oktyabrskyorsk.orb.sudrf.ru Open in urlscan Pro
79.133.87.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://oktyabrskyorsk.orb.sudrf.ru/
Submission: On February 17 via api (February 17th 2021, 12:40:31 pm UTC) from RU

Summary HTTP 350 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 36 domains to perform 350 HTTP transactions. The main IP is 79.133.87.8, located in Russian Federation and belongs to ROSTELECOM-AS, RU. The main domain is oktyabrskyorsk.orb.sudrf.ru.

This is the only time oktyabrskyorsk.orb.sudrf.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	79.133.87.8 79.133.87.8	12389 (ROSTELECO...) (ROSTELECOM-AS)
1 6	2a02:6b8::173 2a02:6b8::173	13238 (YANDEX) (YANDEX)
1	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
5	2001:978:2:2c... 2001:978:2:2c::172:d	174 (COGENT-174) (COGENT-174)
4 7	2600:3c02:1::... 2600:3c02:1::2d4f:f40e	63949 (LINODE-AP...) (LINODE-AP Linode)
15	45.79.244.12 45.79.244.12	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	198.134.116.18 198.134.116.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	65.9.58.8 65.9.58.8	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
4	5.143.224.43 5.143.224.43	201907 (SPUTNIK) (SPUTNIK)
12	2a04:4e42:1b:... 2a04:4e42:1b::729	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
85	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba39	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	65.9.91.169 65.9.91.169	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:8600:1a:f2c5:bfc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	18.197.237.28 18.197.237.28	16509 (AMAZON-02) (AMAZON-02)
1 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1 14	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
9	2600:9000:212... 2600:9000:2127:3000:e:a106:a680:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
3	52.76.22.239 52.76.22.239	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.149.11 18.195.149.11	16509 (AMAZON-02) (AMAZON-02)
3	52.76.37.30 52.76.37.30	16509 (AMAZON-02) (AMAZON-02)
1 1	34.197.15.189 34.197.15.189	14618 (AMAZON-AES) (AMAZON-AES)
24	2a02:6ea0:c70... 2a02:6ea0:c700::3	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
350	42

37 79.133.87.8 (Russian Federation)

ASN12389 (ROSTELECOM-AS, RU)
PTR: sudrf.ru

oktyabrskyorsk.orb.sudrf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.sudrf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.sudrf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::173 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

api-maps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:978:2:2c::172:d (United States)

ASN174 (COGENT-174, US)

www.openstreetmap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:3c02:1::2d4f:f40e (United States) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

87joojin3fb.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
parking2.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 45.79.244.12 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.18 (Grapevine, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.junmediadirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.58.8 (United States)

ASN16509 (AMAZON-02, US)

t.adating.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.aslnk.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.143.224.43 (Russian Federation)

ASN201907 (SPUTNIK, RU)

stat.sputnik.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:1b::729 (United States)

ASN54113 (FASTLY, US)

tile.openstreetmap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00::210:ba39 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.91.169 (United States)

ASN16509 (AMAZON-02, US)

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:8600:1a:f2c5:bfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

hdrbd.ivstracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.237.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-237-28.eu-central-1.compute.amazonaws.com

ivxplayer.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2127:3000:e:a106:a680:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Alexandria, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ac0f126b590141b9b50fcf1fcffb3b37.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2304d494e1ffc5737ec8ac47d45199a5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

512603063efb978512386277d3be6264.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

ckstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.76.22.239 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-22-239.ap-southeast-1.compute.amazonaws.com

a.ivstracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.149.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com

a.vfgtg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.76.37.30 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

r.ivstracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.15.189 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

secure.cmvrclicks000.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6ea0:c700::3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

hello.fuckbook.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	akamaized.net img-s-msn-com.akamaized.net	704 KB
37	sudrf.ru oktyabrskyorsk.orb.sudrf.ru files.sudrf.ru counter.sudrf.ru	374 KB
30	googlesyndication.com ac0f126b590141b9b50fcf1fcffb3b37.safeframe.googlesyndication.com tpc.googlesyndication.com 512603063efb978512386277d3be6264.safeframe.googlesyndication.com 2304d494e1ffc5737ec8ac47d45199a5.safeframe.googlesyndication.com pagead2.googlesyndication.com	102 KB
24	fuckbook.tv hello.fuckbook.tv	168 KB
20	yandex.ru 2 redirects api-maps.yandex.ru mc.yandex.ru	19 KB
19	ivideosmart.com player.ivideosmart.com ivxplayer.ivideosmart.com r.ivideosmart.com	165 KB
17	openstreetmap.org www.openstreetmap.org tile.openstreetmap.org	291 KB
15	doubleclick.net securepubads.g.doubleclick.net	389 KB
15	simcast.com simcast.com	76 KB
9	ivstracker.net hdrbd.ivstracker.net a.ivstracker.net r.ivstracker.net	264 KB
7	googleapis.com imasdk.googleapis.com fonts.googleapis.com	903 KB
6	googletagservices.com www.googletagservices.com	182 KB
6	cloudflare.com cdnjs.cloudflare.com	11 KB
6	google-analytics.com www.google-analytics.com	93 KB
5	google.com adservice.google.com www.google.com	2 KB
4	spotxchange.com 1 redirects sync.search.spotxchange.com	2 KB
4	onesignal.com cdn.onesignal.com	12 KB
4	sputnik.ru stat.sputnik.ru	5 KB
4	87joojin3fb.ru 4 redirects 87joojin3fb.ru	1 KB
3	aralego.com sync.aralego.com	798 B
3	2mdn.net s0.2mdn.net	32 KB
3	jsdelivr.net cdn.jsdelivr.net	146 KB
3	aralego.net cdn.aralego.net	3 KB
3	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	122 KB
3	parklogic.com parking2.parklogic.com	666 B
3	jquery.com code.jquery.com	90 KB
3	googletagmanager.com www.googletagmanager.com	157 KB
2	vfgtg.com 2 redirects a.vfgtg.com	2 KB
2	ckstatic.com ckstatic.com	14 KB
2	google.pl adservice.google.pl	338 B
1	cmvrclicks000.com 1 redirects secure.cmvrclicks000.com	2 KB
1	aslnk.link s.aslnk.link	2 KB
1	adating.link t.adating.link	2 KB
1	junmediadirect.com 1 redirects click.junmediadirect.com	221 B
1	yastatic.net yastatic.net	662 KB
0	pubmatic.com Failed vpaid.pubmatic.com Failed
350	36

	Domain	Requested by
85	img-s-msn-com.akamaized.net	simcast.com
27	oktyabrskyorsk.orb.sudrf.ru	oktyabrskyorsk.orb.sudrf.ru
24	hello.fuckbook.tv	s.aslnk.link hello.fuckbook.tv
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
15	securepubads.g.doubleclick.net	simcast.com securepubads.g.doubleclick.net oktyabrskyorsk.orb.sudrf.ru www.googletagservices.com
15	simcast.com	oktyabrskyorsk.orb.sudrf.ru simcast.com code.jquery.com
14	mc.yandex.ru	1 redirects simcast.com cdn.jsdelivr.net
12	tile.openstreetmap.org	oktyabrskyorsk.orb.sudrf.ru
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com oktyabrskyorsk.orb.sudrf.ru
9	r.ivideosmart.com	player.ivideosmart.com
9	player.ivideosmart.com	simcast.com player.ivideosmart.com
9	files.sudrf.ru	oktyabrskyorsk.orb.sudrf.ru
6	www.googletagservices.com	securepubads.g.doubleclick.net
6	imasdk.googleapis.com	player.ivideosmart.com imasdk.googleapis.com
6	cdnjs.cloudflare.com	simcast.com
6	www.google-analytics.com	oktyabrskyorsk.orb.sudrf.ru www.google-analytics.com hello.fuckbook.tv
6	api-maps.yandex.ru	1 redirects oktyabrskyorsk.orb.sudrf.ru
5	www.openstreetmap.org	oktyabrskyorsk.orb.sudrf.ru www.openstreetmap.org
4	sync.search.spotxchange.com	1 redirects simcast.com player.ivideosmart.com
4	cdn.onesignal.com	simcast.com hello.fuckbook.tv
4	stat.sputnik.ru	oktyabrskyorsk.orb.sudrf.ru stat.sputnik.ru
4	87joojin3fb.ru	4 redirects
3	r.ivstracker.net	simcast.com
3	a.ivstracker.net	imasdk.googleapis.com
3	sync.aralego.com	cdn.aralego.net
3	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
3	s0.2mdn.net	imasdk.googleapis.com
3	cdn.jsdelivr.net	player.ivideosmart.com
3	cdn.aralego.net	player.ivideosmart.com
3	hdrbd.ivstracker.net	player.ivideosmart.com
3	d2wy8f7a9ursnm.cloudfront.net	player.ivideosmart.com
3	parking2.parklogic.com	simcast.com
3	code.jquery.com	simcast.com
3	www.googletagmanager.com	simcast.com
2	a.vfgtg.com	2 redirects
2	ckstatic.com	t.adating.link s.aslnk.link
2	www.google.com	securepubads.g.doubleclick.net
2	adservice.google.pl	securepubads.g.doubleclick.net
1	fonts.googleapis.com	hello.fuckbook.tv
1	secure.cmvrclicks000.com	1 redirects
1	s.aslnk.link	t.adating.link
1	2304d494e1ffc5737ec8ac47d45199a5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	512603063efb978512386277d3be6264.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ac0f126b590141b9b50fcf1fcffb3b37.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ivxplayer.ivideosmart.com	player.ivideosmart.com
1	counter.sudrf.ru	oktyabrskyorsk.orb.sudrf.ru
1	t.adating.link	oktyabrskyorsk.orb.sudrf.ru
1	click.junmediadirect.com	1 redirects
1	yastatic.net	api-maps.yandex.ru
0	vpaid.pubmatic.com Failed	imasdk.googleapis.com
350	50

This site contains links to these domains. Also see Links.

Domain
ej.sudrf.ru
oblsud--orb.sudrf.ru
orskok1.kodms.ru
orskok2.kodms.ru
orskok3.kodms.ru
orskok4.kodms.ru
orskok5.kodms.ru
www.vsrf.ru
www.ssrf.ru
www.echr.coe.int
http
www.scli.ru
sudrf.ru
www.openstreetmap.org

Subject Issuer	Validity	Valid
api-maps.yandex.ru Yandex CA	`2020-10-01` - `2021-03-30`	6 months	crt.sh
*.sudrf.ru GeoTrust RSA CA 2018	`2019-12-26` - `2021-03-26`	a year	crt.sh
*.yastatic.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
www.openstreetmap.org R3	`2021-01-12` - `2021-04-12`	3 months	crt.sh
*.simcast.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-29` - `2021-08-28`	2 years	crt.sh
*.ajrkm.link Amazon	`2020-07-29` - `2021-08-29`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
osff2.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-10` - `2021-12-04`	10 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.parklogic.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-01` - `2022-01-01`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
player-objects.ivideosmart.com R3	`2021-01-29` - `2021-04-29`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.ivstracker.net Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.ivideosmart.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-05-29`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
ckstatic.com R3	`2021-02-01` - `2021-05-02`	3 months	crt.sh
1443267757.rsc.cdn77.org R3	`2021-01-07` - `2021-04-07`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://oktyabrskyorsk.orb.sudrf.ru/
Frame ID: 4EDBDBBD403D9943F599AD2DCF4F5F58
Requests: 49 HTTP requests in this frame

Frame: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
Frame ID: 377EA826BC760DEB71FEEA2A9744381C
Requests: 17 HTTP requests in this frame

Frame: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Frame ID: 5E912C04C15AAF31D1320A5E576DE7F1
Requests: 66 HTTP requests in this frame

Frame: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Frame ID: 12B3A8B9EFF3F1F78644849CD1DFA3E7
Requests: 66 HTTP requests in this frame

Frame: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Frame ID: 889C0E92BE6E5A45915F7264FD5198FE
Requests: 71 HTTP requests in this frame

Frame: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Frame ID: A655B9C16DFBD4ABFFB315EB9D2F4B26
Requests: 31 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 3D5EF6EFAF10F5B8A986FFCACB0905D4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
Frame ID: 97771A681BE73421A1A94CC351090671
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 69B45AF476730B4930295BBFE43FE2FD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: E37419F2542C6D1204A4A1D39F03E899
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5s2VBxZ5u-kGtrSsLRYLtf57CHh4ZoVebf_sxuvwZcUlWuTIM6QgVQlwc8tOJdzoCLG23HwGYPRDACd9snp4nByaV5jz6MTcNq9sIGM_ErhV8WAxq1cp-S7TMTF9k8EJwpvKMsFFLMNxWyeJTCqpumRWOqSlrh0P0z_AztQuYG74Fvuixl-ACUKnSExdbIpyWMLbmHb3DnkeWY-F6XYIcaX4BjqoH_rBruZOAx1K1yFKPgjH2ghHmr1mMWfBt1kFE1v0A3XI_RaNuRcgN0Ro2uNHygsJ-ybYrVRxR8W1fRg&sig=Cg0ArKJSzAl8P4LFGHhDEAE&adurl=
Frame ID: E9E107447241B52A532B33E11A4E85C8
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
Frame ID: 7E2F517428A7C48D96188874192D9889
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
Frame ID: 9049CF3F47EB5A5F8284B866F1A66324
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCjuaBo_XPTiYBnr_XRD4yFH9cdZPDto276PtgF3SZFIHJhJIucLmAijm3tylXVvUIy8cuNB0p7ZN_wAP0b_0vrIF_KVHVk7wdHQ9MRybeLkO36q0Kabpm_RJo9bAIJZRAGfhaBMqGEVMl6C1MqsCcCz3i56YxUq0o0mGSpQL2tOxj8-pPiCtO8kDwNYbPL7y7yod20Y9MF294QJHFsRvqu6PWEc0puNVsd217BTQyIB6iKKOUaPGaXlq8hun3bA9xBvWNUZwTqqI-Pk6kVftMnjYCk07ElX6xWQfHAvU01w&sig=Cg0ArKJSzDISllM6bNy5EAE&adurl=
Frame ID: A7A010BC7E5FB4C86FF866DFF8E6E9D3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrdmE-1B_YjiixlyHerL-CtEvthMBp3nAZplcrQ2_atPMNBTHHtMRMrKHt5woHJv6UfIXtE_6iQrHMSBJfDZlT23QwtU1VDus0-O_KWD8xTZgzi8vU8e3LrMNYjhM6VsQGjLqyt3R1y7hic9YSfLl2RO6v-WIZgLKQMGuWuVXFZX7bUGABbm3IAqm53rfQjbVu7t6baidrRmhig8DYJRY_epiY9eV7wZJq6NL1uknA0cU5NAaqGzoy8xjwwb_70LZLutWv0k2YInJjdFbWUBCPZWskOTX71ybYWw8M6hTPgQ&sig=Cg0ArKJSzLy_ARoSy_qIEAE&adurl=
Frame ID: 1F062439A3CD7487FE7598E69E65DEC3
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 645F6D92D46CABC408F6E1205271C580
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4FB1C8B451CD37626E721E341474D5A1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: B01EE1DCB67BE7C1E58AF49BF9760D2A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

350
Requests

86 %
HTTPS

66 %
IPv6

36
Domains

50
Subdomains

42
IPs

5
Countries

4991 kB
Transfer

13499 kB
Size

0
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://ej.sudrf.ru/
Title: Подача процессуальных документов в электронном виде

Search URL Search Domain Scan URL

URL: https://ej.sudrf.ru/?fromOa=56RS0026
Title: Подача процессуальных документов в электронном виде

Search URL Search Domain Scan URL

URL: http://oblsud--orb.sudrf.ru/modules.php?name=sud_delo
Title: Апелляция (кассация)

Search URL Search Domain Scan URL

URL: http://orskok1.kodms.ru/
Title: СУДЕБНЫЙ УЧАСТОК № 1

Search URL Search Domain Scan URL

URL: http://orskok2.kodms.ru/
Title: СУДЕБНЫЙ УЧАСТОК № 2

Search URL Search Domain Scan URL

URL: http://orskok3.kodms.ru/
Title: СУДЕБНЫЙ УЧАСТОК № 3

Search URL Search Domain Scan URL

URL: http://orskok4.kodms.ru/
Title: СУДЕБНЫЙ УЧАСТОК № 4

Search URL Search Domain Scan URL

URL: http://orskok5.kodms.ru/
Title: СУДЕБНЫЙ УЧАСТОК № 5

Search URL Search Domain Scan URL

URL: http://www.vsrf.ru/

Search URL Search Domain Scan URL

URL: http://www.ssrf.ru/

Search URL Search Domain Scan URL

URL: http://www.echr.coe.int/Pages/home.aspx?p=home

Search URL Search Domain Scan URL

URL: http://http//www.scli.ru:8080/

Search URL Search Domain Scan URL

URL: http://www.scli.ru/

Search URL Search Domain Scan URL

URL: http://sudrf.ru/

Search URL Search Domain Scan URL

URL: http://www.openstreetmap.org/?lat=51.238745&lon=58.46924&zoom=15&layers=M&mlat=51.23853&mlon=58.46806
Title: Посмотреть более крупную карту

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://api-maps.yandex.ru/2.1/?lang=ru_RU&coordorder=longlat HTTP 301
https://api-maps.yandex.ru/2.1/?lang=ru_RU&coordorder=longlat

Request Chain 33

http://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806 HTTP 307
https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806

