc2-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: rMzFe8a7jpgZBcVH0YrM43iarukRpemKDOO-O_mQ0s14aEDDx-Ldig==

GET
H2 200 index-cb198b2d4f4a6634.js Show response
now.us/6/play/_next/static/chunks/pages/ 18 KB
7 KB 158ms
156ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/pages/index-cb198b2d4f4a6634.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

99c9c4fc866c2dac4d22455419b417c158b570d22fba6be4fe79e23486348693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"4888-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: 9iHj1YVN9HUOWx9SRiqLzKqLM2SUVfWYWoVfCG8YvXekA1PWGbwVNQ==

GET
H2 200 _buildManifest.js Show response
now.us/6/play/_next/static/J2Zp_8XXXXN1KEawIIgIf/ 1 KB
1 KB 161ms
160ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/J2Zp_8XXXXN1KEawIIgIf/_buildManifest.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

87fe0a2fc1275fbb45884c8fb8506289e59dd07a4b119006159220bf66d47579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30341
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"43c-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: btlf-A8zGyWUk8lZ_6sSrV6TzAAhsBjMedbRcnEEEoaBev2G6fMSVw==

GET
H2 200 _ssgManifest.js Show response
now.us/6/play/_next/static/J2Zp_8XXXXN1KEawIIgIf/ 77 B
566 B 162ms
161ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/J2Zp_8XXXXN1KEawIIgIf/_ssgManifest.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:25:42 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PHL51-P1
age: 29804
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
content-length: 77
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"4d-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: 3InGd6vb0iC6d7IdZpMdJ4-b6YVE-7_7Jrd76nG1T_p-gUKkjUIfwQ==

GET
H2 200 _middlewareManifest.js Show response
now.us/6/play/_next/static/J2Zp_8XXXXN1KEawIIgIf/ 92 B
581 B 162ms
161ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/J2Zp_8XXXXN1KEawIIgIf/_middlewareManifest.js

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:25:42 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PHL51-P1
age: 29804
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
content-length: 92
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:02:25 GMT
etag: W/"5c-187eaef0268"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: bGzhqUpNA6xxf-WVD6VZaQ9nJa0I588bc2xbmfOVbSNBRnFQnOr02Q==

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/mw9xJtqPQGFbC/now.gg/ 4 KB
2 KB 188ms
45ms Script
application/javascript 2600:9000:25c8:be00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:be00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9119c961dfee089cb60e25c3e34bf72141c1029260f9f1729cf3c56876a5e3ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:10 GMT
content-encoding: gzip
via: 1.1 a147f9c60c162e36df3586fdd9c01478.cloudfront.net (CloudFront)
last-modified: Fri, 23 Sep 2022 17:07:48 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 16
x-amz-server-side-encryption: AES256
etag: W/"597f96b4fa546b13d8f762bd3c15724e"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: dL7m2BhRZgqC7NWvHLVQ9CDtdTHKevn9BtUMlxyPBuTcCGQqF3IkgQ==

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
255 B 166ms
166ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: sVFvQR6DMbuq-V2a0cpQ2Sh083j6Jo3-DvXoZljGtWJYkXx-SZ5sUA==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 127ms
66ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://now.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 69ms
65ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://now.us/
Bugsnag-Sent-At: 2023-05-05T17:42:26.330Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: 5409ce593426cf95bd284a5b809c62c5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 google
bugsnag-session-uuid: d176bfcd-59cf-4d73-b02c-255347da3016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 96ms
68ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://now.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
112 B 68ms
66ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://now.us/
Bugsnag-Sent-At: 2023-05-05T17:42:26.354Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: 5409ce593426cf95bd284a5b809c62c5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 google
bugsnag-session-uuid: 6df82e93-c671-4d7d-b629-c8b83b64f1f5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 127ms
42ms Script
application/javascript 2620:116:800b:21:4cb8:1820:80ca:50f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 12 May 2023 17:42:26 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 178 KB
47 KB 52ms
52ms Script
text/javascript 2600:9000:25c8:be00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=now.gg
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:be00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 253dbb7cdf8b323dd7701b955a3557228e07163d34c34a09844928005b2107dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 16:57:59 GMT
content-encoding: gzip
via: 1.1 a147f9c60c162e36df3586fdd9c01478.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 2668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 05 Apr 2023 15:47:13 GMT
server: AmazonS3
etag: W/"44b9dae010477f4d1d41d5d25cbbc7af"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: mwbiXAEE2PwaeEOjTWsDQzH7_vpZwg_lHi4Ltgh65GVU1S9Jj19zoA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 139ms
46ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRM8BWR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 17:22:23 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1203
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 05 May 2023 19:22:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 54ms
53ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8VVPTD9ZTY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRM8BWR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75d748cfa797ed3c711e1792b442fd3fefc1777b72247319fa6913b531265be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 17:42:26 GMT

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
255 B 178ms
178ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: KdiapEjwdryVN2oK1GD9HwPFA4o78bwVfaVsX8hHENNvvkWfO83EqA==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
254 B 154ms
154ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: Ql1Ao3gLWVbbXFwNYNsftDf0IuuC_gPkm5c6473d92lkEnjOeyLZ1w==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 200 615-d739b0a7f7d52914.js Show response
now.us/6/play/_next/static/chunks/ 17 KB
4 KB 45ms
44ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/615-d739b0a7f7d52914.js

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/webpack-f31c1753a06184f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

ab3c32122fdf5189c1ae4d8479766e19318a5f55da0b244200f8f52e9c76890d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30339
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"4458-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: yhj84yYsCfdA_4dwuiLDuEdA6GfE0Ri7XPTAOdZLlGKbJSwy_1Nuyg==

GET
H2 200 64-884e85904bac336b.js Show response
now.us/6/play/_next/static/chunks/ 42 KB
5 KB 47ms
45ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/64-884e85904bac336b.js

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/webpack-f31c1753a06184f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

d7697dc5ab4f8af0cd5225fd0ec49bbbfe72ede46c9d20d04cd5e117f4bcec9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30339
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"a710-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: fgXrCk-EK_ydfks541A081aRcoxY7YlH3_vUFdFeZDZgZCmityerHw==

GET
H2 200 694.6409857beb94de68.js Show response
now.us/6/play/_next/static/chunks/ 115 KB
25 KB 48ms
47ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/694.6409857beb94de68.js

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/webpack-f31c1753a06184f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

790daa089eded306a650619207f9db589e8e86d78133eb9b58f9ef4c9d6e6828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30339
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"1ca01-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: AgFfYClut6lU5lV-1PFpnfvwijr2SZLx9iHxKA7UGwB61uFu7YSInQ==

GET
H2 200 imposter.jpg
cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51076/banner/desktop/ 33 KB
34 KB 213ms
49ms Image
image/jpg 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51076/banner/desktop/imposter.jpg
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16cfeadab83b9390c2ea631ae3b88100efe920ec82dc7f2174f765e299c9b9de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 06:05:02 GMT
x-amz-version-id: ZEQkwM5W4e1D2H0hzd1NbtJ2PiZBfVeG
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 06:59:31 GMT
server: AmazonS3
age: 41845
x-amz-cf-pop: PHL50-C1
etag: "9807a0feba220b89d99aeaceec214f89"
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 33951
x-amz-cf-id: wqTDRYkTPeQS8a_oCA6xNifW05miXrm4nSuQdarB_H-Rt53kxDQfUg==

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
255 B 157ms
157ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: ghZXyOz0aQD0WPU_iTh_zVpmDU27KM3QaG4k3uWB6l1YUroShW2JwQ==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 200 prebid-load.js Show response
dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/ 17 KB
6 KB 167ms
48ms Script
application/javascript 2600:9000:25c8:4600:19:b6f1:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-load.js
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/main-6115e9ec8ed9fa75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4600:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 733935c04b0e470760543c7cae6c494f5f09f523c26fccbb0a2998071b7518d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:39:54 GMT
x-amz-version-id: ERqiiIusygzJka8fNipJxtZ.UmHnUIb6
content-encoding: br
via: 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 May 2023 15:52:42 GMT
server: AmazonS3
etag: W/"3158c5908c15ec243f82c452029ad3f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: sg8OAmvp87-1F1SHi6tRJfs_KJQ4_VQSOkGPy6YuH41QXLkvZz1RNQ==

GET
H2 200 prebid-load.js Show response
dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/display/ 17 KB
6 KB 171ms
52ms Script
application/javascript 2600:9000:25c8:4600:19:b6f1:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/display/prebid-load.js
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/main-6115e9ec8ed9fa75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4600:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74e8ddc88d8b1398170d2d07a347e236b6e4cebd0f459febd8b000e22bc7dbc3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:39:54 GMT
x-amz-version-id: hn0ow4CgiZynT2UmUT59RLqZfYzCAYnu
content-encoding: br
via: 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 May 2023 15:52:42 GMT
server: AmazonS3
etag: W/"07c3460d18d19b946643fe05e9471dee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: FMjp7feOKwCPHHTR6HRp8TgSxqgPnbk1AW9YS7jwWFzjazFoyEPJ5g==

GET
H2 200 367-fc84e7d4174be765.js Show response
now.us/6/play/_next/static/chunks/ 44 KB
10 KB 48ms
45ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/367-fc84e7d4174be765.js

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/webpack-f31c1753a06184f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

20f70d60a7c26f446beaadf96aeb778bf5392dad9c5d564a44901d92b9a6bdf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30339
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"b059-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: MIV0mHrALj80l6GJpRJMv4UAmKhgZACqzYSTs8S49p9VIpuLEPyswg==

GET
H2 200 949.3e879fc578cfbf3e.js Show response
now.us/6/play/_next/static/chunks/ 146 KB
32 KB 50ms
47ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/949.3e879fc578cfbf3e.js

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/webpack-f31c1753a06184f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

afa8b592172c7922ba8ca72cf62b0fb9ff2920271b5fb412d028325b1e28d65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30339
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"248bb-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: _NutLAlkJCXbIzhWEpilVkDSOO3kcUDan3dF74Bf3F8zrwtXxUAeXQ==

GET
H2 200 115.4d43ed3454460546.js Show response
now.us/6/play/_next/static/chunks/ 7 KB
3 KB 53ms
51ms Script
application/javascript 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/_next/static/chunks/115.4d43ed3454460546.js

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/webpack-f31c1753a06184f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

25e09a3deac6564d833d63e9c76afa6e1b04095f450d9089db02b39b8c421d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30339
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"1ae1-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: A8xyK_u_Nd0jDCKezb8sP0LkQoxzxE-CNss5x9PqWK2uiEqaYlv1CQ==

GET
H2 200 imposter.png
cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51076/icon/ 276 KB
276 KB 124ms
49ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51076/icon/imposter.png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4a1bb124ab42cfc2971f8663c51d3f32bfba548e329c1aa5836ef9184c71db7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 05:40:51 GMT
x-amz-version-id: CJNQ5et77da_W0A.9ZYNVThj66kolO0U
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 06:59:42 GMT
server: AmazonS3
age: 43295
x-amz-cf-pop: PHL50-C1
etag: "071a111045ef3f24a0bbe182a4b3f49d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 282408
x-amz-cf-id: U1HQv2BYzzvQ1r1w7FACwWZR5oUEnlaBKhFHfJNtMt1SSNH0EciHuw==

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
255 B 145ms
145ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: Tb80JwSOJIIBDfBQy2uvLoqmBsPgWhCI-e-qIE3seaCsRenutfNaYw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
255 B 179ms
177ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: lVKkv2cmkXhjLagK_mApuW7lR_HAT2tbOCFZ4e7oXy7_Vv_GCJEynw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 208ms
119ms Fetch
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8c8b440c29432131e918c0084a90a7a4f471ee1e619f678f94fd5543f1c5995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47223
x-xss-protection: 0
server: cafe
etag: 5085651169950239946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:42:26 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 142ms
53ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8VVPTD9ZTY&gtm=45je3530&_p=238191363&_gaz=1&cid=1832284195.1683308547&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683308546&sct=1&seg=0&dl=https%3A%2F%2Fnow.us%2Fplay%2Fdra%2F51076%2Fimposter&dt=Play%20Imposter%20Online&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VVPTD9ZTY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:42:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://now.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
239 B 123ms
44ms Ping
text/plain 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8VVPTD9ZTY&cid=1832284195.1683308547&gtm=45je3530&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VVPTD9ZTY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:42:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://now.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-mw9xJtqPQGFbC.js Show response
rules.quantcount.com/ 160 B
634 B 140ms
47ms Script
application/javascript 2600:9000:25c8:dc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mw9xJtqPQGFbC.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6b682beae6aa439394462d9e603c01b46359c79dfb370543f09f8be34fcbd89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:10:19 GMT
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 1928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 23:47:15 GMT
server: AmazonS3
etag: "cf8b64ad8d2b55ac0cd14e4230cf7524"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 8i7qQuEh4qPLfzZyQHZdK6EiZ5JcHZwR4-iCqJMD0_Pk3R1D4je-BQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
203 B 55ms
55ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=238191363&t=pageview&_s=1&dl=https%3A%2F%2Fnow.us%2Fplay%2Fdra%2F51076%2Fimposter&ul=en-us&de=UTF-8&dt=Play%20Imposter%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=481933660&gjid=1246018418&cid=1832284195.1683308547&tid=UA-187609514-1&_gid=1833629628.1683308547&_r=1&_slc=1&gtm=45He3530n81PRM8BWR&z=165627283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:42:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://now.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
html5.gamedistribution.com/9abe6af0fbb440b98a3e24bf7fb0636a/ Frame 6E5F 8 KB
3 KB 205ms
53ms Document
text/html 2600:9000:25c8:b000:5:4275:8dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://html5.gamedistribution.com/9abe6af0fbb440b98a3e24bf7fb0636a/?gd_sdk_referrer_url=https://now.us/play/dra/51076/imposter
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/framework-37f184a7445c0fca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:b000:5:4275:8dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.23.1 / Express
Resource Hash: 5e787aff6a40507afb8a15c7b2ab55449185458f71957ed7c40dcaae952ebeb4

Request headers

Referer: https://now.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 31196
cache-control: public, max-age 3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 05 May 2023 10:20:10 GMT
etag: W/"1e24-iQswnr4RIFPws+yaFIg/EPyiBkE"
server: nginx/1.23.1
vary: Accept-Encoding
via: 1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
x-amz-cf-id: AGHqjgFUqlCF521F2IIvKIf3t461zj_ePzbteW2g6Q568wOYqPc1gg==
x-amz-cf-pop: PHL51-P1
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 horizontal-light-tagline.586c7736.svg
now.us/6/play/_next/static/media/ 15 KB
6 KB 46ms
44ms Image
image/svg+xml 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.us/6/play/_next/static/media/horizontal-light-tagline.586c7736.svg

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

5c255adcec7c9ce3789a996f8cb3030cba243b3d4448e85fbbdb0239e8433b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 09:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 30338
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"3df8-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: GliH5aDkVCRGwmlzEdvaxOo0Jd_pLi9R1f_QnGGLBJSnKjkbgtaLjQ==