Request Chain 34

http://87joojin3fb.ru/f.html HTTP 302
https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Request Chain 35

http://87joojin3fb.ru/f.html HTTP 302
https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Request Chain 36

http://87joojin3fb.ru/f.html HTTP 302
https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Request Chain 37

http://87joojin3fb.ru/f.html HTTP 302
http://click.junmediadirect.com/click?i=1VBMPT*tySA_0 HTTP 302
https://t.adating.link/165604/3785/22391?aff_sub=265753.87joojin3fb.ru&bo=2753,2754,2755,2756

Request Chain 43

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 196

https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1 HTTP 302
https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=46888508-711d-11eb-926f-11372f1a4306

Request Chain 202

https://mc.yandex.ru/watch/49007009?wmode=7&page-url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&page-ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1036648165935%3Ahid%3A1046632448%3Az%3A60%3Ai%3A20210217134011%3Aet%3A1613565612%3Ac%3A1%3Arn%3A355644421%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1613565609370%3Ads%3A0%2C439%2C283%2C2%2C739%2C0%2C%2C504%2C0%2C%2C%2C%2C1973%3Adsn%3A0%2C438%2C284%2C1%2C739%2C0%2C%2C509%2C0%2C%2C%2C%2C1972%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal. HTTP 302
https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&page-ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1036648165935%3Ahid%3A1046632448%3Az%3A60%3Ai%3A20210217134011%3Aet%3A1613565612%3Ac%3A1%3Arn%3A355644421%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1613565609370%3Ads%3A0%2C439%2C283%2C2%2C739%2C0%2C%2C504%2C0%2C%2C%2C%2C1973%3Adsn%3A0%2C438%2C284%2C1%2C739%2C0%2C%2C509%2C0%2C%2C%2C%2C1972%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Request Chain 286

https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=265753.87joojin3fb.ru;&affiliateID=44542&source=102ff7bf1348b985603e219533283d&subID2=165604&s2=102ff7bf1348b985603e219533283d&s3=265753.87joojin3fb.ru;&s4=165604&url=1&Target=Pops&affsub=265753.87joojin3fb.ru&affsource= HTTP 302
https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=265753.87joojin3fb.ru%3B&affiliateID=44542&source=102ff7bf1348b985603e219533283d&subID2=165604&Target=Pops&Site=&Bnr=&cid=whus72hato8io4j5idu4sio8&email= HTTP 302
https://s.aslnk.link/m2nogm54ld/44542/4284/?aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&aff_sub3=whus72hato8io4j5i649i93i&source=102ff7bf1348b985603e219533283d&bo=2753,2754,2755,2756

Request Chain 306

https://secure.cmvrclicks000.com/track/NzU3LjI1MTg4My4xMzEuNDMwLjAuMC4wLjAuMC4wLjAuMA?_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604 HTTP 302
https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604

350 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
oktyabrskyorsk.orb.sudrf.ru/ 129 KB
15 KB 206ms
163ms Document
text/html 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 46006f2ffc8a8e86f64f3e649244c7870ce4909fea3bf95af5c4c7bbd4ae0d30

Request headers

Host: oktyabrskyorsk.orb.sudrf.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Wed, 17 Feb 2021 12:40:08 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Wed, 03 Feb 2021 07:26:05 GMT
Content-Encoding: gzip
Set-Cookie: f5avrbbbbbbbbbbbbbbbb=GMCPEBPLAFIEEPANLFBMHAFICHGGJPOHNBJBHOEOOLJDGLJGHKEGPGBHBEFAHKLLNOJOKMBPHLGCIKDHFAPIAKGCNIEKBCGLEHKBJBMEBPKPNLFMJGHOMOJHOFMLPAOF; HttpOnly

GET
H/1.1 200
OK style.css
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/ 78 KB
19 KB 185ms
158ms Stylesheet
text/css 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 9b35fd5662b947c0f4171e7151a3ec0dfeae870f1e0b4965618b6a8925f328dd

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2015 15:04:52 GMT
Server: nginx
ETag: W/"55269514-1365b"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK modules.css
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/ 19 KB
5 KB 198ms
171ms Stylesheet
text/css 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/modules.css
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 0c6373801647c3563d7c191c2b7fac05d3bf649fb6b7f74de58f4f8949fe096e

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Nov 2019 20:29:20 GMT
Server: nginx
ETag: W/"5dc9c4a0-4ae1"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-ui.css
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/ 30 KB
6 KB 175ms
148ms Stylesheet
text/css 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/jquery-ui.css
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: a1807749421289c879874aa8e2dde5d217a8a6c8a058b1e5338cdefbb94c4b47

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-791e"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.ui.tabs.css
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/ 1 KB
867 B 188ms
161ms Stylesheet
text/css 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/jquery.ui.tabs.css
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: cbcbfdfd326b9a628dcf5af943a7ea8fa9bccc0d7733e4cabd94da561179bfe5

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-516"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 91 KB
32 KB 214ms
94ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/jquery-1.10.2.min.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-16b88"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 7 KB
3 KB 283ms
94ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/jquery-migrate-1.2.1.min.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-1c1f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.watch.min.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 744 B
1010 B 289ms
97ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/jquery.watch.min.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 1b4e2df224973caa007d063d6307f921ef0f1acb2abe15b5b8b89772feaae29e

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-2e8"
Content-Type: application/javascript; charset=windows-1251
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 744

GET
H/1.1 200
OK date-picker.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 13 KB
4 KB 322ms
89ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/date-picker.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: d6f1b7cd2dbf678557a2ff3d6a942fea98bfb3f635004a7f7f2b6afbc59b9c72

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-3426"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-ui.min.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 223 KB
59 KB 377ms
108ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/jquery-ui.min.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-37aed"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.ui.datepicker-ru.min.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 815 B
1 KB 376ms
94ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/jquery.ui.datepicker-ru.min.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 8c13e72184c194fdadb746292c1da357a26c320b53b5a8708ce4d758de79e514

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-32f"
Content-Type: application/javascript; charset=windows-1251
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 815

GET
H/1.1 200
OK jquery.cookie.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 3 KB
2 KB 377ms
91ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/jquery.cookie.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Apr 2015 13:37:05 GMT
Server: nginx
ETag: W/"55252f01-c44"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/fancybox2/ 23 KB
9 KB 383ms
95ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/fancybox2/jquery.fancybox.pack.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 5512f400cac3fbb1fdfbb02989ed098f88a2af5a6e4ba3d88a039bc421ea7ffe

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-5a93"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.fancybox.css
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/fancybox2/ 5 KB
2 KB 190ms
164ms Stylesheet
text/css 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/fancybox2/jquery.fancybox.css
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 82af2a0ae337f1d9f253987bc2ef24e798e381e20a934dd6772580ddd6872db1

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-12ff"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 16 KB
5 KB 401ms
89ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/main.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 066178ab43861f58cdd20a1035d8f65ebf9e45d5e8e9e6ceed149c106b1fd7eb

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Apr 2018 15:11:37 GMT
Server: nginx
ETag: W/"5ace25a9-3e5c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

/ Show response
api-maps.yandex.ru/2.1/
Redirect Chain

http://api-maps.yandex.ru/2.1/?lang=ru_RU&coordorder=longlat
https://api-maps.yandex.ru/2.1/?lang=ru_RU&coordorder=longlat

35 KB
13 KB

159ms
62ms

Script
application/javascript

2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1/?lang=ru_RU&coordorder=longlat

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

e16b9ef2ff7cd185ece5bcc1ac32782c99b665eb78c080ad4779e4c7658256b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-qloud-router: myt2-8529967f8c08.qloud-c.yandex.net
Vary: Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-LIGHTTPD-LOCALE: ru_RU
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Wed, 17 Feb 2021 12:40:08 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Content-Type: text/html
Location: https://api-maps.yandex.ru/2.1/?lang=ru_RU&coordorder=longlat
Connection: keep-alive
Keep-Alive: timeout=120
Content-Length: 178

GET
H/1.1 200
OK info_show.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 672 B
938 B 406ms
85ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/info_show.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 8e9fd910d2acb98470b5aaf583adeb2c33ab8096642d5ced54ba0eba4f42fde2

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-2a0"
Content-Type: application/javascript; charset=windows-1251
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 672

GET
H/1.1 200
OK xmlhttp.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 2 KB
1 KB 470ms
93ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/xmlhttp.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 8f8c0a1cf01bf7eb996724d52c767e1070ce22afeb9714c7b492b0a774f41455

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: W/"55195b7b-72f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK gerb_rf.png
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/ 18 KB
18 KB 110ms
110ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/gerb_rf.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 30fbdc3bcdb5d192dcb0794f38c72c163d833e3e6a26825bfe888dbae78d1c67

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Wed, 19 Apr 2017 18:22:19 GMT
Server: nginx
ETag: "58f7aadb-4697"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18071

GET
H/1.1 200
OK ya_map.js Show response
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ 3 KB
2 KB 99ms
98ms Script
application/javascript 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/JS/ya_map.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 5f85bc052b616b40afea5aa9404ce191962eac638513c89da22e899606df4df5

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Nov 2015 16:52:41 GMT
Server: nginx
ETag: W/"565c7ed9-a6a"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK print.css
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/ 1 KB
734 B 102ms
101ms Stylesheet
text/css 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/print.css
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 4833fc7ef5957c380151e29736138277f85e045c5be897580f7a12eda78006a6

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 17:25:25 GMT
Server: nginx
ETag: W/"601c2e05-470"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK SMS1.jpg
files.sudrf.ru/1617/user/ 92 KB
92 KB 216ms
187ms Image
image/jpeg 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.sudrf.ru/1617/user/SMS1.jpg
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 885e79609a907cfddf8dc37e809b60cc648427de8b98e39cebc7d64ff1be9228

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Fri, 08 Apr 2016 06:46:09 GMT
Server: nginx
ETag: "570753b1-16f94"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94100

GET
H/1.1 200
OK Dostupno_o_prave.png
files.sudrf.ru/1540/user/ 18 KB
18 KB 400ms
97ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sudrf.ru/1540/user/Dostupno_o_prave.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 1b52454404fe1806a4e8078acce90cabaa099cac0fa80566a01ee298df173622

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Fri, 10 Mar 2017 09:21:34 GMT
Server: nginx
ETag: "58c2701e-47b2"
Transfer-Encoding: chunked
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK kremlin.JPG
files.sudrf.ru/1617/user/ 2 KB
2 KB 208ms
180ms Image
image/jpeg 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.sudrf.ru/1617/user/kremlin.JPG
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: f83388a16342353f3d72874143cfe959f369a5ea0fb674c7c982b1625f0a8d5f

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Fri, 08 Apr 2016 07:09:11 GMT
Server: nginx
ETag: "57075917-817"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2071

GET
H/1.1 200
OK KSRF.JPG
files.sudrf.ru/1617/user/ 2 KB
3 KB 218ms
189ms Image
image/jpeg 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.sudrf.ru/1617/user/KSRF.JPG
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 64176276a4a18bf622c5bfc5be0336a187be4d16a0e2017a26a4bc8d1dd5589f

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Fri, 08 Apr 2016 07:12:53 GMT
Server: nginx
ETag: "570759f5-969"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2409

GET
H/1.1 200
OK vsrf.JPG
files.sudrf.ru/1617/user/ 2 KB
2 KB 212ms
184ms Image
image/jpeg 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.sudrf.ru/1617/user/vsrf.JPG
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 80692cd2f93edd12ffef00a9ce19b1f31d4eb711da2f4d3e045d2a5ed406ce02

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Fri, 08 Apr 2016 07:14:13 GMT
Server: nginx
ETag: "57075a45-791"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1937

GET
H/1.1 200
OK SSRF1.jpg
files.sudrf.ru/1617/user/ 4 KB
4 KB 218ms
190ms Image
image/jpeg 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.sudrf.ru/1617/user/SSRF1.jpg
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: c783873ff47a4267dfce638b7ec12c7d540338941c3780691cf2128a2a098ad4

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Fri, 08 Apr 2016 07:16:50 GMT
Server: nginx
ETag: "57075ae2-fec"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4076

GET
H/1.1 200
OK EuropSud.jpg
files.sudrf.ru/1617/user/ 5 KB
5 KB 212ms
184ms Image
image/jpeg 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.sudrf.ru/1617/user/EuropSud.jpg
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 5029ef4d789762960d2a7a147360b9aedf3a25b2d5fe423fa36891a16aa9ae56

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Thu, 20 Oct 2016 10:46:00 GMT
Server: nginx
ETag: "5808a068-1463"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5219

GET
H/1.1 200
OK logo.jpg
files.sudrf.ru/1617/user/ 34 KB
34 KB 92ms
92ms Image
image/jpeg 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.sudrf.ru/1617/user/logo.jpg
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 8380896772684889c455700d8f48d4e64eefffd68aefc759e149d19c52024178

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Fri, 08 Apr 2016 07:24:03 GMT
Server: nginx
ETag: "57075c93-8740"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34624

GET
H/1.1 200
OK portal1.jpg
files.sudrf.ru/1617/user/ 8 KB
8 KB 101ms
101ms Image
image/jpeg 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.sudrf.ru/1617/user/portal1.jpg
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: e86fd19ce6330e2e00d7ea818d3c7497c18cdd53ea4bf6400e525fbf1e104d47

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Fri, 08 Apr 2016 07:15:33 GMT
Server: nginx
ETag: "57075a95-1f4e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8014

GET
H2 200 full-ffb813a29f30feadb63b5654242d042b7b6a91aa.js Show response
yastatic.net/s3/front-maps-static/front-jsapi-v2-1/2.1.78-7/build/release/ 3 MB
662 KB 170ms
82ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/front-maps-static/front-jsapi-v2-1/2.1.78-7/build/release/full-ffb813a29f30feadb63b5654242d042b7b6a91aa.js

Requested by

Host: api-maps.yandex.ru
URL: http://api-maps.yandex.ru/2.1/?lang=ru_RU&coordorder=longlat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

785f875b00c33e9b5372d7ada25ba6200bd430db1f01a58eb3ff8eb3c31e7257

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:09 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 11:24:54 GMT
server: nginx/1.17.9
etag: W/"cbb078bbf4fdbb78535caeaa47bd2917"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 17 Feb 2022 18:25:39 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 7e942d8fb4e25cbf

GET
H/1.1 200
OK header-bg.png
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/ 7 KB
7 KB 102ms
101ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/header-bg.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 63605aeb9a71eccfa62508f9d1c7ddd645bba6a6894ce9cd182501e73b4d4411

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-1cd6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7382

GET
H/1.1 200
OK rc.png
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/ 2 KB
2 KB 103ms
103ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/rc.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/modules.css
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 248abff25ccc2999d056cb76cda6a00b811f7859a0eb06bdb5cf680d28fbf2d4

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/modules.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-67f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1663

GET
H/1.1 200
OK lc.png
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/ 2 KB
2 KB 93ms
93ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/lc.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/modules.css
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 3d40816de353cfeccf46dc8b4ea80d2801cecff89e3f37dd95b4d473ea68d030

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/modules.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-625"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1573

GET
H2

200

embed.html Show response
www.openstreetmap.org/export/ Frame 377E
Redirect Chain

http://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806

445 B
621 B

62ms
19ms

Document
text/html

2001:978:2:2c::172:d
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

f1f3fd9aa5d2f2ecb632ad80ec2f1ba327594d36088e6f26a56f811db239db50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: www.openstreetmap.org
:scheme: https
:path: /export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://oktyabrskyorsk.orb.sudrf.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://oktyabrskyorsk.orb.sudrf.ru/

Response headers

date: Wed, 17 Feb 2021 12:40:09 GMT
server: Apache/2.4.41 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
last-modified: Tue, 16 Feb 2021 21:43:52 GMT
etag: "1bd-5bb7aff9f4993-gzip"
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 24 Feb 2021 12:40:09 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8

Redirect headers

Location: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

Cookie set / Show response
simcast.com/ Frame 5E91
Redirect Chain

http://87joojin3fb.ru/f.html
https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

41 KB
8 KB

918ms
425ms

Document
text/html

45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 61e9ac4901c4b6384636090bc8f501f266d400cd2074a9ffc11045ca5c7c68c4

Request headers

Host: simcast.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://oktyabrskyorsk.orb.sudrf.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://oktyabrskyorsk.orb.sudrf.ru/

Response headers

Date: Wed, 17 Feb 2021 12:40:10 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=uf1esaajp21g1462icgag3s7r9; expires=Thu, 18-Feb-2021 12:40:10 GMT; Max-Age=86400; path=/
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7607
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By: PHP/5.5.38
Location: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Cookie set / Show response
simcast.com/ Frame 12B3
Redirect Chain

http://87joojin3fb.ru/f.html
https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

41 KB
8 KB

746ms
304ms

Document
text/html

45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 61e9ac4901c4b6384636090bc8f501f266d400cd2074a9ffc11045ca5c7c68c4

Request headers

Host: simcast.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://oktyabrskyorsk.orb.sudrf.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://oktyabrskyorsk.orb.sudrf.ru/

Response headers

Date: Wed, 17 Feb 2021 12:40:10 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=hekcv0vi3abo8drasi8jgo8je5; expires=Thu, 18-Feb-2021 12:40:10 GMT; Max-Age=86400; path=/
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7607
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By: PHP/5.5.38
Location: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Cookie set / Show response
simcast.com/ Frame 889C
Redirect Chain

http://87joojin3fb.ru/f.html
https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

41 KB
8 KB

722ms
283ms

Document
text/html

45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 61e9ac4901c4b6384636090bc8f501f266d400cd2074a9ffc11045ca5c7c68c4

Request headers

Host: simcast.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://oktyabrskyorsk.orb.sudrf.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://oktyabrskyorsk.orb.sudrf.ru/