GET
H2 200 down-arrow.cf293721.svg
now.us/6/play/_next/static/media/ 206 B
680 B 47ms
45ms Image
image/svg+xml 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.us/6/play/_next/static/media/down-arrow.cf293721.svg

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

bd6ceb57716d738e3a7012f8ac79b5f4ae967bec1dbd71fa33e5254f1e17d49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:08:33 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PHL51-P1
age: 23633
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
content-length: 206
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"ce-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: mNmUvNZchnltiMij6udSvCmZg4oNZ-ofP1A28IVLkpwDxZ4GoVYkJg==

GET
H2 200 recorderImg.822cd89f.svg
now.us/6/play/_next/static/media/ 244 B
718 B 48ms
46ms Image
image/svg+xml 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.us/6/play/_next/static/media/recorderImg.822cd89f.svg

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

474f34dea78c2cd09d8d55414388d425cd414bf41adcacdd028c361150f997a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:08:33 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PHL51-P1
age: 23633
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"f4-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: 0JfaykjviZd7T2JoRB7hP8DSPYimOa3U23x-OGN6yCT6bNkqE5u-4Q==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 135ms
41ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://now.us/
Origin: https://now.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:56:10 GMT
x-content-type-options: nosniff
age: 557176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:56:10 GMT

GET
H2 200 icomoon.ttf
now.us/6/play/fonts/ 12 KB
7 KB 82ms
80ms Font
font/ttf 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://now.us/6/play/fonts/icomoon.ttf?ow6spm

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

3f32c2d0f7b8e24b92d9fbb3648aa2ee8f2a305accb9546edec42ebbaf916e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://now.us/play/dra/51076/imposter
Origin: https://now.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 10 Mar 2023 08:25:25 GMT
etag: W/"2e78-186ca9ff108"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: _p6pWD9eDj1sqRpX9BZW_M3RrJYY6uTuT-reTCm99s-0tEjf9gq8Qg==

GET
H2 200 prebid-wrapper.js Show response
dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/ 91 KB
27 KB 54ms
51ms Script
application/javascript 2600:9000:25c8:4600:19:b6f1:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-wrapper.js
Requested by: Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4600:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33b73cf702142d3ae7591608fc8bbc95cf002d49d13cd992bf03b7847b082707

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:39:53 GMT
x-amz-version-id: SfvAcl9wk3Yw8L_id0EUsEwo9oiccepl
content-encoding: br
via: 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 May 2023 15:52:42 GMT
server: AmazonS3
etag: W/"48c2d38b6cbae48fabc71d8c80cf976b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: DfEU5YZ8gxzExM8jSIlSxJRXHqPiZ_ZGcU_jJ4Ceccuhk7PNq08ssA==

GET
H2 200 7.36.0.js Show response
edge.aditude.io/prebid/ 466 KB
147 KB 111ms
38ms Script
application/javascript 2606:4700:10::6816:3c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.aditude.io/prebid/7.36.0.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYWRwb2QiLCJhbXhCaWRBZGFwdGVyIiwiYXBwbmV4dXNCaWRBZGFwdGVyIiwiY29uc2VudE1hbmFnZW1lbnQiLCJjb25zZW50TWFuYWdlbWVudFVzcCIsImNwbXN0YXJCaWRBZGFwdGVyIiwiZGZwQWRTZXJ2ZXJWaWRlbyIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpbnN0aWNhdG9yQmlkQWRhcHRlciIsImluc3RyZWFtVHJhY2tpbmciLCJpeEJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvbmV0YWdCaWRBZGFwdGVyIiwicHJpY2VGbG9vcnMiLCJwdWJtYXRpY0JpZEFkYXB0ZXIiLCJwdWJ4YWlBbmFseXRpY3NBZGFwdGVyIiwicHVsc2Vwb2ludEJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ1c2VySWQiLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIiwidmlkYXpvb0JpZEFkYXB0ZXIiLCJ2aWRlb01vZHVsZSJd

Requested by

Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-load.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3c77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3790ff5b1a600bc67eb655fcd83b8875038a89291e150075343633ba509f3b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-vercel-id: cle1::iad1::vsfvg-1683220754934-0288dd9f362f
server: cloudflare
age: 87792
x-matched-path: /prebid/[version]
etag: W/"74873-Hpc9NoXaVRIawC1HntrHpsK4u9A"
x-vercel-cache: HIT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region: iad1
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2678400
cf-ray: 7c2ac7b14e57633c-ORD

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
121 KB 159ms
70ms Script
text/javascript 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-load.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fca970e379ea0c0d2aca05506e906a4dd475a4acf7f8767187c84d71c2014322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122883
x-xss-protection: 0
expires: Fri, 05 May 2023 17:42:26 GMT

GET
H2 200 prebid-player.js Show response
dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/ 665 KB
168 KB 67ms
64ms Script
application/javascript 2600:9000:25c8:4600:19:b6f1:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-player.js
Requested by: Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4600:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 280bbbe6dd5a551ab7186c7be6ad7527b121445809ece0ceab49cae23666844b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:39:53 GMT
x-amz-version-id: zGt1AA_pspy0uosEV2cK6.JcPDpuDo6Q
content-encoding: br
via: 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 May 2023 15:52:42 GMT
server: AmazonS3
etag: W/"54a9ab50db966e02146b9bfa7109ac73"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: pbPFtAhLdVd1tWVN6_0ay_ORvcI6Z1Uu-O4I5rSlm7oZH2W6QhDnDw==

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
673 B 116ms
35ms Script
text/javascript 2a04:4e42:c00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver

Requested by

Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-load.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 17:42:26 GMT
age: 24736
detected-user-agent: Chrome Mobile/113.0.0
useragent_normaliser: chrome/113.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/113.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/6.4.0/ 45 KB
13 KB 100ms
32ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/6.4.0/video-js.min.css

Requested by

Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/video/prebid-load.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b3790895475aaec08aaa446ad0581841544e6220c0908bb18b2ab7573ec04b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2104370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12360
last-modified: Mon, 04 May 2020 16:17:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401f-b408"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcKDK4cOQjBQOWmIt%2B87YdOxmiJHs3iLKBo0XKd5GMFErCyw9JB5IJ%2FGIYH93qdmKH0KsQ8EHhVNxN7NRulzQSMAmjz3jPIcfWqii2lDTjfPpYe5qxcXrK3YRytI%2BYMwbyG51cTZM0rbue9m42owfJsR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c2ac7b13b2910dc-ORD
expires: Wed, 24 Apr 2024 17:42:26 GMT

GET
H2 200 prebid-wrapper.js Show response
dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/display/ 156 KB
39 KB 158ms
156ms Script
application/javascript 2600:9000:25c8:4600:19:b6f1:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/display/prebid-wrapper.js
Requested by: Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/display/prebid-load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4600:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a94246c0ce6bd502c1e8091be9113bed66a1c017b71f5eee5c199bd62fb2fdbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:39:53 GMT
x-amz-version-id: DfK_jUu20HA.yqlIqy8m3.sF7iWi33kN
content-encoding: br
via: 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 May 2023 15:52:42 GMT
server: AmazonS3
etag: W/"7c7847f49d2d2fdad00c7f19ea298aed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 44oCPXg3SVnvGzsH0annfNQshmMpdUICJ7hk4TNFs_JE1s-inMzK4g==

GET
H2 200 script.js Show response
d1ag38bbwvwx1z.cloudfront.net/ 126 KB
44 KB 169ms
49ms Script
application/javascript 2600:9000:20ed:4400:1d:cf37:95c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ag38bbwvwx1z.cloudfront.net/script.js
Requested by: Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/display/prebid-load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4400:1d:cf37:95c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ab5a34423da443adf444abf5f00021f7aea8c97adada9b73a2a91b726ce74f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: x5ogt7zXLVeNBN_Mpapa.dPJiHmNUa_3
content-encoding: gzip
via: 1.1 934f97734451ac135c3e6c1480f72d4e.cloudfront.net (CloudFront)
date: Fri, 05 May 2023 17:42:10 GMT
last-modified: Fri, 05 May 2023 14:56:37 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 17
x-amz-server-side-encryption: AES256
etag: W/"9e5c73e8e7f0f47f8381b0313c34490a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: YbYe6qU-mGBKD3ocHEb0yAI9_IYureLHv491DakJS9vyB14S9V2F8g==

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 34 KB
11 KB 115ms
43ms Script
text/javascript 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/display/prebid-load.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb8a67264227895ac4ef5d15b4b12b129dfe89787f76ff12f04c2eb03dbe2bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 7c2ac7b14a4310c2-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vwpt.js Show response
static.vidazoo.com/basev/ 211 KB
52 KB 106ms
39ms Script
application/javascript 2606:4700::6812:46d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/vwpt.js
Requested by: Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/nowgg-IZQznjkQaj/display/prebid-load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c89967177dd64c81fe904177809465a5ade8676b48a66d3187a8266579ac7484

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 8S0NPGY7C73JZZZY
age: 29175
x-amz-server-side-encryption: AES256
content-length: 52190
x-amz-id-2: D9byfXgJbcPb20uP+gODUQcnA0Br4IcPARx5EsQPh1VIa8rfoS/L+5vl4eHV33mVTzLbpehL17U=
last-modified: Sun, 23 Apr 2023 09:35:59 GMT
server: cloudflare
etag: "abe7c02e946b4dba54ee6ae49b2296f0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c2ac7b14e4810fe-ORD
access-control-allow-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires: Sat, 06 May 2023 17:42:26 GMT

GET
H2 200 getList Show response
now.us/ncm/appsc/v1/ 435 KB
40 KB 47ms
46ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/ncm/appsc/v1/getList
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 721de8524eefb8fc59e4fdd7920772f26e47229da24356c4706406898bbdc2c6

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 16:59:09 GMT
content-encoding: br
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 2597
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
x-amz-cf-id: 1EGHn5dahrgk0lr-yWr6pjE3utNGx74LvtAx1CE6KvRUXLdgHip-OA==

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
256 B 176ms
176ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: yHq2_6Jqp7l3YFT-abgLZVnb22ygLFvPydsZ7PeSOmGTCLm6Yx7gwQ==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 45ms
44ms XHR
text/plain 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-187609514-1&cid=1832284195.1683308547&jid=481933660&gjid=1246018418&_gid=1833629628.1683308547&_u=YADAAEAAAAAAACAAI~&z=406869661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 May 2023 17:42:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://now.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/ 401 KB
124 KB 141ms
45ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7871265d48a73d823e56d6925815a3c296ca4a685ea8e7a65a4d2231bf235633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 16:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5398
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126854
x-xss-protection: 0
server: cafe
etag: 15874553025474995102
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 04 May 2024 16:12:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 803 B
925 B 151ms
56ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=now.us

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b465f41ac2e0a5386449a85e95e7fdcb29a4fb2d24af6eb452531b6922450fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 382
x-xss-protection: 0
expires: Fri, 05 May 2023 17:42:26 GMT

GET
H2 200 geoip Show response
apis.cmp.quantcast.com/ 47 B
168 B 157ms
50ms XHR
application/json 50.19.214.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.cmp.quantcast.com/geoip
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=now.gg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.214.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-214-112.compute-1.amazonaws.com
Software: /
Resource Hash: a9eadcfd34ab82af313e70caa8fee71cdd4abe308c3df7fe24e21b82dc5f2c3c

Request headers

Accept: application/json, text/plain, */*
Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 17:42:26 GMT
content-type: application/json; charset=utf-8
content-length: 47
x-geo-ip-version: 1.2

GET
H2 200 geo Show response
geo-location.prebid.cloud/v1/ 91 B
463 B 160ms
53ms Fetch
application/json 2600:9000:25c8:4000:1f:b62c:41c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geo-location.prebid.cloud/v1/geo

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:4000:1f:b62c:41c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6e672b6431bc95b905eb534e7a8429c4fe120d839f7caa7a18dfddd6df4865cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept: application/json
Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:31:30 GMT
via: 1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 22256
x-amzn-requestid: f5a77c37-4484-44e4-993c-0c0071faf0c9
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: Ecla3HqOoAMFdNw=
content-length: 91
x-amz-cf-id: G-GGWuNGt0zfYazcjeIymDjq0SQ1YTu3kI6MQPVH-Q7b2EhZs_u6lg==
alt-svc: h3=":443"; ma=86400

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
255 B 162ms
162ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: p4MKCpfjZ6S2i6ULEVsswBap_kupt_mJWnObDjyUKeiXsd5W3DXPog==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
256 B 172ms
171ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: Q-XL_FkZtVergxSjhLegB82VyYy2ZkyoCFLRPpgYKTSo3VP31RQzHw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 403 playtoken Show response
netv2.now.gg/v3/ 919 B
1 KB 216ms
47ms Fetch
text/html 13.224.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://netv2.now.gg/v3/playtoken
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-86.phl50.r.cloudfront.net
Software: CloudFront /
Resource Hash: c21986abb2d3520843a11ff8938f519e071c426ef1050da052a33fa24d2b4e3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:26 GMT
via: 1.1 29cb8c298da4d2ced72495e99456ecc8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PHL50-C1
x-cache: Error from cloudfront
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 919
x-amz-cf-id: 0mGeKuH2xF2b9zA28-JlcnnsI4mlopTGsqG5R7kclV505lYjcD7msQ==

GET
H2 200 stickman-fighter-epic-battles.png
cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51176/icon/ 216 KB
217 KB 48ms
46ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51176/icon/stickman-fighter-epic-battles.png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 814859f48c6806b65df6a86bd91f311556b242d99f78de210e8168104acb1432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:36:37 GMT
x-amz-version-id: ioriVdizSJgLO1tih9moTfLRMfT1CFhi
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 12:47:20 GMT
server: AmazonS3
age: 21950
x-amz-cf-pop: PHL50-C1
etag: "22da423c5a8989113bf0bcb82ba8c6a8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 221493
x-amz-cf-id: mSZ42CZGHpKLNb4gLsoEtM_E94sg786S3-S2m7dPbEI43r0VdXmi0A==

GET
H2 200 crazyshoot.png
cdn.now.gg/apps-content/com.ym.crazyshoot/icon/ 330 KB
331 KB 68ms
66ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.ym.crazyshoot/icon/crazyshoot.png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88ed1e6f07b3f2e94a489289b1e45e6bbb496d67471d8b6a079e027314ba2a10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 05:37:59 GMT
x-amz-version-id: HocvyqSYdBTu4sN17cjwmTZ9pm9PXmjX
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 10:11:14 GMT
server: AmazonS3
age: 43468
x-amz-cf-pop: PHL50-C1
etag: "565166623157e739933cdad94edca0de"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 338178
x-amz-cf-id: gh2jFhaLlFxAfw55yvvNiPur9uU8LeHRSc6LbmULwmcpWSl3z-YwMQ==