Response headers

Date: Wed, 17 Feb 2021 12:40:10 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=h2ble9vfqi9sb3k12b8s8qs70e; expires=Thu, 18-Feb-2021 12:40:10 GMT; Max-Age=86400; path=/
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7607
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By: PHP/5.5.38
Location: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2

200

22391 Show response
t.adating.link/165604/3785/ Frame A655
Redirect Chain

http://87joojin3fb.ru/f.html
http://click.junmediadirect.com/click?i=1VBMPT*tySA_0
https://t.adating.link/165604/3785/22391?aff_sub=265753.87joojin3fb.ru&bo=2753,2754,2755,2756

2 KB
2 KB

1602ms
1458ms

Document
text/html

65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adating.link/165604/3785/22391?aff_sub=265753.87joojin3fb.ru&bo=2753,2754,2755,2756

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fe36091ff384e62412789ec0e25e0686bd6f50aa7e23f07446f9600f9f977b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: t.adating.link
:scheme: https
:path: /165604/3785/22391?aff_sub=265753.87joojin3fb.ru&bo=2753,2754,2755,2756
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://oktyabrskyorsk.orb.sudrf.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://oktyabrskyorsk.orb.sudrf.ru/

Response headers

content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Wed, 17 Feb 2021 12:40:12 GMT
set-cookie: aff_ran_url_3785=22391; Path=/; Expires=Thu, 18 Feb 2021 12:40:12 GMT; Secure enc_aff_session_3785=ENC0392c787fb17f8b912e72d97c0de5f625b7b4362beb3164ae0893da0c1e8029ee664ede5882ae59583463f4866234327457cb2289bcc58655b71352d4921be126cba4be5bd3237eed914726dd67bf153ec7f14fc3e9296c252628c6bc6cbe471e170465c05ab7f60b69727bcb2312ad3e0025f9580530303a28069cd49553ea0ed41ebd5d35bc573aead77ba2a7870a2c49ec513d4b94d80d5183d61d773dfcdeaf2989fe607598b2c559ead6413bb248aa351d2a061dcc24953030ebfe5ea206504bcf55c; Path=/; Expires=Fri, 17 Feb 2023 12:40:12 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Fri, 12 Jan 2024 23:20:12 GMT; Secure
tracking_id: 102ff7bf1348b985603e219533283d
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: FR43bZYzAaANxcq4RVN_IpPvV-HU6AlVOT83hTrviG3LNp2sJc2J1A==

Redirect headers

Connection: keep-alive
Cache-Control: no-store
Location: https://t.adating.link/165604/3785/22391?aff_sub=265753.87joojin3fb.ru&bo=2753,2754,2755,2756
Content-Length: 0
Pragma: no-cache
Age: 0

GET
H/1.1 200
OK blink.png
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/ 75 B
304 B 96ms
95ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/blink.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: bc6174c58f3b03eaf9a7d956dd3562e785e1189ea23dd71a6cf7c6f0e8d8c8b7

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-4b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75

GET
H/1.1 200
OK icon.png
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/ 2 KB
3 KB 136ms
106ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/icon.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 23f04f552b78a8607328f002e73650b6bd9f9daf4bb458ba571ecfef950e56dc

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-9fa"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2554

GET
H/1.1 200
OK assist_ver.png
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/ 1 KB
1 KB 123ms
101ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/assist_ver.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/modules.css
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 08ce8f55a5e0e44c091aecc3072861afe3a0770d1160d43e53305a9d29bd367c

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/modules.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-4fd"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1277

GET
H/1.1 200
OK menu-sep_vertical.png
oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/ 70 B
299 B 130ms
115ms Image
image/png 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/img/menu-sep_vertical.png
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: 066955d722c79000b012be811aa1a1b2cc5b7205c5228a70886e6b959e53e976

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/themes/mobile/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 30 Mar 2015 14:19:39 GMT
Server: nginx
ETag: "55195b7b-46"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70

GET
H/1.1 200
OK cnt.php
counter.sudrf.ru/ 3 KB
3 KB 236ms
198ms Image
image/gif 79.133.87.8
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.sudrf.ru/cnt.php?ssid=56RS0026&show=1&ref=&pg=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&wh=1600x1200&rnd=0.7802868707390309
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 79.133.87.8 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS: sudrf.ru
Software: nginx /
Resource Hash: b11f7164b878d9d39c5f9dd97a22e3bf2f8bd338543400f78711d878ed5bbe8a

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
19 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6773
date: Wed, 17 Feb 2021 10:47:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Feb 2021 12:47:16 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK cnt.js Show response
stat.sputnik.ru/ 7 KB
3 KB 180ms
154ms Script
application/javascript 5.143.224.43
SPUTNIK

General

Check archive.org

Show headers Download Go to

Full URL: http://stat.sputnik.ru/cnt.js
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 5.143.224.43 , Russian Federation, ASN201907 (SPUTNIK, RU),
Reverse DNS
Software: nginx /
Resource Hash: fafe7427fe35ca6019feaa1503ca63fac2b266c39cde179ff57b277d0c872cbc

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Dec 2018 12:45:06 GMT
Server: nginx
ETag: "5c20d4d2-bb3"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: max-age=3600
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 2995
Expires: Wed, 17 Feb 2021 13:40:09 GMT

GET
H2 200 embed-3bc695f160cd85c274c263ac12ae2a2fe41eb7d00a33e49d4ffad209dcd1196c.css
www.openstreetmap.org/assets/ Frame 377E 10 KB
3 KB 58ms
19ms Stylesheet
text/css 2001:978:2:2c::172:d
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://www.openstreetmap.org/assets/embed-3bc695f160cd85c274c263ac12ae2a2fe41eb7d00a33e49d4ffad209dcd1196c.css

Requested by

Host: www.openstreetmap.org
URL: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

96a72659a5c7711afb54369e2dcb9e1568bc720022a7dff6cd0d86a99f3fc982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:09 GMT
content-encoding: gzip
server: Apache/2.4.41 (Ubuntu)
etag: "a07"
expect-ct: max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
vary: Accept-encoding
content-type: text/css
cache-control: immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2567
expires: Thu, 17 Feb 2022 12:40:09 GMT

GET
H2 200 embed-f0f32f2f1928d8da7d9c17bb07d0e797d6f74a48da45e8549873a943d50d85aa.js Show response
www.openstreetmap.org/assets/ Frame 377E 175 KB
48 KB 59ms
20ms Script
text/javascript 2001:978:2:2c::172:d
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://www.openstreetmap.org/assets/embed-f0f32f2f1928d8da7d9c17bb07d0e797d6f74a48da45e8549873a943d50d85aa.js

Requested by

Host: www.openstreetmap.org
URL: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

6be976f68ea8f7910100178760a6be09f7a85a35bec4ceb610569007b288e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:09 GMT
content-encoding: gzip
server: Apache/2.4.41 (Ubuntu)
etag: "be35"
expect-ct: max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
vary: Accept-encoding
content-type: text/javascript
cache-control: immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 48693
expires: Thu, 17 Feb 2022 12:40:09 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
76 B 14ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1167223879&t=pageview&_s=1&dl=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&ul=en-us&de=windows-1251&dt=%D0%9E%D0%BA%D1%82%D1%8F%D0%B1%D1%80%D1%8C%D1%81%D0%BA%D0%B8%D0%B9%20%D1%80%D0%B0%D0%B9%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D1%83%D0%B4%20%D0%B3.%D0%9E%D1%80%D1%81%D0%BA%D0%B0%20%D0%9E%D1%80%D0%B5%D0%BD%D0%B1%D1%83%D1%80%D0%B3%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1553012342&gjid=963166784&cid=1420187437.1613565609&tid=UA-44077329-4&_gid=848400710.1613565609&_r=1&_slc=1&z=894399344

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://oktyabrskyorsk.orb.sudrf.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 21870.png
tile.openstreetmap.org/16/43411/ Frame 377E 19 KB
19 KB 32ms
12ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43411/21870.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

ef9dd6bfeb48deb6f5395365a97b5a6cb666437e09198c3186856c73554d7451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "dc286c254207efdbe91b7cfc63fc7d35"
age: 108278
x-cache: HIT
x-cache-hits: 1
content-length: 19078
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.638178,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: ysera.openstreetmap.org
cache-control: max-age=198714, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sat, 13 Feb 2021 12:08:30 GMT

GET
H2 200 21870.png
tile.openstreetmap.org/16/43412/ Frame 377E 20 KB
21 KB 40ms
20ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43412/21870.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

87d2a93397e4ef70cd8aa7bd0bcbe63a537278b7c2da6d5c8101c9f287b4ea07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "872d48b3f4f5986666b60b41c23843fd"
age: 199635
x-cache: HIT
x-cache-hits: 1
content-length: 20925
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.638210,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=76635, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Thu, 04 Feb 2021 22:51:17 GMT

GET
H2 200 21869.png
tile.openstreetmap.org/16/43411/ Frame 377E 22 KB
23 KB 40ms
21ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43411/21869.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

bcdfa7f53c57a13941486b881e750d732dddd86be44fd16054b293635fc6bcdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "174caf5f5a8d4cbec6c31ea891810dd1"
age: 123009
x-cache: HIT
x-cache-hits: 1
content-length: 22908
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.638174,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: ysera.openstreetmap.org
cache-control: max-age=282903, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Fri, 19 Feb 2021 09:05:03 GMT

GET
H2 200 21869.png
tile.openstreetmap.org/16/43412/ Frame 377E 21 KB
21 KB 31ms
12ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43412/21869.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

7f3f194ec57a8deba117d04f687b0610405aa3a691e293690868ecd21a53ad64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "110b6dccd4deb321ddc745c401fb7797"
age: 35085
x-cache: HIT
x-cache-hits: 1
content-length: 21194
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.638188,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=13507, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Thu, 21 Jan 2021 06:07:58 GMT

GET
H2 200 21871.png
tile.openstreetmap.org/16/43411/ Frame 377E 20 KB
20 KB 39ms
20ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43411/21871.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

c66b29890269ffbea3aedb6930f93a2da2150da70ebaf6a6a9294f8f9bc09086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "b6e4a138bc5eb177788651c3333fb615"
age: 92338
x-cache: HIT
x-cache-hits: 1
content-length: 19979
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.638233,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=22483, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Thu, 28 Jan 2021 06:16:32 GMT

GET
H2 200 21871.png
tile.openstreetmap.org/16/43412/ Frame 377E 20 KB
21 KB 31ms
12ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43412/21871.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

f9feefbc496011aee2106288dc88148e0af7e306cc8e0efc56a773a0bbac3375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "77e0c8bb5756239bfbfde2ceac4f5a53"
age: 253413
x-cache: HIT
x-cache-hits: 1
content-length: 20973
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.638213,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: ysera.openstreetmap.org
cache-control: max-age=216617, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sun, 14 Feb 2021 14:12:32 GMT

GET
H2 200 21870.png
tile.openstreetmap.org/16/43410/ Frame 377E 21 KB
21 KB 22ms
8ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43410/21870.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

1816d33079fc42ac6d0e24eb736e64ce38e0dfde23672d232edbd27b9eee62c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "f272eee0ffa88a970311258be32ea7af"
age: 64664
x-cache: HIT
x-cache-hits: 1
content-length: 21597
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.637877,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=13378, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Thu, 28 Jan 2021 03:44:47 GMT

GET
H2 200 21870.png
tile.openstreetmap.org/16/43413/ Frame 377E 18 KB
18 KB 21ms
7ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43413/21870.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

a78fd25e34139b8bc2e57b1c4b5605cae54e6757e729cfd60d944597189f261d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "31707452da6f5d7200875a6d350860cc"
age: 253410
x-cache: HIT
x-cache-hits: 1
content-length: 18382
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.637842,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=33466, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Tue, 02 Feb 2021 09:07:34 GMT

GET
H2 200 21869.png
tile.openstreetmap.org/16/43410/ Frame 377E 22 KB
22 KB 34ms
20ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43410/21869.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

0c55aac30ac48360d573d5c998f9f60412f898a18ac9ac64886d9d0e854f8979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "fdd2c24b999229c9774d80292b05cf00"
age: 123009
x-cache: HIT
x-cache-hits: 1
content-length: 22036
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.638250,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=160668, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Wed, 10 Feb 2021 22:03:49 GMT

GET
H2 200 21869.png
tile.openstreetmap.org/16/43413/ Frame 377E 16 KB
16 KB 27ms
13ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43413/21869.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

6be6dbd83a1d29f762151ebcccdfd5b260b06277051ec10ac92d4545a8fd1840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "ef690ba6495c788258b5be02f31b6a94"
age: 34509
x-cache: HIT
x-cache-hits: 1
content-length: 16134
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.637883,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: ysera.openstreetmap.org
cache-control: max-age=120421, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sun, 07 Feb 2021 20:44:24 GMT

GET
H2 200 21871.png
tile.openstreetmap.org/16/43410/ Frame 377E 17 KB
17 KB 33ms
19ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43410/21871.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

63c4118b2bc2d3b3da298a6bcefa57246f7969db2574cacc7a12ae7ab0036d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "e1d48e56b7a8ca961dbf7dc60e5d4cff"
age: 2646
x-cache: HIT
x-cache-hits: 1
content-length: 16925
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.638266,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=251097, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Wed, 17 Feb 2021 11:37:56 GMT

GET
H2 200 21871.png
tile.openstreetmap.org/16/43413/ Frame 377E 20 KB
20 KB 20ms
6ms Image
image/png 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tile.openstreetmap.org/16/43413/21871.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

59419b056537d451a62e0a356c0fbce98c42aaac1f066d3c54a1ef313e422334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "b02e9096500b2dae8676409d3aba9b6c"
age: 161137
x-cache: HIT
x-cache-hits: 1
content-length: 20151
x-served-by: cache-hhn4046-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1613565610.637737,VS0,VE1
date: Wed, 17 Feb 2021 12:40:09 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: rhaegal.openstreetmap.org
cache-control: max-age=270168, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Thu, 18 Feb 2021 18:57:20 GMT

GET
H2 200 marker-icon-3d253116ec4ba0e1f22a01cdf1ff7f120fa4d89a6cd0933d68f12951d19809b4.png
www.openstreetmap.org/assets/leaflet/dist/images/ Frame 377E 1 KB
1 KB 20ms
19ms Image
image/png 2001:978:2:2c::172:d
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.openstreetmap.org/assets/leaflet/dist/images/marker-icon-3d253116ec4ba0e1f22a01cdf1ff7f120fa4d89a6cd0933d68f12951d19809b4.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:09 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "5ba"
expect-ct: max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 1466
expires: Thu, 17 Feb 2022 12:40:09 GMT

GET
H2 200 marker-shadow-a2d94406ba198f61f68a71ed8f9f9c701122c0c33b775d990edceae4aece567f.png
www.openstreetmap.org/assets/leaflet/dist/images/ Frame 377E 618 B
659 B 20ms
19ms Image
image/png 2001:978:2:2c::172:d
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.openstreetmap.org/assets/leaflet/dist/images/marker-shadow-a2d94406ba198f61f68a71ed8f9f9c701122c0c33b775d990edceae4aece567f.png

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:978:2:2c::172:d , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.openstreetmap.org/export/embed.html?bbox=58.46616,51.23657,58.47232,51.24092&layer=mapnik&marker=51.23853,58.46806
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:09 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "26a"
expect-ct: max-age=0, report-uri="https://openstreetmap.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 618
expires: Thu, 17 Feb 2022 12:40:09 GMT

GET
H/1.1 200
OK conf Show response
stat.sputnik.ru/ 11 B
190 B 179ms
149ms XHR
application/json 5.143.224.43
SPUTNIK

General

Check archive.org

Show headers Download Go to

Full URL: http://stat.sputnik.ru/conf?host=oktyabrskyorsk.orb.sudrf.ru
Requested by: Host: stat.sputnik.ru
URL: http://stat.sputnik.ru/cnt.js
Protocol: HTTP/1.1
Server: 5.143.224.43 , Russian Federation, ASN201907 (SPUTNIK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 018551b6a5d0d1e2c4be92162162e7ee9ef34f0ab3b0315bb5c524e4b388b0d4

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 17 Feb 2021 12:40:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 11
Content-Type: application/json

GET
H/1.1 200
OK cnt
stat.sputnik.ru/ 43 B
508 B 152ms
152ms Image
image/gif 5.143.224.43
SPUTNIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stat.sputnik.ru/cnt?pg=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&r=&title=%D0%9E%D0%BA%D1%82%D1%8F%D0%B1%D1%80%D1%8C%D1%81%D0%BA%D0%B8%D0%B9%20%D1%80%D0%B0%D0%B9%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D1%83%D0%B4%20%D0%B3.%D0%9E%D1%80%D1%81%D0%BA%D0%B0%20%D0%9E%D1%80%D0%B5%D0%BD%D0%B1%D1%83%D1%80%D0%B3%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=-60&wh=1600x1200&px=24&h5=110111&psid=1613565609627&psdur=0&psh=1&bsid=1613565609626&bsdur=1&bsh=0&c=1&rn=0.8961976887103495
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Server: 5.143.224.43 , Russian Federation, ASN201907 (SPUTNIK, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:09 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK grab.cur
api-maps.yandex.ru/2.1.78/build/release/images/cursor/ 326 B
780 B 64ms
63ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.78/build/release/images/cursor/grab.cur
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:10 GMT
Last-Modified: Wed, 16 Dec 2020 11:25:05 GMT
Server: nginx
ETag: "5fd9ee91-146"
X-qloud-router: myt2-8529967f8c08.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK grabbing.cur
api-maps.yandex.ru/2.1.78/build/release/images/cursor/ 326 B
780 B 130ms
65ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.78/build/release/images/cursor/grabbing.cur
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:10 GMT
Last-Modified: Wed, 16 Dec 2020 11:25:05 GMT
Server: nginx
ETag: "5fd9ee91-146"
X-qloud-router: myt2-8529967f8c08.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK help.cur
api-maps.yandex.ru/2.1.78/build/release/images/cursor/ 326 B
780 B 146ms
59ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.78/build/release/images/cursor/help.cur
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:10 GMT
Last-Modified: Wed, 16 Dec 2020 11:25:05 GMT
Server: nginx
ETag: "5fd9ee91-146"
X-qloud-router: myt6-9ee6da382895.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK zoom_in.cur
api-maps.yandex.ru/2.1.78/build/release/images/cursor/ 326 B
780 B 149ms
53ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.78/build/release/images/cursor/zoom_in.cur
Requested by: Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:10 GMT
Last-Modified: Wed, 16 Dec 2020 11:25:05 GMT
Server: nginx
ETag: "5fd9ee91-146"
X-qloud-router: sas1-2054dff9b260.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 889C 136 KB
52 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPHB61BDSE