GET
H2 200 gacha-studio-(anime-dress-up).png
cdn.now.gg/apps-content/air.com.lunime.gachastudio/icon/ 208 KB
208 KB 109ms
107ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/air.com.lunime.gachastudio/icon/gacha-studio-(anime-dress-up).png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95a4506a440e0c9375b5cf58b014bf1b439c25b46fd1b13518c15c24a8b89a2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:08:35 GMT
x-amz-version-id: qtEIdL04utgd_RK3uL78XLxW83rDoLcs
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jun 2022 11:33:43 GMT
server: AmazonS3
age: 23632
x-amz-cf-pop: PHL50-C1
etag: "f9bdc132802670db6ea56709bfb8ab25"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 212579
x-amz-cf-id: EiYSE3su2molYKa2TVE-9SC2B-AjQr-UlQw1z_gercBT1MbnD6tRAw==

GET
H2 200 azur-lane.png
cdn.now.gg/apps-content/com.YoStarEN.AzurLane/icon/ 369 KB
370 KB 126ms
124ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.YoStarEN.AzurLane/icon/azur-lane.png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29b930393d898c6d3ba784e3b991f3840032c55633c0a6249394f2ea66eb33e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 05:40:47 GMT
x-amz-version-id: K4HwUhn.CU7OLBnd0tCCz16OgmwO75IE
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 06:56:08 GMT
server: AmazonS3
age: 43300
x-amz-cf-pop: PHL50-C1
etag: "2cfc1b490ca27ce9761b4d1a4568c7e9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 377760
x-amz-cf-id: 6xiG1KEf7vztsQ2FicWCY4okqLsfO89RHrdx8Ebf8ij5cW0BexCBFQ==

GET
H2 200 game-icon.png
cdn.now.gg/now-gg-store/483/com.nowgg.h5.pub483.app51029/63e49f75ddb6862c0cd1c61f/assets/en/ 98 KB
98 KB 137ms
135ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/now-gg-store/483/com.nowgg.h5.pub483.app51029/63e49f75ddb6862c0cd1c61f/assets/en/game-icon.png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 438e008d835bff842a06e3c4302121c3f7c53143c2188d18e388e316c60907f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 06:25:15 GMT
x-amz-version-id: ERz_DdIFQf9ZAMbeBXSME_fGRrsa8Baa
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Fri, 10 Feb 2023 09:00:22 GMT
server: AmazonS3
age: 40632
x-amz-cf-pop: PHL50-C1
etag: "6e34482da76544c73afc803390145e36"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 100051
x-amz-cf-id: UMiUe9oSVMmuE1yEAylDM6IlF5Sp1ZE6v3ummPM0wPRHp5_J_2Tl2g==

GET
H2 200 traffic-jam-3d.png
cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51246/icon/ 569 KB
570 KB 146ms
145ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51246/icon/traffic-jam-3d.png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59898cd2af52c13278d67923c6c558224f62d1b800636ec9d59acf3bcf9d9b58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 06:27:12 GMT
x-amz-version-id: KKXQBtNrXlI.pBXdSSJOEZ1N8RPCB5Yv
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Mon, 10 Apr 2023 10:50:54 GMT
server: AmazonS3
age: 40515
x-amz-cf-pop: PHL50-C1
etag: "4046070ea2c3aad4ededf8de28d5046e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 582536
x-amz-cf-id: MYIKek4iAD8918TrBvI50jvbdT1uolRdf53fWeyRAhBp8YisD358Sw==

GET
H2 200 bottle-flip.png
cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51179/icon/ 156 KB
156 KB 146ms
144ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.nowgg.h5.pub483.app51179/icon/bottle-flip.png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b35312e2086c57f555ef3e4ef8c8f336b29d18178114956262561cbb625966ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 05:51:27 GMT
x-amz-version-id: eYId9hx.6fk8pX7JBEgYdRxITQTaLcRE
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 10:55:58 GMT
server: AmazonS3
age: 42660
x-amz-cf-pop: PHL50-C1
etag: "b2294d5e075fd1fa73fbdec0a79a4acc"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 159616
x-amz-cf-id: mXEMvDMorUbLhhgBTTHnlLqKajh-Z6BVDkr4tKyTu7zaBiOeOt5HwQ==

GET
H2 200 odysseus-kosmos.png
cdn.now.gg/apps-content/com.herocraft.game.premium.odysseus1/icon/ 230 KB
231 KB 146ms
145ms Image
image/png 2600:9000:20ed:4800:f:194f:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.herocraft.game.premium.odysseus1/icon/odysseus-kosmos.png
Requested by: Host: now.us
URL: https://now.us/play/dra/51076/imposter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4800:f:194f:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ab084e2661589fcf21a39a1c43ef10c37e113f1db3961b2bc6b5f85da64d90f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 05:37:37 GMT
x-amz-version-id: xtTYy5hghxAaueN9SrnGNUOP5DQWC7ce
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified: Fri, 17 Mar 2023 04:49:40 GMT
server: AmazonS3
age: 43490
x-amz-cf-pop: PHL50-C1
etag: "5377ddd838ff80d7df9813497ea34c95"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
content-length: 235398
x-amz-cf-id: YyeoeSwxYLVnuZau4qgMP-xWvlEvc1vpDvITMVhyaDK4mNhPrNrENQ==

POST
H2 204 /
vtrk.doubleverify.com/ 0
177 B 186ms
54ms Ping
text/plain 44.212.189.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-pq&v=1&ctx=unknown&cmp=unknown&cid=918c007d-5e0e-464a-a876-dabacaf029c4&z=930279753984&cd105=mode&cd160=73de1228-69db-4d9f-a9e2-539b54e931d2&cd161=https%3A%2F%2Fnow.us%2Fplay%2Fdra%2F51076%2Fimposter&cd50=upt&cd51=559289c&cd180=no-entry
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.212.189.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-189-64.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: https://now.us
date: Fri, 05 May 2023 17:42:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 widget.js Show response
static.vidazoo.com/basev/wgt/atlas/1.0.0/ 8 KB
4 KB 101ms
32ms XHR
application/javascript 2606:4700::6812:46d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/wgt/atlas/1.0.0/widget.js
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806871840e6f25ca20d436193756a82379c3a890f45204b437c18d490179ca31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:27 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: T226AAA4AT6RJGDZ
age: 84644
x-amz-server-side-encryption: AES256
content-length: 2929
x-amz-id-2: asUm4TF7HyGP90JjoesObaukLjO+eqqqj8K8unlRFsgjg+nG0GquZfRBOD/KUs13c0D4kn8owQ0=
last-modified: Tue, 20 Dec 2022 17:15:37 GMT
server: cloudflare
etag: "18a2e7c88969e623660290d4fd8280fe"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c2ac7b359bee157-ORD
access-control-allow-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires: Sat, 06 May 2023 17:42:27 GMT

GET
H2 200 pixel;r=2081059862;source=choice;rf=0;a=p-mw9xJtqPQGFbC;url=https%3A%2F%2Fnow.us%2Fplay%2Fdra%2F51076%2Fimposter;uht=2;fpan=1;fpa=P0-747140388-1683308546600;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-2023032...
pixel.quantserve.com/ 35 B
371 B 44ms
43ms Image
image/gif 2620:116:800b:21:4cb8:1820:80ca:50f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2081059862;source=choice;rf=0;a=p-mw9xJtqPQGFbC;url=https%3A%2F%2Fnow.us%2Fplay%2Fdra%2F51076%2Fimposter;uht=2;fpan=1;fpa=P0-747140388-1683308546600;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;us_privacy=1---;ref=;d=now.us;dst=0;et=1683308546743;tzo=0;ogl=locale.en_US%2Ctitle.Imposter%2Cdescription.Play%20instantly%20in%20browser%20with%20now%252Egg%2Curl.%2Csite_name.DRA%2Cimage%3Asecure_url.https%3A%2F%2Fcdn%252Enow%252Egg%2Fapps-content%2Fcom%252Enowgg%252Eh5%252Epub483%252Eapp51076%2Fogimage%2Fimposter%252Ejp%2Cimage%3Awidth.1482%2Cimage%3Aheight.486%2Cimage%3Atype.image%2Fjpeg;ses=bd842428-a653-49d5-a2b8-d59fcebb32cb

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:42:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET main.min.js
html5.api.gamedistribution.com/ Frame 6E5F 0
0

GET
H2 200 geo Show response
geo-location.prebid.cloud/v1/ 91 B
463 B 46ms
46ms Fetch
application/json 2600:9000:25c8:4000:1f:b62c:41c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geo-location.prebid.cloud/v1/geo

Requested by

Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:4000:1f:b62c:41c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6e672b6431bc95b905eb534e7a8429c4fe120d839f7caa7a18dfddd6df4865cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept: application/json
Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:31:30 GMT
via: 1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 22257
x-amzn-requestid: f5a77c37-4484-44e4-993c-0c0071faf0c9
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: Ecla3HqOoAMFdNw=
content-length: 91
x-amz-cf-id: LAIworl_60GzKokMSOddEEMGr25DVZl_oLAB61Nk9cGKwskq7XhYXQ==
alt-svc: h3=":443"; ma=86400

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
255 B 150ms
150ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:27 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: oCKQ55Jn8QelVwSKIcOh0c7HHCKXidHt7J-P7yNbNu0IJq1uGKx01A==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 39ms
38ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d1ag38bbwvwx1z.cloudfront.net
URL: https://d1ag38bbwvwx1z.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 May 2023 17:42:27 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 93ms
39ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://now.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 05 May 2023 17:42:27 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 proxyLogo.1825607a.svg
now.us/6/play/_next/static/media/ 9 KB
4 KB 46ms
45ms Image
image/svg+xml 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.us/6/play/_next/static/media/proxyLogo.1825607a.svg

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-63.phl51.r.cloudfront.net

Software

Resource Hash

ce8a047522a9ca9709c446f307a87a3c67945c9e2e4f2047a8786ac1230c59c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/play/dra/51076/imposter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 10:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 27333
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 May 2023 08:01:45 GMT
etag: W/"2429-187eaee6628"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: K5ea2bjLavCJyhyOct_x1s7r1VLzrB44_HNL_JK-RtvmnNiSLRuy0A==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 41ms
40ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: now.us
URL: https://now.us/play/dra/51076/imposter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://now.us/
Origin: https://now.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:13:16 GMT
x-content-type-options: nosniff
age: 602951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 18:13:16 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 227 KB
56 KB 145ms
52ms Script
application/javascript 18.238.8.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d1ag38bbwvwx1z.cloudfront.net
URL: https://d1ag38bbwvwx1z.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-8-230.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:30:47 GMT
content-encoding: gzip
via: 1.1 38ecebcaa39c8742da2b6336935bb446.cloudfront.net (CloudFront), 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 19:15:17 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, PHL51-P1
age: 701
x-amz-server-side-encryption: AES256
etag: W/"644915d59292b7496ff86a0d2c460fce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: byaFSjrO8vI_ubaITofs1WgxLlonv_4UJF1ReWvNkzeSS3xj3O6SWg==

POST
H2 200 reportEvent Show response
now.us/6/api/play/v1/ 20 B
255 B 178ms
177ms Fetch
application/json 18.238.4.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.us/6/api/play/v1/reportEvent
Requested by: Host: now.us
URL: https://now.us/6/play/_next/static/chunks/pages/_app-cd3a0183c8367461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-63.phl51.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://now.us/play/dra/51076/imposter
accept-language: en-US,en;q=0.9
x-ngg-fe-version: berlin-v1.9.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 05 May 2023 17:42:27 GMT
via: 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
content-length: 20
x-amz-cf-id: 5xOKQsce4ay1skZ-79orp5WDBvyyHpBERUGat2bBxeZlkrhy7pNupQ==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 8 KB
8 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 806871840e6f25ca20d436193756a82379c3a890f45204b437c18d490179ca31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 204 64346c1fdc1fa481362ede85 Show response
wserver.vidazoo.com/api/ 0
278 B 190ms
59ms XHR
text/plain 45.76.12.142
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://wserver.vidazoo.com/api/64346c1fdc1fa481362ede85?trace=NhO12G6RQOg0qWFS7PBQnIioVeRV1fHECcgdmY3sGAkA1dzEGIQZqYX9RVhNhIGoVaxQ%2BPi4DdgMyNyZSKUI%2BKBsOXRR1fGUHdwZifW0XUQM2Kj9SKxRoNy4LQxR7ZCZZLkcnNG1dVhA7NTYbZVc%2BPSAQdgM2KzYVfVAzPTwCHFMhIilAC1kxMCMkURI%2FI3ENM0QnNGNFVxUnNBZZIVkgMioKVR8jZGlRJlohNGNFQxo%2BNgVHMxRoJT0SVV11NjJFNFNwazsVRRR7ZDBTKRRoczwTUQU%2BJX1BLlIzKyAIHhI4K3EbZUMgPW1dEhkjMiNEYgUTdH0hFUMRKDxAaUMhdH0hQB02P3YFAVIgMGpVdkRmdmQBYgQUOCIXXwIjIyEVaxQhMj0CVR8ELylSZQxwYHlXAAlmdGMHZRpwOCEJVQMELylSZQxwYTdXEl11KSZDIkQBODUCEkt1d2UHd05rYX9FHFM7JypYMkJwa20OXhc%2BKDpDPhR%2BczwEQh47KhtSLlE6JW1dAUNndn8VKlcqBSASUxkHKTpZM0Vwa39LEhQ5JTxTInU%2FIm1dRAMiI38VMUEiJRkCQgI%2BKT0VfRRjf39JAUN1anFDLls3KyAJVVNtZBZDJBkHPyQJXwY5ZH8VM18%2FNDUIXhQYIDVEIkJwa38a
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.12.142 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.12.142.vultrusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: https://now.us
date: Fri, 05 May 2023 17:42:27 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 47ms
46ms XHR
application/json 18.238.8.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnow.us&pubid=763aebd8-5c09-4e7c-8035-dd824f7f190b
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-8-230.phl51.r.cloudfront.net
Software: Server /
Resource Hash: 761f5f59cb1cfe67bf77378e503dde4683fee19069120a643ea10e72ff489dcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:07 GMT
via: 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PHL51-P1
age: 1460
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://now.us
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1527
x-amz-cf-id: MZ_y5Flzs10KMjeG2E0gEUAuo9SNfoSxe3e1uVxZVBZOcqiFXoA0qg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 46ms
46ms XHR
application/json 18.238.8.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnow.us&pubid=763aebd8-5c09-4e7c-8035-dd824f7f190b
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-8-230.phl51.r.cloudfront.net
Software: Server /
Resource Hash: 761f5f59cb1cfe67bf77378e503dde4683fee19069120a643ea10e72ff489dcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:07 GMT
via: 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PHL51-P1
age: 1460
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://now.us
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1527
x-amz-cf-id: Tcg4iXVStjE_WXF1EaCkLf6Mw_tUIaIkbTWijPQJEPEb-QQkaxkgzQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 134ms
45ms XHR
application/javascript 18.238.8.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-8-230.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 22:15:28 GMT
x-amz-version-id: a.HbuOpmjkJB1GB8lMAKg2zkvv8bzRE7
content-encoding: gzip
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 70020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 22:07:52 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6IW3VqNDFO9AC-ojof2DcUjZWWZjBsIN2o2xtp8k9T__qp-HZJMLJg==