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60a3490fd1afcf46ff0867cd7e05085c36a9715cde9c158df780b656ff645685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53306
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:10 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 889C 86 KB
30 KB 23ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: https://simcast.com
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:10 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1613565610.dop231.fr8.t,1613565610.cds222.fr8.hc,1613565610.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ Frame 889C 13 KB
3 KB 427ms
143ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 25a2d0e7c65b61d3124956ae7e402b75c18c3cfd684f20bb813fb213aaa99786

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Sep 2020 05:07:42 GMT
Server: Apache/2.4.38 (Debian)
ETag: "34b2-5b06cc33c0380-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2950

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ Frame 889C 55 KB
12 KB 434ms
146ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 03:45:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "daa3-58d2345dc71c0-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 12209

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame 889C 9 KB
3 KB 36ms
13ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66109913f2822c41c56c88299701fab6e98eacd1c10c2934fc96843e5ce5aad9

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 985
etag: W/"3f9cea746e7c44bbeb5e95be9fce4a67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 622f934ebff01f15-FRA
cf-request-id: 08519a653000001f1533353000000001
expires: Sat, 20 Feb 2021 12:40:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 889C 56 KB
19 KB 162ms
54ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

60bfd02abedb2a031ba5dda484e6c137b9a7c4d821ddda623facc21fd0814b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "786 / 185 of 1000 / last-modified: 1613563980"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19416
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H/1.1 200
OK enhance.js Show response
parking2.parklogic.com/page/ Frame 889C 0
222 B 430ms
108ms Script
text/html 2600:3c02:1::2d4f:f40e
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=87joojin3fb.ru
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02:1::2d4f:f40e , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: close
X-Powered-By: PHP/5.5.38
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ Frame 889C 1 KB
2 KB 497ms
148ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Last-Modified: Wed, 26 Feb 2020 07:27:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "527-59f758988fec0"
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ Frame 889C 5 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 102650
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1399
cf-request-id: 08519a650b00002b12940fa000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WMLxCJs9R3j5eduCUAOs02%2FW78jcxwVSGiaybRvuDMoP4kwSpeY%2BC6Pw11sMIIA4SbsiM3RkGM2AYWtxlNP8KmJz3Aap9Vj8qvvbyfzEJ9Rraby9MMqHIx%2BSGSWWOKou2w%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 622f934e7e782b12-FRA
expires: Mon, 07 Feb 2022 12:40:11 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ Frame 889C 3 KB
2 KB 11ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 102650
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1541
cf-request-id: 08519a650f00002b12822c5000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fh6UOgIhRnj%2F52tRalJIOpRzmqomTTjl96ZNs3awEiarDGDhsGPjiCkw4qgtnbEH9gZBrwzzKysZNJz0Zxd3r6lbBKxgT9t0zm02spZliSoNBc%2Fx3RiqrfkSPVUsU9D5xg%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 622f934e7e832b12-FRA
expires: Mon, 07 Feb 2022 12:40:11 GMT

GET
H2 200 BB1dLenu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 106 KB
106 KB 65ms
23ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLenu.img?h=500&w=1000&x=500&y=250&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

65029cd6cc61b78a405703655d664539b6201b56f2ec2a205447a3a3c529d593

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLenu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 1969508
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431863
x-activityid: b9414160-4097-4a4d-9a26-de66a3981082
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLenu?h=500&w=1000&x=500&y=250&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 108280
expires: Mon, 22 Feb 2021 12:37:54 GMT

GET
H2 200 BB1dKkpm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 5 KB
5 KB 58ms
17ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKkpm.img?h=100&w=100&x=548.5&y=336&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b15a37cb040e2260d22cc829c0fba941bfcc80b189eed02a953bb109f1592090

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dKkpm
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 04:48:02 GMT
x-datacenter: northeu
x-source-length: 152931
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=403651
x-activityid: a00d1090-8413-4381-a1d4-d3c20ff0135f
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKkpm?h=100&w=100&x=548.5&y=336&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 4825
expires: Mon, 22 Feb 2021 04:47:42 GMT

GET
H2 200 AAywGC0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 18 KB
19 KB 52ms
11ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAywGC0
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 22:17:36 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18737
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=380183
x-activityid: a849e987-0ab2-4781-bd9a-b21fe6dcf8da
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0
content-length: 18737
expires: Sun, 21 Feb 2021 22:16:34 GMT

GET
H2 200 BB1dL17z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 62ms
21ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL17z.img?h=100&w=100&x=3852.5&y=1810.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6ff1c6b1f8ceeb0cbb7216b55f3749a33eb7f6e71957dc45a9460403a7cd8644

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL17z
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 10:18:54 GMT
x-datacenter: northeu
x-source-length: 574999
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=423592
x-activityid: 6ddb2412-68de-414c-a2c8-db768a25bcf3
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL17z?h=100&w=100&x=3852.5&y=1810.5&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2825
expires: Mon, 22 Feb 2021 10:20:03 GMT

GET
H2 200 BBNvr53.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 592 B
952 B 69ms
28ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba66f541fd81ac7c99d86bac4cf071c9f0000f408b7487afc1bd5e35e20b87fc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBNvr53
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 12:17:50 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 592
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=257914
x-activityid: 4a2bab8f-6a21-4028-be8a-f352b00126e0
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53
content-length: 592
expires: Sat, 20 Feb 2021 12:18:45 GMT

GET
H2 200 BB1dKBO4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 412ms
377ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKBO4.img?h=100&w=100&x=3852.5&y=1810.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ebdb4bdad1d806aabc46e250d161083ffe6d86257357a85ecf46a351e35b3cae

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dKBO4
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 787590
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431870
x-activityid: d92a300d-2df1-438f-909a-06c56b8c4cfd
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKBO4?h=100&w=100&x=3852.5&y=1810.5&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3151
expires: Mon, 22 Feb 2021 12:38:01 GMT

GET
H2 200 AABiyAn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 951 B
1 KB 21ms
17ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5677a0d4d9c566052cb2b4e67411461ad04d690c00c316b371ab759b1c29b145

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AABiyAn
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 18:13:11 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 951
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=365572
x-activityid: d1330d02-4a01-4784-a00e-7e1350f4ae3e
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn
content-length: 951
expires: Sun, 21 Feb 2021 18:13:03 GMT

GET
H2 200 BB1dK1fH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 4 KB
5 KB 23ms
19ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dK1fH.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

522be6e519408f7d56785f3e31bc8d050a32a5b79c8ec822dfcf3d8579f58215

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dK1fH
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 844955
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431264
x-activityid: f8488ed8-a764-4d5c-bad8-715257ec80ff
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dK1fH?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 4607
expires: Mon, 22 Feb 2021 12:27:55 GMT

GET
H2 200 BBAJ56P.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 18 KB
19 KB 14ms
10ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6d072dc01f4291909389823f0dd7ad7b7acf1d3a0b00da1dc84aee32e03bf5a7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBAJ56P
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Thu, 04 Feb 2021 00:11:07 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18777
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=113964
x-activityid: 7f1e1515-de99-4f0d-bc30-16fb2ddba0c3
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P
content-length: 18777
expires: Thu, 18 Feb 2021 20:19:35 GMT

GET
H2 200 BB1cSPkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 2 KB
3 KB 20ms
16ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cSPkn.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a54d736b8c7c9f30bc5549a0919456932835f7c48bc70e60770c819b90585cfc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cSPkn
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 41837
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431181
x-activityid: 6cfeb215-1e28-4f12-b579-be3b234c3fd4
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cSPkn?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2520
expires: Mon, 22 Feb 2021 12:26:32 GMT

GET
H2 200 BB1dLjb5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 23ms
19ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjb5.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d66b81539befc6fb2dae815908fbdf0ff8796727404e592eac2aa836b9018356

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLjb5
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 158544
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431326
x-activityid: 0c7c2b98-cd1c-40a7-af20-8e133708dca8
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjb5?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3136
expires: Mon, 22 Feb 2021 12:28:57 GMT

GET
H2 200 BB10dZNR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 1 KB
1 KB 21ms
16ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aa3dfa8bde9ad45690a9905401ac64cb44c1724db4d665fa4670de3190cb9886

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB10dZNR
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 09:56:15 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 1138
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=335764
x-activityid: 9cbd8586-b693-4681-9f6a-53ab832eb9eb
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR
content-length: 1138
expires: Sun, 21 Feb 2021 09:56:15 GMT

GET
H/1.1 200
OK loader.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ Frame 889C 9 KB
4 KB 49ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b75e40b5c122e8eea9eee5a98acd2494f116ae5c325a38bcf79e9d6b8ebc5c9

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR3-C2
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 3170
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 17 Feb 2021 03:50:19 GMT
Server: AmazonS3
ETag: W/"d8c6a6d4c19c8f80279090e942fa37a5"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: ScwABOIvViITQCZ9slvgP6jxmKHKL8miD53KHT2ZyrmyEHa7kHZg3w==

GET
H2 200 BB1dL3sg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 34ms
29ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL3sg.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d671fec43fda18d014d5c6072475c4c74fadb916db17303769920fcbf6ce5fa

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL3sg
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 140802
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431809
x-activityid: 81da22c9-062d-4234-b9f8-355db5840591
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL3sg?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2568
expires: Mon, 22 Feb 2021 12:37:00 GMT

GET
H2 200 BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 142 B
502 B 55ms
51ms Image
image/gif 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB18qTPD
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 16:26:52 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 142
x-frame-options: deny
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=272774
x-activityid: 80e631b6-1119-4373-8320-23c33e9090ab
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD
content-length: 142
expires: Sat, 20 Feb 2021 16:26:25 GMT

GET
H2 200 BB1dL6ww.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 28ms
24ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL6ww.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e7641e313e74d0615d6368032d41c791ab6ceef64705a2db52948c2f5205e9ac

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL6ww
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 59917
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431906
x-activityid: a1bdd762-6c60-418a-a17c-e951eb3c204d
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL6ww?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2618
expires: Mon, 22 Feb 2021 12:38:37 GMT

GET
H2 200 BB1dL7v4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 2 KB
2 KB 29ms
25ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL7v4.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9dd0c8abb83e7f24cd84b5342c2bec45e14e7999dc1582987b5295f7dca2efbb

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL7v4
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 73720
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431885
x-activityid: 471dc233-cdd0-4986-953f-e02ec757e17f
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL7v4?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2156
expires: Mon, 22 Feb 2021 12:38:16 GMT

GET
H2 200 BB1deJk0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 29ms
25ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1deJk0.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

45462ca58b2b14c8cd755fe8f073a5bc6272680ef0622c2934a2e8ba480daaab

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1deJk0
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 107426
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431892
x-activityid: 9afd1e26-2ee8-4617-aef5-d52763d6ec41
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1deJk0?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3125
expires: Mon, 22 Feb 2021 12:38:23 GMT

GET
H2 200 BB1dGUZu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 2 KB
3 KB 38ms
34ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGUZu.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

75189de31f58b2d7e9e7154f473c7e2115f419edb92a3cefbfd25c894858673f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dGUZu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 292323
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431859
x-activityid: 215355af-b118-482a-bc12-b9cdcb72aae8
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGUZu?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2188
expires: Mon, 22 Feb 2021 12:37:50 GMT

GET
H2 200 BB1dLehD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 2 KB
2 KB 681ms
677ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLehD.img?h=70&w=95&x=1369.5&y=578.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

58b848223d98c6dec8cdebff01def77b7b4fbb2cb866aaf9f14628d63eff7ca8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLehD
date: Wed, 17 Feb 2021 12:40:12 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 625398
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431921
x-activityid: 45c4c95f-2237-4792-948c-04fe408d8229
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLehD?h=70&w=95&x=1369.5&y=578.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 1957
expires: Mon, 22 Feb 2021 12:38:53 GMT

GET
H2 200 AA38A54.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 367 B
727 B 43ms
39ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a37a4a4ee2ef80af64c05dc78ba6015976287e181b86398407f468e902bddad

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AA38A54
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 05:42:32 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 367
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=320442
x-activityid: 3be7184f-7985-4bf6-b3f8-c1c30907d9c3
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54
content-length: 367
expires: Sun, 21 Feb 2021 05:40:53 GMT

GET
H2 200 BB1dL5e7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 40ms
37ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5e7.img?h=70&w=95&x=1369.5&y=578.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

62ff0b037ac7948642bc0749ef70716eb41c4e4c8f1b668c102a32580200bec8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL5e7
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 133479
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431924
x-activityid: 0b72b20b-dc0e-442b-80c9-c6dd688d97e7
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5e7?h=70&w=95&x=1369.5&y=578.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2854
expires: Mon, 22 Feb 2021 12:38:55 GMT

GET
H2 200 BB14LSTu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 4 KB
4 KB 57ms
53ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14LSTu.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c9982d600c46e6b6d7a634a92df5e6ef8a84157023bf6d6a45c4d23c0d182aa7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB14LSTu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Sat, 13 Feb 2021 11:49:45 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 4107
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=83354
x-activityid: d8135b22-07f2-42bb-aa4c-09f723a31979
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14LSTu
content-length: 4107
expires: Thu, 18 Feb 2021 11:49:25 GMT

GET
H2 200 BB1dLjjA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 3282ms
3278ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjjA.img?h=70&w=95&x=524.5&y=206&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3bc83f9c907d7ebbbff9cd6a3c7264087732f2b6aafd1af72354917b50752bd

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLjjA
date: Wed, 17 Feb 2021 12:40:14 GMT
last-modified: Wed, 17 Feb 2021 12:34:51 GMT
x-datacenter: northeu
x-source-length: 116197
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431684
x-activityid: 7da4b8b7-f55e-4eb2-840a-54ff0c140912
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjjA?h=70&w=95&x=524.5&y=206&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3079
expires: Mon, 22 Feb 2021 12:34:58 GMT

GET
H2 200 BB1dGxxm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 2 KB
3 KB 48ms
44ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGxxm.img?h=70&w=95&x=524.5&y=206&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

772904df9d55182098103a90a6b86e47523c3193b6f69b0cb92bf61dfacaba9b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dGxxm
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:34:51 GMT
x-datacenter: northeu
x-source-length: 54978
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431694
x-activityid: 113da83f-73ea-4560-af3b-4444ceae4d63
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGxxm?h=70&w=95&x=524.5&y=206&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2538
expires: Mon, 22 Feb 2021 12:35:05 GMT

GET
H2 200 BB1dL59N.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 3 KB
3 KB 39ms
35ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL59N.img?h=70&w=95&x=238&y=235&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

209a5227f46f1acd75de1f99fbf200087e5beb30fb69e22b74209d1b9cda9e43

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL59N
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:08 GMT
x-datacenter: northeu
x-source-length: 85423
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431271
x-activityid: 2e53c45f-8f69-4bd5-9754-66ae93b22d6e
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL59N?h=70&w=95&x=238&y=235&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2696
expires: Mon, 22 Feb 2021 12:28:02 GMT

GET
H2 200 BB1dL5pY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 2 KB
3 KB 43ms
39ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5pY.img?h=70&w=95&x=238&y=235&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cd67da33f9059d87720bc8f44b603b2df075976912d41d4dd85fa6386fd23d15

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL5pY
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 1174036
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431842
x-activityid: d27bac63-77ed-477d-9e60-02a9014151be
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5pY?h=70&w=95&x=238&y=235&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2329
expires: Mon, 22 Feb 2021 12:37:33 GMT

GET
H2 200 BBmJJQ7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 19 KB
19 KB 103ms
99ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBmJJQ7.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

263af8adfff945e13f719f75f5ceb3f076dc6d8ada3fae24228053065fb6718a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBmJJQ7
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 14:24:24 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18952
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=265536
x-activityid: dcf043d5-1b27-4396-9abb-822584285377
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBmJJQ7
content-length: 18952
expires: Sat, 20 Feb 2021 14:25:47 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 12B3 136 KB
52 KB 46ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPHB61BDSE

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60a3490fd1afcf46ff0867cd7e05085c36a9715cde9c158df780b656ff645685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53306
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:10 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 12B3 86 KB
30 KB 10ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: https://simcast.com
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:10 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1613565610.dop231.fr8.t,1613565610.cds222.fr8.hc,1613565610.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ Frame 12B3 13 KB
3 KB 434ms
147ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 25a2d0e7c65b61d3124956ae7e402b75c18c3cfd684f20bb813fb213aaa99786

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Sep 2020 05:07:42 GMT
Server: Apache/2.4.38 (Debian)
ETag: "34b2-5b06cc33c0380-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2950

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ Frame 12B3 55 KB
12 KB 444ms
151ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 03:45:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "daa3-58d2345dc71c0-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 12209

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame 12B3 9 KB
3 KB 30ms
8ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66109913f2822c41c56c88299701fab6e98eacd1c10c2934fc96843e5ce5aad9

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 985
etag: W/"3f9cea746e7c44bbeb5e95be9fce4a67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 622f934fd90b1f15-FRA
cf-request-id: 08519a65e300001f15960e1000000001
expires: Sat, 20 Feb 2021 12:40:11 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 12B3 56 KB
19 KB 117ms
67ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

60bfd02abedb2a031ba5dda484e6c137b9a7c4d821ddda623facc21fd0814b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "786 / 457 of 1000 / last-modified: 1613563980"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19416
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H/1.1 200
OK enhance.js Show response
parking2.parklogic.com/page/ Frame 12B3 0
222 B 433ms
114ms Script
text/html 2600:3c02:1::2d4f:f40e
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=87joojin3fb.ru
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02:1::2d4f:f40e , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: close
X-Powered-By: PHP/5.5.38
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ Frame 12B3 1 KB
2 KB 431ms
145ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Last-Modified: Wed, 26 Feb 2020 07:27:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "527-59f758988fec0"
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ Frame 12B3 5 KB
2 KB 15ms
10ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 102650
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1399
cf-request-id: 08519a65bb00002b12d0137000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=smTLRIkbVElCa7fZBarpeA0z7t8i4MceT3pARD5HwFZc94D5Hor2qZaKvHju4H98iABvMShoBIjPoNP%2FpONg2P96%2B5f1yZcCPqhHtEr6B7jRK4cEumo7TjWoBAIwu%2BR2ew%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 622f934f985d2b12-FRA
expires: Mon, 07 Feb 2022 12:40:11 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ Frame 12B3 3 KB
2 KB 13ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 102650
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1541
cf-request-id: 08519a65be00002b1294107000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cLF%2BwHUFK5w102XPicNIbckLH7zyTAvUeTEW2boj6mTk0lzfgNyekT6H601qBMasYTxzdLiWTPHoYj0vVuTHfKY%2FpXt71CBnO8%2BOx3ay0zxw%2FJAAysOhZMgrF%2Bd9JwKisA%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 622f934f98642b12-FRA
expires: Mon, 07 Feb 2022 12:40:11 GMT

GET
H2 200 BB1dLenu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 106 KB
106 KB 30ms
7ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLenu.img?h=500&w=1000&x=500&y=250&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

65029cd6cc61b78a405703655d664539b6201b56f2ec2a205447a3a3c529d593

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLenu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 1969508
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431863
x-activityid: b9414160-4097-4a4d-9a26-de66a3981082
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLenu?h=500&w=1000&x=500&y=250&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 108280
expires: Mon, 22 Feb 2021 12:37:54 GMT

GET
H2 200 BB1dKkpm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 5 KB
5 KB 31ms
8ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKkpm.img?h=100&w=100&x=548.5&y=336&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b15a37cb040e2260d22cc829c0fba941bfcc80b189eed02a953bb109f1592090

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dKkpm
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 04:48:02 GMT
x-datacenter: northeu
x-source-length: 152931
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=403651
x-activityid: a00d1090-8413-4381-a1d4-d3c20ff0135f
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKkpm?h=100&w=100&x=548.5&y=336&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 4825
expires: Mon, 22 Feb 2021 04:47:42 GMT

GET
H2 200 AAywGC0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 18 KB
19 KB 32ms
9ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAywGC0
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 22:17:36 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18737
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=380183
x-activityid: a849e987-0ab2-4781-bd9a-b21fe6dcf8da
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0
content-length: 18737
expires: Sun, 21 Feb 2021 22:16:34 GMT

GET
H2 200 BB1dL17z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 31ms
10ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL17z.img?h=100&w=100&x=3852.5&y=1810.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6ff1c6b1f8ceeb0cbb7216b55f3749a33eb7f6e71957dc45a9460403a7cd8644

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL17z
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 10:18:54 GMT
x-datacenter: northeu
x-source-length: 574999
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=423592
x-activityid: 6ddb2412-68de-414c-a2c8-db768a25bcf3
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL17z?h=100&w=100&x=3852.5&y=1810.5&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2825
expires: Mon, 22 Feb 2021 10:20:03 GMT

GET
H2 200 BBNvr53.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 592 B
952 B 33ms
12ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba66f541fd81ac7c99d86bac4cf071c9f0000f408b7487afc1bd5e35e20b87fc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBNvr53
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 12:17:50 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 592
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=257914
x-activityid: 4a2bab8f-6a21-4028-be8a-f352b00126e0
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53
content-length: 592
expires: Sat, 20 Feb 2021 12:18:45 GMT

GET
H2 200 BB1dKBO4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 3222ms
3207ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKBO4.img?h=100&w=100&x=3852.5&y=1810.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ebdb4bdad1d806aabc46e250d161083ffe6d86257357a85ecf46a351e35b3cae

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dKBO4
date: Wed, 17 Feb 2021 12:40:14 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 787590
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431849
x-activityid: d92a300d-2df1-438f-909a-06c56b8c4cfd
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKBO4?h=100&w=100&x=3852.5&y=1810.5&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3151
expires: Mon, 22 Feb 2021 12:37:43 GMT

GET
H2 200 AABiyAn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 951 B
1 KB 33ms
13ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5677a0d4d9c566052cb2b4e67411461ad04d690c00c316b371ab759b1c29b145

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AABiyAn
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 18:13:11 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 951
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=365572
x-activityid: d1330d02-4a01-4784-a00e-7e1350f4ae3e
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn
content-length: 951
expires: Sun, 21 Feb 2021 18:13:03 GMT

GET
H2 200 BB1dK1fH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 4 KB
5 KB 34ms
14ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dK1fH.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

522be6e519408f7d56785f3e31bc8d050a32a5b79c8ec822dfcf3d8579f58215

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dK1fH
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 844955
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431264
x-activityid: f8488ed8-a764-4d5c-bad8-715257ec80ff
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dK1fH?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 4607
expires: Mon, 22 Feb 2021 12:27:55 GMT

GET
H2 200 BBAJ56P.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 18 KB
19 KB 35ms
14ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6d072dc01f4291909389823f0dd7ad7b7acf1d3a0b00da1dc84aee32e03bf5a7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBAJ56P
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Thu, 04 Feb 2021 00:11:07 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18777
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=113964
x-activityid: 7f1e1515-de99-4f0d-bc30-16fb2ddba0c3
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P
content-length: 18777
expires: Thu, 18 Feb 2021 20:19:35 GMT

GET
H2 200 BB1cSPkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 2 KB
3 KB 36ms
16ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cSPkn.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a54d736b8c7c9f30bc5549a0919456932835f7c48bc70e60770c819b90585cfc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cSPkn
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 41837
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431181
x-activityid: 6cfeb215-1e28-4f12-b579-be3b234c3fd4
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cSPkn?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2520
expires: Mon, 22 Feb 2021 12:26:32 GMT

GET
H2 200 BB1dLjb5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 37ms
17ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjb5.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d66b81539befc6fb2dae815908fbdf0ff8796727404e592eac2aa836b9018356

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLjb5
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 158544
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431326
x-activityid: 0c7c2b98-cd1c-40a7-af20-8e133708dca8
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjb5?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3136
expires: Mon, 22 Feb 2021 12:28:57 GMT

GET
H2 200 BB10dZNR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 1 KB
1 KB 38ms
18ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aa3dfa8bde9ad45690a9905401ac64cb44c1724db4d665fa4670de3190cb9886

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB10dZNR
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 09:56:15 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 1138
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=335764
x-activityid: 9cbd8586-b693-4681-9f6a-53ab832eb9eb
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR
content-length: 1138
expires: Sun, 21 Feb 2021 09:56:15 GMT

GET
H/1.1 200
OK loader.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ Frame 12B3 9 KB
4 KB 14ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b75e40b5c122e8eea9eee5a98acd2494f116ae5c325a38bcf79e9d6b8ebc5c9

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR3-C2
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 3170
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 17 Feb 2021 03:50:19 GMT
Server: AmazonS3
ETag: W/"d8c6a6d4c19c8f80279090e942fa37a5"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: ScwABOIvViITQCZ9slvgP6jxmKHKL8miD53KHT2ZyrmyEHa7kHZg3w==

GET
H2 200 BB1dL3sg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 39ms
19ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL3sg.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d671fec43fda18d014d5c6072475c4c74fadb916db17303769920fcbf6ce5fa

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL3sg
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 140802
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431809
x-activityid: 81da22c9-062d-4234-b9f8-355db5840591
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL3sg?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2568
expires: Mon, 22 Feb 2021 12:37:00 GMT

GET
H2 200 BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 142 B
502 B 37ms
17ms Image
image/gif 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB18qTPD
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 16:26:52 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 142
x-frame-options: deny
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=272774
x-activityid: 80e631b6-1119-4373-8320-23c33e9090ab
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD
content-length: 142
expires: Sat, 20 Feb 2021 16:26:25 GMT

GET
H2 200 BB1dL6ww.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 40ms
21ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL6ww.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e7641e313e74d0615d6368032d41c791ab6ceef64705a2db52948c2f5205e9ac

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL6ww
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 59917
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431906
x-activityid: a1bdd762-6c60-418a-a17c-e951eb3c204d
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL6ww?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2618
expires: Mon, 22 Feb 2021 12:38:37 GMT

GET
H2 200 BB1dL7v4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 2 KB
2 KB 41ms
21ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL7v4.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9dd0c8abb83e7f24cd84b5342c2bec45e14e7999dc1582987b5295f7dca2efbb

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL7v4
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 73720
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431885
x-activityid: 471dc233-cdd0-4986-953f-e02ec757e17f
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL7v4?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2156
expires: Mon, 22 Feb 2021 12:38:16 GMT

GET
H2 200 BB1deJk0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 41ms
22ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1deJk0.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

45462ca58b2b14c8cd755fe8f073a5bc6272680ef0622c2934a2e8ba480daaab

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1deJk0
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 107426
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431892
x-activityid: 9afd1e26-2ee8-4617-aef5-d52763d6ec41
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1deJk0?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3125
expires: Mon, 22 Feb 2021 12:38:23 GMT

GET
H2 200 BB1dGUZu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 2 KB
3 KB 44ms
25ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGUZu.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

75189de31f58b2d7e9e7154f473c7e2115f419edb92a3cefbfd25c894858673f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dGUZu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 292323
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431859
x-activityid: 215355af-b118-482a-bc12-b9cdcb72aae8
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGUZu?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2188
expires: Mon, 22 Feb 2021 12:37:50 GMT

GET
H2 200 BB1dLehD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 2 KB
2 KB 3175ms
3163ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLehD.img?h=70&w=95&x=1369.5&y=578.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

58b848223d98c6dec8cdebff01def77b7b4fbb2cb866aaf9f14628d63eff7ca8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLehD
date: Wed, 17 Feb 2021 12:40:14 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 625398
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431871
x-activityid: 45c4c95f-2237-4792-948c-04fe408d8229
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLehD?h=70&w=95&x=1369.5&y=578.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 1957
expires: Mon, 22 Feb 2021 12:38:05 GMT

GET
H2 200 AA38A54.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 367 B
727 B 45ms
27ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a37a4a4ee2ef80af64c05dc78ba6015976287e181b86398407f468e902bddad

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AA38A54
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 05:42:32 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 367
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=320442
x-activityid: 3be7184f-7985-4bf6-b3f8-c1c30907d9c3
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54
content-length: 367
expires: Sun, 21 Feb 2021 05:40:53 GMT

GET
H2 200 BB1dL5e7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 48ms
29ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5e7.img?h=70&w=95&x=1369.5&y=578.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

62ff0b037ac7948642bc0749ef70716eb41c4e4c8f1b668c102a32580200bec8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL5e7
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 133479
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431924
x-activityid: 0b72b20b-dc0e-442b-80c9-c6dd688d97e7
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5e7?h=70&w=95&x=1369.5&y=578.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2854
expires: Mon, 22 Feb 2021 12:38:55 GMT

GET
H2 200 BB14LSTu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 4 KB
4 KB 49ms
31ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14LSTu.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c9982d600c46e6b6d7a634a92df5e6ef8a84157023bf6d6a45c4d23c0d182aa7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB14LSTu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Sat, 13 Feb 2021 11:49:45 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 4107
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=83354
x-activityid: d8135b22-07f2-42bb-aa4c-09f723a31979
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14LSTu
content-length: 4107
expires: Thu, 18 Feb 2021 11:49:25 GMT

GET
H2 200 BB1dLjjA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 3166ms
3155ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjjA.img?h=70&w=95&x=524.5&y=206&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3bc83f9c907d7ebbbff9cd6a3c7264087732f2b6aafd1af72354917b50752bd

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLjjA
date: Wed, 17 Feb 2021 12:40:14 GMT
last-modified: Wed, 17 Feb 2021 12:34:51 GMT
x-datacenter: northeu
x-source-length: 116197
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431661
x-activityid: 7da4b8b7-f55e-4eb2-840a-54ff0c140912
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjjA?h=70&w=95&x=524.5&y=206&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3079
expires: Mon, 22 Feb 2021 12:34:35 GMT

GET
H2 200 BB1dGxxm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 2 KB
3 KB 53ms
36ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGxxm.img?h=70&w=95&x=524.5&y=206&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

772904df9d55182098103a90a6b86e47523c3193b6f69b0cb92bf61dfacaba9b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dGxxm
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:34:51 GMT
x-datacenter: northeu
x-source-length: 54978
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431694
x-activityid: 113da83f-73ea-4560-af3b-4444ceae4d63
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGxxm?h=70&w=95&x=524.5&y=206&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2538
expires: Mon, 22 Feb 2021 12:35:05 GMT

GET
H2 200 BB1dL59N.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 3 KB
3 KB 56ms
39ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL59N.img?h=70&w=95&x=238&y=235&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

209a5227f46f1acd75de1f99fbf200087e5beb30fb69e22b74209d1b9cda9e43

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL59N
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:08 GMT
x-datacenter: northeu
x-source-length: 85423
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431271
x-activityid: 2e53c45f-8f69-4bd5-9754-66ae93b22d6e
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL59N?h=70&w=95&x=238&y=235&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2696
expires: Mon, 22 Feb 2021 12:28:02 GMT

GET
H2 200 BB1dL5pY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 2 KB
3 KB 61ms
44ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5pY.img?h=70&w=95&x=238&y=235&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cd67da33f9059d87720bc8f44b603b2df075976912d41d4dd85fa6386fd23d15

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL5pY
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 1174036
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431842
x-activityid: d27bac63-77ed-477d-9e60-02a9014151be
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5pY?h=70&w=95&x=238&y=235&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2329
expires: Mon, 22 Feb 2021 12:37:33 GMT

GET
H2 200 BBmJJQ7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 12B3 19 KB
19 KB 61ms
44ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBmJJQ7.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

263af8adfff945e13f719f75f5ceb3f076dc6d8ada3fae24228053065fb6718a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBmJJQ7
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 14:24:24 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18952
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=265536
x-activityid: dcf043d5-1b27-4396-9abb-822584285377
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBmJJQ7
content-length: 18952
expires: Sat, 20 Feb 2021 14:25:47 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 5E91 136 KB
52 KB 35ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPHB61BDSE

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60a3490fd1afcf46ff0867cd7e05085c36a9715cde9c158df780b656ff645685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53306
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:10 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 5E91 86 KB
30 KB 10ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: https://simcast.com
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:10 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1613565610.dop231.fr8.t,1613565610.cds222.fr8.hc,1613565610.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ Frame 5E91 13 KB
3 KB 440ms
149ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 25a2d0e7c65b61d3124956ae7e402b75c18c3cfd684f20bb813fb213aaa99786

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Sep 2020 05:07:42 GMT
Server: Apache/2.4.38 (Debian)
ETag: "34b2-5b06cc33c0380-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2950

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ Frame 5E91 55 KB
12 KB 446ms
156ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 03:45:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "daa3-58d2345dc71c0-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 12209

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame 5E91 9 KB
3 KB 25ms
10ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66109913f2822c41c56c88299701fab6e98eacd1c10c2934fc96843e5ce5aad9

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 985
etag: W/"3f9cea746e7c44bbeb5e95be9fce4a67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 622f934fd9191f15-FRA
cf-request-id: 08519a65e900001f153d3e0000000001
expires: Sat, 20 Feb 2021 12:40:11 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5E91 56 KB
19 KB 108ms
67ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

60bfd02abedb2a031ba5dda484e6c137b9a7c4d821ddda623facc21fd0814b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "786 / 592 of 1000 / last-modified: 1613563980"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19416
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H/1.1 200
OK enhance.js Show response
parking2.parklogic.com/page/ Frame 5E91 0
222 B 428ms
109ms Script
text/html 2600:3c02:1::2d4f:f40e
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=87joojin3fb.ru
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02:1::2d4f:f40e , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: close
X-Powered-By: PHP/5.5.38
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ Frame 5E91 1 KB
2 KB 434ms
143ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Last-Modified: Wed, 26 Feb 2020 07:27:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "527-59f758988fec0"
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ Frame 5E91 5 KB
2 KB 12ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 102650
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1399
cf-request-id: 08519a65c000002b1298a2a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qBN9sBHzzGvQb3SmGuFQfObfwOJSXX8iK570LLjp7YS0qmPK6Tyco5BzCYcmeOUSG1k9VPDQFXDUEO0c4Aomu5yQqruaY2rOp8VRANk25QOErN%2FXPgjuY6y2b1T7W7p1Gw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 622f934f986d2b12-FRA
expires: Mon, 07 Feb 2022 12:40:11 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ Frame 5E91 3 KB
2 KB 11ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 102650
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1541
cf-request-id: 08519a65c700002b12cea8d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PEm%2BcH7PvpYNPicx%2F%2BOxCRv90fswLKWE1OfT80LZXu1zt9WJxwGe9MFDABALwq%2Fsf6i8LM0DA64HUvc6629OvkR2ua2gqOT%2FsB4tVZxuDtgQm6EX0V9MgcjoQa4FBFUMhQ%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 622f934fa8822b12-FRA
expires: Mon, 07 Feb 2022 12:40:11 GMT