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 130ms
41ms Preflight 34.194.192.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.192.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-192-152.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://now.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 05 May 2023 17:42:27 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 178ms
50ms Script
application/javascript 23.206.46.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: d1ag38bbwvwx1z.cloudfront.net
URL: https://d1ag38bbwvwx1z.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.46.154 Englewood, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-46-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:27 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 05 May 2023 17:57:27 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 38 KB
12 KB 169ms
50ms Script
text/javascript 18.238.4.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: d1ag38bbwvwx1z.cloudfront.net
URL: https://d1ag38bbwvwx1z.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-43.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 00:35:04 GMT
content-encoding: gzip
via: 1.1 34db9bd11ebdbcc746e357ed5d665244.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:13:49 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 61644
x-amz-server-side-encryption: AES256
etag: W/"dc01f342ec44b3f8f5767d7b93fe1ac8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: m3kSMXdR1pI5WZvC1e5xfGNezyiVsDMpYUEwJY7brWPiRt421oVKRQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 166ms
63ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: d1ag38bbwvwx1z.cloudfront.net
URL: https://d1ag38bbwvwx1z.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:42:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: HG5YNFJ6M1DS8RTX
age: 2387
etag: W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7c2ac7b6182f1379-ATL
x-amz-id-2: ORIKSMuJCG2yAJBnKVTX30jGjaFW9hfDltaaM2RAoJdalu+fPKqO8CD0g4oF645uaSMwU+OQg1I=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
453 B 45ms
44ms XHR
text/plain 34.194.192.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.192.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-192-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 17:42:27 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 128ms
43ms Preflight 34.194.192.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.192.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-192-152.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://now.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 05 May 2023 17:42:27 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
453 B 44ms
44ms XHR
text/plain 34.194.192.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.192.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-192-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 17:42:27 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 extend Show response
bis1.vidazoo.com/event/ 0
171 B 144ms
44ms XHR
text/plain 159.223.150.68
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bis1.vidazoo.com/event/extend
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.150.68 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 17:42:27 GMT
access-control-allow-headers: *
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
526 B 195ms
93ms XHR
application/json 34.226.36.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.36.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-36-92.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2552e825a5581924a3bd0977a591f577e3bfd5d65319256fa9d4c2d291d7579a

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:42:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://now.us
cache-control: no-cache
x-server: 10.40.14.48
access-control-allow-credentials: true
content-length: 156
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
607 B 161ms
61ms XHR
application/json 34.226.36.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.36.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-36-92.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 17a4b9f884552f7df59b7ee73aa5faa4f3423b4aa5fe89ba32c80ce5cc514ccb

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:42:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://now.us
cache-control: no-cache
x-server: 10.40.37.85
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
393 B 373ms
124ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e4b290fd754a20ba9f3ad229bef597407c463f7e58c2739c066d59df6c2ad473

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://now.us
date: Fri, 05 May 2023 17:42:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
393 B 371ms
123ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

821dcbb3e4b34bc52de3be7a73666da640b70616b84a7872b19886ff1dbf693d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://now.us
date: Fri, 05 May 2023 17:42:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 1124.json Show response
id5-sync.com/g/v2/ 575 B
1 KB 362ms
120ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1124.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

d9859d4e4429846854733b338d825da7f51ba4047eb11ea46efa0ed7235725c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 May 2023 17:42:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://now.us
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST
H/1.1 200 1124.json Show response
id5-sync.com/g/v2/ 575 B
1 KB 362ms
121ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1124.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