GET
H2 200 BB1dLenu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 106 KB
106 KB 57ms
45ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLenu.img?h=500&w=1000&x=500&y=250&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

65029cd6cc61b78a405703655d664539b6201b56f2ec2a205447a3a3c529d593

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLenu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 1969508
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431863
x-activityid: b9414160-4097-4a4d-9a26-de66a3981082
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLenu?h=500&w=1000&x=500&y=250&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 108280
expires: Mon, 22 Feb 2021 12:37:54 GMT

GET
H2 200 BB1dKkpm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 5 KB
5 KB 58ms
47ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKkpm.img?h=100&w=100&x=548.5&y=336&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b15a37cb040e2260d22cc829c0fba941bfcc80b189eed02a953bb109f1592090

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dKkpm
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 04:48:02 GMT
x-datacenter: northeu
x-source-length: 152931
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=403651
x-activityid: a00d1090-8413-4381-a1d4-d3c20ff0135f
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKkpm?h=100&w=100&x=548.5&y=336&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 4825
expires: Mon, 22 Feb 2021 04:47:42 GMT

GET
H2 200 AAywGC0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 18 KB
19 KB 56ms
45ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAywGC0
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 22:17:36 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18737
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=380183
x-activityid: a849e987-0ab2-4781-bd9a-b21fe6dcf8da
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0
content-length: 18737
expires: Sun, 21 Feb 2021 22:16:34 GMT

GET
H2 200 BB1dL17z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 60ms
49ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL17z.img?h=100&w=100&x=3852.5&y=1810.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6ff1c6b1f8ceeb0cbb7216b55f3749a33eb7f6e71957dc45a9460403a7cd8644

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL17z
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 10:18:54 GMT
x-datacenter: northeu
x-source-length: 574999
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=423592
x-activityid: 6ddb2412-68de-414c-a2c8-db768a25bcf3
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL17z?h=100&w=100&x=3852.5&y=1810.5&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2825
expires: Mon, 22 Feb 2021 10:20:03 GMT

GET
H2 200 BBNvr53.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 592 B
952 B 58ms
48ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba66f541fd81ac7c99d86bac4cf071c9f0000f408b7487afc1bd5e35e20b87fc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBNvr53
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 12:17:50 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 592
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=257914
x-activityid: 4a2bab8f-6a21-4028-be8a-f352b00126e0
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53
content-length: 592
expires: Sat, 20 Feb 2021 12:18:45 GMT

GET
H2 200 BB1dKBO4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 3274ms
3264ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKBO4.img?h=100&w=100&x=3852.5&y=1810.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ebdb4bdad1d806aabc46e250d161083ffe6d86257357a85ecf46a351e35b3cae

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dKBO4
date: Wed, 17 Feb 2021 12:40:14 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 787590
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431791
x-activityid: d92a300d-2df1-438f-909a-06c56b8c4cfd
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dKBO4?h=100&w=100&x=3852.5&y=1810.5&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3151
expires: Mon, 22 Feb 2021 12:36:45 GMT

GET
H2 200 AABiyAn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 951 B
1 KB 63ms
54ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5677a0d4d9c566052cb2b4e67411461ad04d690c00c316b371ab759b1c29b145

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AABiyAn
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 18:13:11 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 951
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=365572
x-activityid: d1330d02-4a01-4784-a00e-7e1350f4ae3e
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn
content-length: 951
expires: Sun, 21 Feb 2021 18:13:03 GMT

GET
H2 200 BB1dK1fH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 4 KB
5 KB 64ms
55ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dK1fH.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

522be6e519408f7d56785f3e31bc8d050a32a5b79c8ec822dfcf3d8579f58215

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dK1fH
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 844955
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431264
x-activityid: f8488ed8-a764-4d5c-bad8-715257ec80ff
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dK1fH?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 4607
expires: Mon, 22 Feb 2021 12:27:55 GMT

GET
H2 200 BBAJ56P.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 18 KB
19 KB 61ms
52ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6d072dc01f4291909389823f0dd7ad7b7acf1d3a0b00da1dc84aee32e03bf5a7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBAJ56P
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Thu, 04 Feb 2021 00:11:07 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18777
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=113964
x-activityid: 7f1e1515-de99-4f0d-bc30-16fb2ddba0c3
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P
content-length: 18777
expires: Thu, 18 Feb 2021 20:19:35 GMT

GET
H2 200 BB1cSPkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 2 KB
3 KB 65ms
56ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cSPkn.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a54d736b8c7c9f30bc5549a0919456932835f7c48bc70e60770c819b90585cfc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cSPkn
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 41837
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431181
x-activityid: 6cfeb215-1e28-4f12-b579-be3b234c3fd4
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cSPkn?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2520
expires: Mon, 22 Feb 2021 12:26:32 GMT

GET
H2 200 BB1dLjb5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 67ms
58ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjb5.img?h=100&w=100&x=1281&y=1039&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d66b81539befc6fb2dae815908fbdf0ff8796727404e592eac2aa836b9018356

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLjb5
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:07 GMT
x-datacenter: northeu
x-source-length: 158544
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431326
x-activityid: 0c7c2b98-cd1c-40a7-af20-8e133708dca8
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjb5?h=100&w=100&x=1281&y=1039&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3136
expires: Mon, 22 Feb 2021 12:28:57 GMT

GET
H2 200 BB10dZNR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 1 KB
1 KB 64ms
55ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aa3dfa8bde9ad45690a9905401ac64cb44c1724db4d665fa4670de3190cb9886

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB10dZNR
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 09:56:15 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 1138
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=335764
x-activityid: 9cbd8586-b693-4681-9f6a-53ab832eb9eb
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR
content-length: 1138
expires: Sun, 21 Feb 2021 09:56:15 GMT

GET
H/1.1 200
OK loader.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ Frame 5E91 9 KB
4 KB 23ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b75e40b5c122e8eea9eee5a98acd2494f116ae5c325a38bcf79e9d6b8ebc5c9

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR3-C2
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 3170
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 17 Feb 2021 03:50:19 GMT
Server: AmazonS3
ETag: W/"d8c6a6d4c19c8f80279090e942fa37a5"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: ScwABOIvViITQCZ9slvgP6jxmKHKL8miD53KHT2ZyrmyEHa7kHZg3w==

GET
H2 200 BB1dL3sg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 68ms
60ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL3sg.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d671fec43fda18d014d5c6072475c4c74fadb916db17303769920fcbf6ce5fa

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL3sg
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 140802
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431809
x-activityid: 81da22c9-062d-4234-b9f8-355db5840591
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL3sg?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2568
expires: Mon, 22 Feb 2021 12:37:00 GMT

GET
H2 200 BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 142 B
502 B 67ms
58ms Image
image/gif 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB18qTPD
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 16:26:52 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 142
x-frame-options: deny
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=272774
x-activityid: 80e631b6-1119-4373-8320-23c33e9090ab
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD
content-length: 142
expires: Sat, 20 Feb 2021 16:26:25 GMT

GET
H2 200 BB1dL6ww.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 69ms
61ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL6ww.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e7641e313e74d0615d6368032d41c791ab6ceef64705a2db52948c2f5205e9ac

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL6ww
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 59917
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431906
x-activityid: a1bdd762-6c60-418a-a17c-e951eb3c204d
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL6ww?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2618
expires: Mon, 22 Feb 2021 12:38:37 GMT

GET
H2 200 BB1dL7v4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 2 KB
2 KB 71ms
63ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL7v4.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9dd0c8abb83e7f24cd84b5342c2bec45e14e7999dc1582987b5295f7dca2efbb

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL7v4
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 73720
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431885
x-activityid: 471dc233-cdd0-4986-953f-e02ec757e17f
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL7v4?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2156
expires: Mon, 22 Feb 2021 12:38:16 GMT

GET
H2 200 BB1deJk0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 72ms
64ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1deJk0.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

45462ca58b2b14c8cd755fe8f073a5bc6272680ef0622c2934a2e8ba480daaab

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1deJk0
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 107426
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431892
x-activityid: 9afd1e26-2ee8-4617-aef5-d52763d6ec41
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1deJk0?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3125
expires: Mon, 22 Feb 2021 12:38:23 GMT

GET
H2 200 BB1dGUZu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 2 KB
3 KB 71ms
64ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGUZu.img?h=70&w=95&x=389.5&y=117.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

75189de31f58b2d7e9e7154f473c7e2115f419edb92a3cefbfd25c894858673f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dGUZu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:05 GMT
x-datacenter: northeu
x-source-length: 292323
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431859
x-activityid: 215355af-b118-482a-bc12-b9cdcb72aae8
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGUZu?h=70&w=95&x=389.5&y=117.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2188
expires: Mon, 22 Feb 2021 12:37:50 GMT

GET
H2 200 BB1dLehD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 2 KB
2 KB 3181ms
3174ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLehD.img?h=70&w=95&x=1369.5&y=578.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

58b848223d98c6dec8cdebff01def77b7b4fbb2cb866aaf9f14628d63eff7ca8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLehD
date: Wed, 17 Feb 2021 12:40:14 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 625398
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431948
x-activityid: 45c4c95f-2237-4792-948c-04fe408d8229
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLehD?h=70&w=95&x=1369.5&y=578.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 1957
expires: Mon, 22 Feb 2021 12:39:22 GMT

GET
H2 200 AA38A54.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 367 B
727 B 73ms
66ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a37a4a4ee2ef80af64c05dc78ba6015976287e181b86398407f468e902bddad

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AA38A54
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 05:42:32 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 367
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=320442
x-activityid: 3be7184f-7985-4bf6-b3f8-c1c30907d9c3
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54
content-length: 367
expires: Sun, 21 Feb 2021 05:40:53 GMT

GET
H2 200 BB1dL5e7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 73ms
67ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5e7.img?h=70&w=95&x=1369.5&y=578.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

62ff0b037ac7948642bc0749ef70716eb41c4e4c8f1b668c102a32580200bec8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL5e7
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 133479
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431924
x-activityid: 0b72b20b-dc0e-442b-80c9-c6dd688d97e7
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5e7?h=70&w=95&x=1369.5&y=578.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2854
expires: Mon, 22 Feb 2021 12:38:55 GMT

GET
H2 200 BB14LSTu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 4 KB
4 KB 74ms
68ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14LSTu.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c9982d600c46e6b6d7a634a92df5e6ef8a84157023bf6d6a45c4d23c0d182aa7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB14LSTu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Sat, 13 Feb 2021 11:49:45 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 4107
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=83354
x-activityid: d8135b22-07f2-42bb-aa4c-09f723a31979
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14LSTu
content-length: 4107
expires: Thu, 18 Feb 2021 11:49:25 GMT

GET
H2 200 BB1dLjjA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 3345ms
3339ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjjA.img?h=70&w=95&x=524.5&y=206&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3bc83f9c907d7ebbbff9cd6a3c7264087732f2b6aafd1af72354917b50752bd

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dLjjA
date: Wed, 17 Feb 2021 12:40:14 GMT
last-modified: Wed, 17 Feb 2021 12:34:51 GMT
x-datacenter: northeu
x-source-length: 116197
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431684
x-activityid: 7da4b8b7-f55e-4eb2-840a-54ff0c140912
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dLjjA?h=70&w=95&x=524.5&y=206&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3079
expires: Mon, 22 Feb 2021 12:34:58 GMT

GET
H2 200 BB1dGxxm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 2 KB
3 KB 77ms
71ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGxxm.img?h=70&w=95&x=524.5&y=206&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

772904df9d55182098103a90a6b86e47523c3193b6f69b0cb92bf61dfacaba9b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dGxxm
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:34:51 GMT
x-datacenter: northeu
x-source-length: 54978
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431694
x-activityid: 113da83f-73ea-4560-af3b-4444ceae4d63
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dGxxm?h=70&w=95&x=524.5&y=206&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2538
expires: Mon, 22 Feb 2021 12:35:05 GMT

GET
H2 200 BB1dL59N.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 3 KB
3 KB 77ms
71ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL59N.img?h=70&w=95&x=238&y=235&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

209a5227f46f1acd75de1f99fbf200087e5beb30fb69e22b74209d1b9cda9e43

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL59N
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:28:08 GMT
x-datacenter: northeu
x-source-length: 85423
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431271
x-activityid: 2e53c45f-8f69-4bd5-9754-66ae93b22d6e
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL59N?h=70&w=95&x=238&y=235&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2696
expires: Mon, 22 Feb 2021 12:28:02 GMT

GET
H2 200 BB1dL5pY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 2 KB
3 KB 77ms
71ms Image
image/jpeg 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5pY.img?h=70&w=95&x=238&y=235&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cd67da33f9059d87720bc8f44b603b2df075976912d41d4dd85fa6386fd23d15

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1dL5pY
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17 Feb 2021 12:38:06 GMT
x-datacenter: northeu
x-source-length: 1174036
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431842
x-activityid: d27bac63-77ed-477d-9e60-02a9014151be
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dL5pY?h=70&w=95&x=238&y=235&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2329
expires: Mon, 22 Feb 2021 12:37:33 GMT

GET
H2 200 BBmJJQ7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 5E91 19 KB
19 KB 77ms
72ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBmJJQ7.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

263af8adfff945e13f719f75f5ceb3f076dc6d8ada3fae24228053065fb6718a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBmJJQ7
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 14:24:24 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18952
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=265536
x-activityid: dcf043d5-1b27-4396-9abb-822584285377
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBmJJQ7
content-length: 18952
expires: Sat, 20 Feb 2021 14:25:47 GMT

GET
H2 200 AAywGC0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 18 KB
19 KB 7ms
5ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAywGC0
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Tue, 16 Feb 2021 22:17:36 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 18737
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=380183
x-activityid: a849e987-0ab2-4781-bd9a-b21fe6dcf8da
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0
content-length: 18737
expires: Sun, 21 Feb 2021 22:16:34 GMT

GET
H/1.1 200
OK bundle.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ Frame 889C 200 KB
48 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fcd755da0caede32e1258930ee9ef2eba1fcc808e2da898655732b0e2f7e13f

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR62-C3
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 48272
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 17 Feb 2021 03:50:18 GMT
Server: AmazonS3
ETag: W/"147d5ba82ecdd33c9c161b651b8928b6"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: iinKO1U_9sH8tkG5fKhG8aLECTUjlUsanA6d-e9tzmUr8K8ESUP9Bw==

GET
H2 200 BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 142 B
502 B 50ms
49ms Image
image/gif 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB18qTPD
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 16:26:52 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 142
x-frame-options: deny
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=272774
x-activityid: 80e631b6-1119-4373-8320-23c33e9090ab
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD
content-length: 142
expires: Sat, 20 Feb 2021 16:26:25 GMT

GET
H2 200 BBNvr53.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 592 B
952 B 43ms
42ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba66f541fd81ac7c99d86bac4cf071c9f0000f408b7487afc1bd5e35e20b87fc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBNvr53
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 12:17:50 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 592
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=257914
x-activityid: 4a2bab8f-6a21-4028-be8a-f352b00126e0
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53
content-length: 592
expires: Sat, 20 Feb 2021 12:18:45 GMT

GET
H2 200 BB14LSTu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ Frame 889C 4 KB
4 KB 51ms
51ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14LSTu.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c9982d600c46e6b6d7a634a92df5e6ef8a84157023bf6d6a45c4d23c0d182aa7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB14LSTu
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Sat, 13 Feb 2021 11:49:45 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 4107
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=83354
x-activityid: d8135b22-07f2-42bb-aa4c-09f723a31979
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14LSTu
content-length: 4107
expires: Thu, 18 Feb 2021 11:49:25 GMT

GET
H/1.1 200
OK js.php Show response
simcast.com/widgets/ms/ Frame 889C 1 B
479 B 387ms
152ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/ms/js.php?fra=1&ip=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: */*
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8
Content-Length: 21
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ Frame 889C 40 KB
41 KB 161ms
55ms Script
application/javascript 65.9.91.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 00:36:32 GMT
Via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 14385820
ETag: "e63788b8657ac52b3cdbb970e551c2a4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Content-Length: 40961
X-Amz-Cf-Id: 1Sv7wgqYdqHSXAItvw4qvf_xY5XpphkWd8Yt194qOboVIkAm5IMPZw==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 889C 325 KB
112 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cfe6a10f24cfde45ba6f286a71c1e15476c0d9469434ad7dba61cea1e74cb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114571
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H2 200 3001403 Show response
hdrbd.ivstracker.net/hbplacementsservices/ Frame 889C 283 KB
86 KB 56ms
9ms Script
text/javascript 2600:9000:206f:8600:1a:f2c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001403
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:1a:f2c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 65c75933bb39086a6cd7513f86c40ab6d4b2512e12cbf5f4e218dac023400ec2