ace9537cbd429ab4cd6e86e5db36ff9d65f8a98dd2a0464f6f1ab523823424c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://now.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 May 2023 17:42:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://now.us
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 72ms
71ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8VVPTD9ZTY&gtm=45je3530&_p=238191363&cid=1832284195.1683308547&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1683308546&sct=1&seg=0&dl=https%3A%2F%2Fnow.us%2Fplay%2Fdra%2F51076%2Fimposter&dt=Play%20Imposter%20Online&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VVPTD9ZTY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:42:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://now.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.now.us/	1970-01-20 21:11:08	Name: _ga_8VVPTD9ZTY Value: GS1.1.1683308546.1.0.1683308546.60.0.0
.now.us/	1970-01-20 21:11:08	Name: _ga Value: GA1.2.1832284195.1683308547
.now.us/	1970-01-20 11:36:34	Name: _gid Value: GA1.2.1833629628.1683308547
.now.us/	1970-01-20 11:35:08	Name: _gat_UA-187609514-1 Value: 1
now.us/	1970-01-20 11:45:13	Name: cw-test-20230221-audio-in-video Value: no-audio
.aditude.io/	1970-01-20 11:35:10	Name: __cf_bm Value: G2oJEFgt_bER6_xYgVOwukIRxtXnw7cVME3cYlP5Ld0-1683308546-0-AUe7gAtVc4vYr1gdXq6TK/wkaWxFwQoRBoCelq/wBBgYfkNmE5/PkIpQAdks/7lWiElNEfJjoC5npWsqaWEsDtA=
.quantserve.com/	1970-01-20 21:05:22	Name: mc Value: 64554003-0ac71-f50c4-806ca
.now.us/	1970-01-20 20:59:37	Name: __qca Value: P0-747140388-1683308546600
now.us/	1970-01-20 12:18:20	Name: _pbjs_userid_consent_data Value: 6683316680106290
.crwdcntrl.net/	1970-01-20 18:03:54	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 18:03:54	Name: _cc_id Value: f4354fe53126e7a4ce4b8c4a41de7a2d
.now.us/	1970-01-20 18:03:56	Name: _cc_id Value: f4354fe53126e7a4ce4b8c4a41de7a2d
.now.us/	1970-01-20 11:36:34	Name: panoramaId_expiry Value: 1683394947756
.id5-sync.com/	1970-01-20 13:44:44	Name: id5 Value: c6e66c9a-b405-7884-937c-0791ee4e1775#1683308548286#1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://netv2.now.gg/v3/playtoken Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
apis.cmp.quantcast.com
bcp.crwdcntrl.net
bis1.vidazoo.com
c.amazon-adsystem.com
cdn.id5-sync.com
cdn.now.gg
cdnjs.cloudflare.com
cmp.quantcast.com
d1ag38bbwvwx1z.cloudfront.net
dn0qt3r0xannq.cloudfront.net
edge.aditude.io
fonts.gstatic.com
geo-location.prebid.cloud
html5.api.gamedistribution.com
html5.gamedistribution.com
i.clean.gg
id5-sync.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
netv2.now.gg
now.us
pagead2.googlesyndication.com
pixel.quantserve.com
polyfill.io
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pub.doubleverify.com
rules.quantcount.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
static.vidazoo.com
stats.g.doubleclick.net
tags.crwdcntrl.net
vtrk.doubleverify.com
wserver.vidazoo.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
html5.api.gamedistribution.com
13.224.214.86
141.95.98.65
159.223.150.68
162.19.138.120
18.238.4.43
18.238.4.63
18.238.8.230
23.206.46.154
2600:1901:0:7a0b::
2600:9000:20ed:4400:1d:cf37:95c0:21
2600:9000:20ed:4800:f:194f:4700:93a1
2600:9000:25c8:4000:1f:b62c:41c0:93a1
2600:9000:25c8:4600:19:b6f1:d180:93a1
2600:9000:25c8:b000:5:4275:8dc0:93a1
2600:9000:25c8:be00:9:46dc:4700:93a1
2600:9000:25c8:dc00:6:44e3:f8c0:93a1
2606:4700:10::6816:3c77
2606:4700:10::ac43:266a
2606:4700::6811:190e
2606:4700::6812:46d
2606:4700::6812:a7e0
2607:f8b0:4004:c17::9d
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2008
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2002
2620:116:800b:21:4cb8:1820:80ca:50f7
2a04:4e42:c00::282
34.194.192.152
34.226.36.92
34.95.69.49
44.212.189.64
45.76.12.142
50.19.214.112
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a23ea34e3e5242887a3fe4082270f19cd0b16738948a77c2267105a63356e76
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
16cfeadab83b9390c2ea631ae3b88100efe920ec82dc7f2174f765e299c9b9de
17a4b9f884552f7df59b7ee73aa5faa4f3423b4aa5fe89ba32c80ce5cc514ccb
1ab084e2661589fcf21a39a1c43ef10c37e113f1db3961b2bc6b5f85da64d90f
1fdf6c1d7409adcae814585261f62394431e8d89438640aac3778f0f963cd4ec
20f70d60a7c26f446beaadf96aeb778bf5392dad9c5d564a44901d92b9a6bdf2
253dbb7cdf8b323dd7701b955a3557228e07163d34c34a09844928005b2107dd
2552e825a5581924a3bd0977a591f577e3bfd5d65319256fa9d4c2d291d7579a
25e09a3deac6564d833d63e9c76afa6e1b04095f450d9089db02b39b8c421d49
280bbbe6dd5a551ab7186c7be6ad7527b121445809ece0ceab49cae23666844b
29b930393d898c6d3ba784e3b991f3840032c55633c0a6249394f2ea66eb33e1
33b3790895475aaec08aaa446ad0581841544e6220c0908bb18b2ab7573ec04b
33b73cf702142d3ae7591608fc8bbc95cf002d49d13cd992bf03b7847b082707
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
3790ff5b1a600bc67eb655fcd83b8875038a89291e150075343633ba509f3b27
3f32c2d0f7b8e24b92d9fbb3648aa2ee8f2a305accb9546edec42ebbaf916e9b
438e008d835bff842a06e3c4302121c3f7c53143c2188d18e388e316c60907f9
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
474f34dea78c2cd09d8d55414388d425cd414bf41adcacdd028c361150f997a6
5201159aa25e08059259d443a2d494533e20c39f8ae1a033e4fe7882e6f9f29f
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
59898cd2af52c13278d67923c6c558224f62d1b800636ec9d59acf3bcf9d9b58
5c255adcec7c9ce3789a996f8cb3030cba243b3d4448e85fbbdb0239e8433b45
5e787aff6a40507afb8a15c7b2ab55449185458f71957ed7c40dcaae952ebeb4
6ab5a34423da443adf444abf5f00021f7aea8c97adada9b73a2a91b726ce74f1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e672b6431bc95b905eb534e7a8429c4fe120d839f7caa7a18dfddd6df4865cc
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
721de8524eefb8fc59e4fdd7920772f26e47229da24356c4706406898bbdc2c6
733935c04b0e470760543c7cae6c494f5f09f523c26fccbb0a2998071b7518d7
74e8ddc88d8b1398170d2d07a347e236b6e4cebd0f459febd8b000e22bc7dbc3
75d748cfa797ed3c711e1792b442fd3fefc1777b72247319fa6913b531265be1
761f5f59cb1cfe67bf77378e503dde4683fee19069120a643ea10e72ff489dcb
76b79a8db565a952f3bbabb5e7860a08d85f5895e9cfea76a1ea62749dafccae
7871265d48a73d823e56d6925815a3c296ca4a685ea8e7a65a4d2231bf235633
790daa089eded306a650619207f9db589e8e86d78133eb9b58f9ef4c9d6e6828
7c4f01ac2971de41d1c796be54959bbacc5894fddc3da461e6e30baa9961ba14
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
806871840e6f25ca20d436193756a82379c3a890f45204b437c18d490179ca31
814859f48c6806b65df6a86bd91f311556b242d99f78de210e8168104acb1432
821dcbb3e4b34bc52de3be7a73666da640b70616b84a7872b19886ff1dbf693d
8649f3a6b7a7ca8b6827f23f755683e65ca9ec5871535bd3ec67580702798b72
87fe0a2fc1275fbb45884c8fb8506289e59dd07a4b119006159220bf66d47579
88ed1e6f07b3f2e94a489289b1e45e6bbb496d67471d8b6a079e027314ba2a10
9119c961dfee089cb60e25c3e34bf72141c1029260f9f1729cf3c56876a5e3ec
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95a4506a440e0c9375b5cf58b014bf1b439c25b46fd1b13518c15c24a8b89a2d
97176053c649685f1c749f627ae67ffc536bf2cdce3d2f58c3cca869886d5e1b
99c9c4fc866c2dac4d22455419b417c158b570d22fba6be4fe79e23486348693
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3e833b076d7d3fed9aa933fee96fce3c86f38e77acf0724f0d78f9ffc1f3093
a94246c0ce6bd502c1e8091be9113bed66a1c017b71f5eee5c199bd62fb2fdbb
a9eadcfd34ab82af313e70caa8fee71cdd4abe308c3df7fe24e21b82dc5f2c3c
ab3c32122fdf5189c1ae4d8479766e19318a5f55da0b244200f8f52e9c76890d
ace9537cbd429ab4cd6e86e5db36ff9d65f8a98dd2a0464f6f1ab523823424c6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa8b592172c7922ba8ca72cf62b0fb9ff2920271b5fb412d028325b1e28d65b
b35312e2086c57f555ef3e4ef8c8f336b29d18178114956262561cbb625966ac
b35a386e6bd2e2878a761740af9afbd344b6a3ae934940ad4ccc80f905d2c88a
b465f41ac2e0a5386449a85e95e7fdcb29a4fb2d24af6eb452531b6922450fc5
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264
b4a1bb124ab42cfc2971f8663c51d3f32bfba548e329c1aa5836ef9184c71db7
bbb8a67264227895ac4ef5d15b4b12b129dfe89787f76ff12f04c2eb03dbe2bc
bd6ceb57716d738e3a7012f8ac79b5f4ae967bec1dbd71fa33e5254f1e17d49a
c21986abb2d3520843a11ff8938f519e071c426ef1050da052a33fa24d2b4e3e
c89967177dd64c81fe904177809465a5ade8676b48a66d3187a8266579ac7484
c9c94e4d858eefb74403b07663bd667a7db49ba71adb4db2b13b79a90f9204cf
ce8a047522a9ca9709c446f307a87a3c67945c9e2e4f2047a8786ac1230c59c8
d6b682beae6aa439394462d9e603c01b46359c79dfb370543f09f8be34fcbd89
d7697dc5ab4f8af0cd5225fd0ec49bbbfe72ede46c9d20d04cd5e117f4bcec9f
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d832bde8ef6a9274fa93f2afea9e9866496600e2fb91d8b71543cf115f008725
d9859d4e4429846854733b338d825da7f51ba4047eb11ea46efa0ed7235725c4
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b290fd754a20ba9f3ad229bef597407c463f7e58c2739c066d59df6c2ad473
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8c8b440c29432131e918c0084a90a7a4f471ee1e619f678f94fd5543f1c5995
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
fca970e379ea0c0d2aca05506e906a4dd475a4acf7f8767187c84d71c2014322

now.us Open in urlscan Pro 18.238.4.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

99 %HTTPS

63 %IPv6

29 Domains

40 Subdomains

39 IPs

2 Countries

4059 kBTransfer

7967 kBSize

14 Cookies

0 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

now.us Open in urlscan Pro
18.238.4.63 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

99 %
HTTPS

63 %
IPv6

29
Domains

40
Subdomains

39
IPs

2
Countries

4059 kB
Transfer

7967 kB
Size

14
Cookies

110 HTTP transactions
2 data transactions