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:34:36 GMT
content-encoding: gzip
age: 334
x-amzn-requestid: 377d9825-79f2-4e6a-b250-a978a21dffd3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
cache-control: private, max-age=600
x-amzn-trace-id: Root=1-602d0d5c-26caaa80796e328d7e61fa80;Sampled=0
x-amz-cf-pop: FRA56-C1
x-amz-apigw-id: a48GeHnASQ0Frig=
x-amz-cf-id: 7yijhWnkiy5jMDqtt7ZuF-GYq2Uz7NFn9DkmlbjRldyk9ZZU5ha8DA==

GET
H2 200 sync.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 3D5E 2 KB
1 KB 97ms
32ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-type: text/html
set-cookie: __cfduid=d559f69e915e6c4a66d091b84de1b38fa1613565611; expires=Fri, 19-Mar-21 12:40:11 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified: Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 3808
cf-request-id: 08519a65f00000fa6ce628a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Dbdjv1DswVeEdHsgc0Z1eQwurNhRBoZVCXKXx1af1O1%2FFXKz%2BCa6I2MHTGaxIHqmmUnIwYgpxqVxXczRyApLL8%2FkCYVDHk9sl5AdjKBYjCUjZ%2Fz%2F4gd9SS3hV7E%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 622f934fe9f8fa6c-AMS
content-encoding: br

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 889C 46 KB
19 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6775
date: Wed, 17 Feb 2021 10:47:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Feb 2021 12:47:16 GMT

GET
H/1.1 200
OK moat-tracker.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/assets/ Frame 889C 1 KB
1 KB 11ms
10ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/assets/moat-tracker.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 782
Last-Modified: Wed, 17 Feb 2021 03:50:18 GMT
Server: AmazonS3
ETag: W/"e487166610c7a5ecb4bb060d5a795b49"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: hCmDFqlyiWsEPJ05iz1bR2dDN9sUz8neneP-Iyyw-hjjyLXwQ8nqhQ==

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame 889C 123 KB
49 KB 11ms
9ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c30d9beae2f3a31440cfe2421977bf416d2ad9f473b22951277ff3065e1d8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 25895
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 49788
etag: W/"1ebe9-h3u6hgHFbTDbXB6+Bjhgivuxk/4"
x-served-by: cache-fra19130-FRA, cache-hhn4037-HHN
date: Wed, 17 Feb 2021 12:40:11 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ad-tag Show response
ivxplayer.ivideosmart.com/prod/outstream/ Frame 889C 3 KB
3 KB 196ms
58ms XHR
application/json 18.197.237.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivxplayer.ivideosmart.com/prod/outstream/ad-tag?key=09fffbe3432899f1611c2f14301b50ea&playertype=IVST-IFRAME&canonicalUrl=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.237.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-237-28.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 917b028b3d50f93cd30aa593328bca55686d566c1f2854704e82185c1d7925f5

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:11 GMT
x-powered-by: Express
etag: W/"a3c-54PZwKYlXO7UER8+J3MRAap2R0Y"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
x-robots-tag: none
content-length: 2620
expires: 0

GET
H/1.1

204

partner
sync.search.spotxchange.com/ Frame 889C
Redirect Chain

https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1
https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=46888508-711d-11eb-926f-11372f1a4306

0
588 B

52ms
51ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=46888508-711d-11eb-926f-11372f1a4306
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Wed, 17 Feb 2021 12:40:11 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 14
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Server: nginx
Location: /partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=46888508-711d-11eb-926f-11372f1a4306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 25
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 200 pubads_impl_2021021101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 889C 289 KB
101 KB 64ms
64ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H/1.1 200
OK bundle.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ Frame 12B3 200 KB
48 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fcd755da0caede32e1258930ee9ef2eba1fcc808e2da898655732b0e2f7e13f

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR62-C3
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 48272
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 17 Feb 2021 03:50:18 GMT
Server: AmazonS3
ETag: W/"147d5ba82ecdd33c9c161b651b8928b6"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: iinKO1U_9sH8tkG5fKhG8aLECTUjlUsanA6d-e9tzmUr8K8ESUP9Bw==

GET
H/1.1 200
OK bundle.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ Frame 5E91 200 KB
48 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fcd755da0caede32e1258930ee9ef2eba1fcc808e2da898655732b0e2f7e13f

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR62-C3
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 48272
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 17 Feb 2021 03:50:18 GMT
Server: AmazonS3
ETag: W/"147d5ba82ecdd33c9c161b651b8928b6"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: iinKO1U_9sH8tkG5fKhG8aLECTUjlUsanA6d-e9tzmUr8K8ESUP9Bw==

GET
H3-Q050 200 bridge3.441.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9777 577 KB
189 KB 34ms
20ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd71d8a267e6931dcd1772be1ddf9d1b8120f469985b4600bf064757850b5353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.441.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193033
date: Mon, 15 Feb 2021 21:02:54 GMT
expires: Tue, 15 Feb 2022 21:02:54 GMT
last-modified: Mon, 15 Feb 2021 20:48:36 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 142637
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 889C 26 KB
11 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/49007009/ Frame 889C
Redirect Chain

https://mc.yandex.ru/watch/49007009?wmode=7&page-url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&page-ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&char...
https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&page-ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&ch...

186 B
268 B

61ms
60ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&page-ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1036648165935%3Ahid%3A1046632448%3Az%3A60%3Ai%3A20210217134011%3Aet%3A1613565612%3Ac%3A1%3Arn%3A355644421%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1613565609370%3Ads%3A0%2C439%2C283%2C2%2C739%2C0%2C%2C504%2C0%2C%2C%2C%2C1973%3Adsn%3A0%2C438%2C284%2C1%2C739%2C0%2C%2C509%2C0%2C%2C%2C%2C1972%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

07f145e939216c55862ca4c71d4da3929ff32381443df27bca06424cf41692c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 17-Feb-2021 12:40:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Wed, 17-Feb-2021 12:40:11 GMT
location: /watch/49007009/1?wmode=7&page-url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&page-ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1036648165935%3Ahid%3A1046632448%3Az%3A60%3Ai%3A20210217134011%3Aet%3A1613565612%3Ac%3A1%3Arn%3A355644421%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1613565609370%3Ads%3A0%2C439%2C283%2C2%2C739%2C0%2C%2C504%2C0%2C%2C%2C%2C1973%3Adsn%3A0%2C438%2C284%2C1%2C739%2C0%2C%2C509%2C0%2C%2C%2C%2C1972%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.
strict-transport-security: max-age=31536000
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:11 GMT

GET
H2 200 pageLoad Show response
r.ivideosmart.com/prod/v1/ Frame 889C 0
446 B 443ms
403ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/pageLoad?clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&eventAction=pageLoad&eventPlayhead=0&eventTime=346&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611372-56faddff6e2a4&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: h0pjbPW_-nVnTILsUehYh7MGHYy2CRuLOjvAo421GrCHzrV0gdAaBQ==

GET
H2 200 adRequest Show response
r.ivideosmart.com/prod/v1/ Frame 889C 0
446 B 432ms
396ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adRequest?adRequestId=1613565611717-8975e99de7736&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&eventAction=adRequest&eventPlayhead=0&eventTime=349&hb=0&hbBidders=none&hbNetworks=none&hbWinner=none&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611372-56faddff6e2a4&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: FJs8hYDtisC2hQVRy6qD5fjtGGM9cvwBrY8Oquw84CbfBZ1KhxEelQ==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 889C 109 B
803 B 47ms
27ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 889C 43 B
290 B 116ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "602bfd68-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 17 Feb 2021 13:40:11 GMT

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 3D5E 35 B
266 B 1476ms
182ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn.aralego.net/ucfad/cookie/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3-Q050 200 pubads_impl_2021021101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 12B3 289 KB
101 KB 50ms
50ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H3-Q050 200 pubads_impl_2021021101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5E91 289 KB
101 KB 49ms
49ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 889C 23 KB
10 KB 71ms
70ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=43390541987040&correlator=3652788990942536&output=ldjh&impl=fif&eid=21068773%2C21068891%2C21068031%2C31060155&vrg=2021021101&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210217&iu_parts=51855962%2Ctest%2CTraffic_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cdm=simcast.com&bc=23&abxe=1&lmt=1613565611&dt=1613565611791&dlt=1613565610838&idt=930&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=1124343353&ucis=rnssa8cs664b&ifi=1&ifk=1530358985&u_tz=60&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&top=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=109754392.1613565612&ga_sid=1613565612&ga_hid=1607607913&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

63412f01c0b2325e258cfed1b7a5cb4b18f68e523bd3fc64e452f1309c8a812d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9339
x-xss-protection: 0
google-lineitem-id: 5399501512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314905801
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ac0f126b590141b9b50fcf1fcffb3b37.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 889C 0
0 71ms
38ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ac0f126b590141b9b50fcf1fcffb3b37.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 889C 0
0 26ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK js.php Show response
simcast.com/widgets/ms/ Frame 12B3 1 B
479 B 430ms
150ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/ms/js.php?fra=1&ip=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: */*
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Feb 2021 12:40:12 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8
Content-Length: 21
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK js.php Show response
simcast.com/widgets/ms/ Frame 5E91 1 B
479 B 445ms
158ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/ms/js.php?fra=1&ip=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: */*
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Feb 2021 12:40:12 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8
Content-Length: 21
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ Frame 5E91 40 KB
41 KB 60ms
60ms Script
application/javascript 65.9.91.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 00:36:32 GMT
Via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 14385820
ETag: "e63788b8657ac52b3cdbb970e551c2a4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Content-Length: 40961
X-Amz-Cf-Id: gFOHNeC8hJ2vmvqpmpOSh_zW36gNfoSz9KR5dncVhpKKATHMLKudUA==

GET
H/1.1 204 partner
sync.search.spotxchange.com/ Frame 5E91 0
589 B 57ms
56ms Image
text/plain 185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Wed, 17 Feb 2021 12:40:11 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 114
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5E91 325 KB
112 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cfe6a10f24cfde45ba6f286a71c1e15476c0d9469434ad7dba61cea1e74cb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114571
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H2 200 3001403 Show response
hdrbd.ivstracker.net/hbplacementsservices/ Frame 5E91 283 KB
86 KB 8ms
7ms Script
text/javascript 2600:9000:206f:8600:1a:f2c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001403
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:1a:f2c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 65c75933bb39086a6cd7513f86c40ab6d4b2512e12cbf5f4e218dac023400ec2

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:34:36 GMT
content-encoding: gzip
age: 334
x-amzn-requestid: 377d9825-79f2-4e6a-b250-a978a21dffd3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
cache-control: private, max-age=600
x-amzn-trace-id: Root=1-602d0d5c-26caaa80796e328d7e61fa80;Sampled=0
x-amz-cf-pop: FRA56-C1
x-amz-apigw-id: a48GeHnASQ0Frig=
x-amz-cf-id: VJPCP3EEFsvhDNZ6i2nRZmCNixjYcw_VoaxORWuqHcs9-_0HmPqbhA==

GET
H2 200 sync.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 69B4 2 KB
939 B 58ms
57ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-type: text/html
set-cookie: __cfduid=d77588d8f72af56a7021b9f43ca0aebb71613565611; expires=Fri, 19-Mar-21 12:40:11 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified: Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 3808
cf-request-id: 08519a673e0000fa6c6caea000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JY%2FhcGm%2F%2BEnSTpSZS64vO%2B1S%2FgDzoB35%2BiW96UB34t4MUr9fC6sRnhIxEChu0iy2myyDj3tcPBbX9hT%2BU6PR6cxjWaXbSz%2Bapmm16qsxyX8u3jPCGL6Ti4zeMuw%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 622f9351ff4afa6c-AMS
content-encoding: br

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 5E91 46 KB
19 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6775
date: Wed, 17 Feb 2021 10:47:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Feb 2021 12:47:16 GMT

GET
H/1.1 200
OK moat-tracker.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/assets/ Frame 5E91 1 KB
1 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/assets/moat-tracker.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 782
Last-Modified: Wed, 17 Feb 2021 03:50:18 GMT
Server: AmazonS3
ETag: W/"e487166610c7a5ecb4bb060d5a795b49"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: hCmDFqlyiWsEPJ05iz1bR2dDN9sUz8neneP-Iyyw-hjjyLXwQ8nqhQ==

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame 5E91 123 KB
49 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c30d9beae2f3a31440cfe2421977bf416d2ad9f473b22951277ff3065e1d8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 25895
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 49788
etag: W/"1ebe9-h3u6hgHFbTDbXB6+Bjhgivuxk/4"
x-served-by: cache-fra19130-FRA, cache-hhn4037-HHN
date: Wed, 17 Feb 2021 12:40:11 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ Frame 12B3 40 KB
41 KB 115ms
54ms Script
application/javascript 65.9.91.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 00:36:32 GMT
Via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 14385820
ETag: "e63788b8657ac52b3cdbb970e551c2a4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Content-Length: 40961
X-Amz-Cf-Id: ZxovEbLTxt_timOjizHA6b2xMdOKd8Wjxi7XvUnxCN3GhhKPNQW8Rw==

GET
H/1.1 204 partner
sync.search.spotxchange.com/ Frame 12B3 0
588 B 104ms
58ms Image
text/plain 185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Wed, 17 Feb 2021 12:40:11 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 21
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 12B3 325 KB
112 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cfe6a10f24cfde45ba6f286a71c1e15476c0d9469434ad7dba61cea1e74cb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114571
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H2 200 3001403 Show response
hdrbd.ivstracker.net/hbplacementsservices/ Frame 12B3 283 KB
86 KB 11ms
7ms Script
text/javascript 2600:9000:206f:8600:1a:f2c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001403
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:1a:f2c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 65c75933bb39086a6cd7513f86c40ab6d4b2512e12cbf5f4e218dac023400ec2

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:34:36 GMT
content-encoding: gzip
age: 334
x-amzn-requestid: 377d9825-79f2-4e6a-b250-a978a21dffd3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
cache-control: private, max-age=600
x-amzn-trace-id: Root=1-602d0d5c-26caaa80796e328d7e61fa80;Sampled=0
x-amz-cf-pop: FRA56-C1
x-amz-apigw-id: a48GeHnASQ0Frig=
x-amz-cf-id: cSDobyAfvtvnsE0SZASwpSyJicDYeOlPrn2chKlnRRjfcmxBill3yg==

GET
H2 200 sync.html Show response
cdn.aralego.net/ucfad/cookie/ Frame E374 2 KB
930 B 68ms
66ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-type: text/html
set-cookie: __cfduid=d22bc1f881bff6e2f55de0802894425ef1613565611; expires=Fri, 19-Mar-21 12:40:11 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified: Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 3808
cf-request-id: 08519a67590000fa6c659d1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jiow47Wb6FUlI1Z%2BbzWjLnM4gn6BQ69JDSwIeaNAg0CFLIZU0g3hLukau2HrsAa53KC7VMoagXJAyxC5qzvmn6NKgFfr1J7fDCjz5PuPBKpVj4M5BLyybAcPA6M%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 622f93521fa0fa6c-AMS
content-encoding: br

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 12B3 46 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6775
date: Wed, 17 Feb 2021 10:47:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Feb 2021 12:47:16 GMT

GET
H/1.1 200
OK moat-tracker.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/assets/ Frame 12B3 1 KB
1 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/assets/moat-tracker.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 782
Last-Modified: Wed, 17 Feb 2021 03:50:18 GMT
Server: AmazonS3
ETag: W/"e487166610c7a5ecb4bb060d5a795b49"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: hCmDFqlyiWsEPJ05iz1bR2dDN9sUz8neneP-Iyyw-hjjyLXwQ8nqhQ==

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame 12B3 123 KB
49 KB 9ms
8ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c30d9beae2f3a31440cfe2421977bf416d2ad9f473b22951277ff3065e1d8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 25895
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 49788
etag: W/"1ebe9-h3u6hgHFbTDbXB6+Bjhgivuxk/4"
x-served-by: cache-fra19130-FRA, cache-hhn4037-HHN
date: Wed, 17 Feb 2021 12:40:11 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pageLoad Show response
r.ivideosmart.com/prod/v1/ Frame 5E91 0
447 B 367ms
363ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/pageLoad?clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&eventAction=pageLoad&eventPlayhead=0&eventTime=42&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611820-520e5e9d2cb6a&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: U3CJSIW3xJSPfynaKkCvjDBBEdfHTei-O1TYY_ZefwG0A1W5Jyme4Q==

GET
H2 200 pageLoad Show response
r.ivideosmart.com/prod/v1/ Frame 12B3 0
448 B 188ms
186ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/pageLoad?clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&eventAction=pageLoad&eventPlayhead=0&eventTime=40&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611833-5fad0a0228632&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: Tt5h5o85MCM_ZNR8oqwZULgw2pIHZisYXMmBVOJHYYbXIoUBnkxkGQ==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9E1 0
0 77ms
77ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5s2VBxZ5u-kGtrSsLRYLtf57CHh4ZoVebf_sxuvwZcUlWuTIM6QgVQlwc8tOJdzoCLG23HwGYPRDACd9snp4nByaV5jz6MTcNq9sIGM_ErhV8WAxq1cp-S7TMTF9k8EJwpvKMsFFLMNxWyeJTCqpumRWOqSlrh0P0z_AztQuYG74Fvuixl-ACUKnSExdbIpyWMLbmHb3DnkeWY-F6XYIcaX4BjqoH_rBruZOAx1K1yFKPgjH2ghHmr1mMWfBt1kFE1v0A3XI_RaNuRcgN0Ro2uNHygsJ-ybYrVRxR8W1fRg&sig=Cg0ArKJSzAl8P4LFGHhDEAE&adurl=

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame E9E1 18 KB
7 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 12:12:13 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame E9E1 3 KB
2 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 12:16:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9E1 107 KB
33 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f4c4b4880af1f974aae99eb91e9fd77179ddc4d35f959159740f149804bc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613161046593140"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H3-Q050 200 2364309221291099109
tpc.googlesyndication.com/simgad/ Frame E9E1 807 B
971 B 35ms
21ms Image
image/gif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2364309221291099109

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:36 GMT
x-content-type-options: nosniff
age: 461675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 807
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 05:45:21 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 04:25:36 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 889C 74 KB
28 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1082b879cd43a0dec9ab3cc9ae2ddad7426c64e73fed45067c89afcac5bdd227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613161064837431"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:11 GMT

GET
H2 200 49007009 Show response
mc.yandex.ru/watch/ Frame 5E91 186 B
289 B 59ms
59ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009?wmode=7&page-url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226051&page-ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1411462409763%3Ahid%3A781838082%3Az%3A60%3Ai%3A20210217134012%3Aet%3A1613565612%3Ac%3A1%3Arn%3A346124956%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1613565609369%3Ads%3A1%2C492%2C425%2C1%2C642%2C0%2C%2C809%2C0%2C%2C%2C%2C2376%3Adsn%3A1%2C492%2C426%2C0%2C642%2C0%2C%2C814%2C0%2C%2C%2C%2C2375%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

07f145e939216c55862ca4c71d4da3929ff32381443df27bca06424cf41692c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 17-Feb-2021 12:40:12 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 12B3 109 B
169 B 42ms
28ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 12B3 109 B
781 B 45ms
31ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 12B3 24 KB
9 KB 82ms
82ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4162675627452124&correlator=1310692474064118&output=ldjh&impl=fif&eid=21068773%2C21068891%2C21069980&vrg=2021021101&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210217&iu_parts=51855962%2Ctest%2CTraffic_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cdm=simcast.com&bc=23&abxe=1&lmt=1613565612&dt=1613565612035&dlt=1613565610922&idt=1103&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=1124343353&ucis=u5c18vsod0xv&ifi=1&ifk=1530359958&u_tz=60&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226056&ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&top=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1528654746.1613565612&ga_sid=1613565612&ga_hid=494695616&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

622389a165345ce9238ee0db6a0407c84fc6f42a95d617243636d23878b1c7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9480
x-xss-protection: 0
google-lineitem-id: 5399501512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314905801
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
512603063efb978512386277d3be6264.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 12B3 0
0 49ms
15ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://512603063efb978512386277d3be6264.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 12B3 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 5E91 109 B
169 B 28ms
27ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5E91 109 B
127 B 16ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5E91 24 KB
9 KB 83ms
83ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4164259287789909&correlator=104333282491670&output=ldjh&impl=fif&eid=21068773%2C21068891&vrg=2021021101&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210217&iu_parts=51855962%2Ctest%2CTraffic_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cdm=simcast.com&bc=23&abxe=1&lmt=1613565612&dt=1613565612075&dlt=1613565610936&idt=1129&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=1124343353&ucis=9oy996qur4jp&ifi=1&ifk=1530348955&u_tz=60&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226051&ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&top=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1737955548.1613565612&ga_sid=1613565612&ga_hid=1448574954&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

93423dc19c305a53046031cab1826e7613f88901a548fdcdb4336c8afd141c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9431
x-xss-protection: 0
google-lineitem-id: 5399501512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314905801
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2304d494e1ffc5737ec8ac47d45199a5.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5E91 0
0 53ms
38ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2304d494e1ffc5737ec8ac47d45199a5.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5E91 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 889C 43 B
73 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FpageLoad&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A1036648165935%3Ahid%3A1046632448%3Az%3A60%3Ai%3A20210217134012%3Aet%3A1613565612%3Ac%3A1%3Arn%3A674591189%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609370%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:12 GMT
last-modified: Wed, 17-Feb-2021 12:40:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:12 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 889C 43 B
73 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FadRequest&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A1036648165935%3Ahid%3A1046632448%3Az%3A60%3Ai%3A20210217134012%3Aet%3A1613565612%3Ac%3A1%3Arn%3A680469793%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609370%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:12 GMT
last-modified: Wed, 17-Feb-2021 12:40:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:12 GMT

GET
H3-Q050 200 bridge3.441.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7E2F 577 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd71d8a267e6931dcd1772be1ddf9d1b8120f469985b4600bf064757850b5353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.441.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193033
date: Mon, 15 Feb 2021 21:02:54 GMT
expires: Tue, 15 Feb 2022 21:02:54 GMT
last-modified: Mon, 15 Feb 2021 20:48:36 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 142638
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5E91 26 KB
11 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

GET
H2 200 adRequest Show response
r.ivideosmart.com/prod/v1/ Frame 5E91 0
447 B 354ms
353ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adRequest?adRequestId=1613565612142-71b9bd22927b2&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&eventAction=adRequest&eventPlayhead=0&eventTime=322&hb=0&hbBidders=none&hbNetworks=none&hbWinner=none&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611820-520e5e9d2cb6a&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: zhq8Czmlz0k-t4YxMk1SMr3-xCDyFOtt4g_YJzlEOAJnbNDiIWVjNg==

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 5E91 43 B
73 B 48ms
46ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FadRequest&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226051&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A1411462409763%3Ahid%3A781838082%3Az%3A60%3Ai%3A20210217134012%3Aet%3A1613565612%3Ac%3A1%3Arn%3A600824163%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609369%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:12 GMT
last-modified: Wed, 17-Feb-2021 12:40:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:12 GMT

GET
H3-Q050 200 bridge3.441.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9049 577 KB
189 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd71d8a267e6931dcd1772be1ddf9d1b8120f469985b4600bf064757850b5353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.441.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193033
date: Mon, 15 Feb 2021 21:02:54 GMT
expires: Tue, 15 Feb 2022 21:02:54 GMT
last-modified: Mon, 15 Feb 2021 20:48:36 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 142638
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 12B3 26 KB
10 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

GET
H2 200 adRequest Show response
r.ivideosmart.com/prod/v1/ Frame 12B3 0
446 B 369ms
369ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adRequest?adRequestId=1613565612163-490132f00a9c6&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&eventAction=adRequest&eventPlayhead=0&eventTime=330&hb=0&hbBidders=none&hbNetworks=none&hbWinner=none&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611833-5fad0a0228632&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: y6S5Lq0EyqNLovZwVq1M7KUYC1debTN4Oygplv54h6E4-7AaOyeCSA==

GET
H2 200 49007009 Show response
mc.yandex.ru/watch/ Frame 12B3 186 B
217 B 53ms
52ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009?wmode=7&page-url=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226056&page-ref=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A557257532213%3Ahid%3A175626941%3Az%3A60%3Ai%3A20210217134012%3Aet%3A1613565612%3Ac%3A1%3Arn%3A564925051%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1613565609370%3Ads%3A0%2C441%2C304%2C1%2C803%2C0%2C%2C822%2C0%2C%2C%2C%2C2374%3Adsn%3A0%2C441%2C304%2C1%2C803%2C0%2C%2C824%2C0%2C%2C%2C%2C2374%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

07f145e939216c55862ca4c71d4da3929ff32381443df27bca06424cf41692c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 17-Feb-2021 12:40:12 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:12 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 5E91 43 B
73 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FpageLoad&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226051&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A1411462409763%3Ahid%3A781838082%3Az%3A60%3Ai%3A20210217134012%3Aet%3A1613565612%3Ac%3A1%3Arn%3A139474133%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609369%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:12 GMT
last-modified: Wed, 17-Feb-2021 12:40:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:12 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7A0 0
0 79ms
79ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCjuaBo_XPTiYBnr_XRD4yFH9cdZPDto276PtgF3SZFIHJhJIucLmAijm3tylXVvUIy8cuNB0p7ZN_wAP0b_0vrIF_KVHVk7wdHQ9MRybeLkO36q0Kabpm_RJo9bAIJZRAGfhaBMqGEVMl6C1MqsCcCz3i56YxUq0o0mGSpQL2tOxj8-pPiCtO8kDwNYbPL7y7yod20Y9MF294QJHFsRvqu6PWEc0puNVsd217BTQyIB6iKKOUaPGaXlq8hun3bA9xBvWNUZwTqqI-Pk6kVftMnjYCk07ElX6xWQfHAvU01w&sig=Cg0ArKJSzDISllM6bNy5EAE&adurl=

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 2364309221291099109
tpc.googlesyndication.com/simgad/ Frame A7A0 807 B
839 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2364309221291099109

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:36 GMT
x-content-type-options: nosniff
age: 461676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 807
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 05:45:21 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 04:25:36 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame A7A0 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 12:12:13 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame A7A0 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 12:16:14 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7A0 107 KB
33 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f4c4b4880af1f974aae99eb91e9fd77179ddc4d35f959159740f149804bc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613161046593140"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A7A0 0
0 14ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTASHSBjpA4xSYY4sbyaSqz7ss63_wlEIfwv38DP8vgxmx4QBCiNbpOEkWKpPP7Gkvik283ZAeqihxJ7A8htbYoAvq50g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12B3 74 KB
28 KB 40ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1082b879cd43a0dec9ab3cc9ae2ddad7426c64e73fed45067c89afcac5bdd227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613161064837431"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 69B4 35 B
266 B 1444ms
168ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn.aralego.net/ucfad/cookie/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame E374 35 B
266 B 1451ms
167ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn.aralego.net/ucfad/cookie/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F06 0
0 77ms
77ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrdmE-1B_YjiixlyHerL-CtEvthMBp3nAZplcrQ2_atPMNBTHHtMRMrKHt5woHJv6UfIXtE_6iQrHMSBJfDZlT23QwtU1VDus0-O_KWD8xTZgzi8vU8e3LrMNYjhM6VsQGjLqyt3R1y7hic9YSfLl2RO6v-WIZgLKQMGuWuVXFZX7bUGABbm3IAqm53rfQjbVu7t6baidrRmhig8DYJRY_epiY9eV7wZJq6NL1uknA0cU5NAaqGzoy8xjwwb_70LZLutWv0k2YInJjdFbWUBCPZWskOTX71ybYWw8M6hTPgQ&sig=Cg0ArKJSzLy_ARoSy_qIEAE&adurl=

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 2364309221291099109
tpc.googlesyndication.com/simgad/ Frame 1F06 807 B
833 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2364309221291099109

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:36 GMT
x-content-type-options: nosniff
age: 461676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 807
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 05:45:21 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 04:25:36 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 1F06 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 12:12:13 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 1F06 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 12:16:14 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F06 107 KB
33 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f4c4b4880af1f974aae99eb91e9fd77179ddc4d35f959159740f149804bc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613161046593140"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 1F06 0
0 42ms
28ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC7GqiQazN8xtJBlLkkc4VS5RcSkoemEC8oIVIy35IJ1v5S8ZQ4ivC4tabBdaHe3R-3sGgpFzag2ZRbZ8DRZTt9t_kkQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E91 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1082b879cd43a0dec9ab3cc9ae2ddad7426c64e73fed45067c89afcac5bdd227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613161064837431"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 12B3 43 B
73 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FpageLoad&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226056&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A557257532213%3Ahid%3A175626941%3Az%3A60%3Ai%3A20210217134012%3Aet%3A1613565612%3Ac%3A1%3Arn%3A296123662%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609370%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:12 GMT
last-modified: Wed, 17-Feb-2021 12:40:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:12 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 12B3 43 B
73 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FadRequest&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226056&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A557257532213%3Ahid%3A175626941%3Az%3A60%3Ai%3A20210217134012%3Aet%3A1613565612%3Ac%3A1%3Arn%3A259170719%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609370%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565612%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:12 GMT
last-modified: Wed, 17-Feb-2021 12:40:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:12 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9E1 0
0 143ms
93ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXqgsL7QvFnJeykHCDIKu3HphgQE8WQQGzWZ6T0iX2N859J9V8AnI4j6o9LK-l3BfiSVdVhjdVLFeIMr_sXi06cjlzScQxOkOQSqTY44zTNBo8Ixsc4OqKVO3je-Be9gatpQgQsmnocYiScEzaRn71Yf-daIHO8xudpjkbPb16A9jS3BTj4K6dZQOdbq84AOiMzdy4WxSkYNJlbddd50jB_GuO6njeS6Z2AEgWlAt7kurSHUXxMipR45KQ54DLDbYry-l9IqAugwqG-GFmThItzrCuCvLb85A__3zpnhu-OzLQ&sig=Cg0ArKJSzB-jct0YZBiWEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7A0 0
0 78ms
78ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY6G2qbMi9-EEdzIVWtd88hsQRmmtJjrqxoz8TIrwXcpL0qg760h0-hAV62v7lcLytxVEjhtTGYbUJ1XLNeoS549E3OirNRL58u3mMnbOVu2249ag8EqaCIKH5CcUAQAQFVmn7cYE44pIf7cE-tL9NqYJGSHQVojEoLrYEuWqwBjjmzK7xxbwZhWALGyqzca0NkBP-AqjjFVHWA02qqAURhbXxLoyJ_x_GOerB3kEhhdV4kEjofDTS1gX9S2N0RziJqjm4dY6OyoA6KnXX4mSVfO-Mjkwmo8tEAX5nOQ4Enwxf&sig=Cg0ArKJSzDBTOlrJsM4kEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

GET
H/1.1 200
OK history.js Show response
ckstatic.com/js/historyjs/ Frame A655 23 KB
7 KB 246ms
61ms Script
text/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ckstatic.com/js/historyjs/history.js
Requested by: Host: t.adating.link
URL: https://t.adating.link/165604/3785/22391?aff_sub=265753.87joojin3fb.ru&bo=2753,2754,2755,2756
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer: https://t.adating.link/165604/3785/22391?aff_sub=265753.87joojin3fb.ru&bo=2753,2754,2755,2756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Dec 2014 21:06:56 GMT
ETag: "1417727216"
X-HW: 1613565612.dop087.lo4.t,1613565612.cds276.lo4.shn,1613565612.dop087.lo4.t,1613565612.cds075.lo4.c
Content-Type: text/javascript
Cache-Control: max-age=33301
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6880

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F06 0
0 76ms
76ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue42-rKYQZdulMcejxtUF13I9AyrQ-s8R8bvxq_4z1O4yUPn0gcNXb6XbP3Qj5xrEUiHHSqtzQmoVwd_i8MKiCoBDE3N40234ZY3pCM8QrsPc9bf7hVwXfo4Niga9ER79X5A-RKlbuZs_Q9phY-IOit1iSntX7fKfxNNjmeGsQ6A5Sgd-yY3bXCkio5agYfjDGCQeGf8M8QqpLb5Vv4zfsFfa-KY-SorsUgA3AWWhOeKtIuNndvnIbLZem0-Z9ngDPjo6Jhoh47_RtlytRDm6F-GYX8LVGC-wyLjwlpGJGJhTB&sig=Cg0ArKJSzFEjwrgWQNRPEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:12 GMT

GET
H2 200 getvastxml Show response
a.ivstracker.net/prod/ Frame 9777 7 KB
1 KB 671ms
220ms XHR
application/xml 52.76.22.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ivstracker.net/prod/getvastxml?spid=3001403&pageurl=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&playerversion=v4.54.3&vwidth=0&vheight=0&startmode=click&sound=on
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.22.239 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-22-239.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: b333a78ca139124c42563c1087affcfdbdcfd1c729a4492d77d0a23131e5a354

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"1a99-JPdLpSEz/5N03MsQDhzpLJaBws4"
vary: Accept-Encoding
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true

GET
H2 200 getvastxml Show response
a.ivstracker.net/prod/ Frame 7E2F 7 KB
1 KB 601ms
221ms XHR
application/xml 52.76.22.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ivstracker.net/prod/getvastxml?spid=3001403&pageurl=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&playerversion=v4.54.3&vwidth=0&vheight=0&startmode=click&sound=on
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.22.239 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-22-239.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 231e4d087ed49138cc210153632128a77fc75e281c5ca7254dbb7356cfc6d4ad

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"1a99-yx3MVZ30OYONVYJWISVp6ikptLQ"
vary: Accept-Encoding
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true

GET
H2 200 getvastxml Show response
a.ivstracker.net/prod/ Frame 9049 7 KB
1 KB 589ms
219ms XHR
application/xml 52.76.22.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ivstracker.net/prod/getvastxml?spid=3001403&pageurl=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&playerversion=v4.54.3&vwidth=0&vheight=0&startmode=click&sound=on
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.22.239 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-22-239.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 76c4d61c00b913369b43e2eb89dc6529ce9d1d350d189930d3bb4332478d8438

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"1a99-ahNeMq3NFA+UJtIINbbAtqMMJfo"
vary: Accept-Encoding
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true

GET
H2

200

/ Show response
s.aslnk.link/m2nogm54ld/44542/4284/ Frame A655
Redirect Chain

https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=265753.87joojin3fb.ru;&affiliateID=44542&source=102ff7bf1348b985603e219533283d&subID2=165604&s2=102ff7bf1348b985603e219533283d&s3=265...
https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=265753.87joojin3fb.ru%3B&affiliateID=44542&source=102ff7bf1348b985603e219533283d&subID2=165604&Target=Pops&Site=&Bnr=&cid=whus72hato8...
https://s.aslnk.link/m2nogm54ld/44542/4284/?aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&aff_sub3=whus72hato8io4j5i649i93i&source=102ff7bf1348b985603e219533283d&bo=2753,2754,2755,2756

2 KB
2 KB

456ms
446ms

Document
text/html

65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.aslnk.link/m2nogm54ld/44542/4284/?aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&aff_sub3=whus72hato8io4j5i649i93i&source=102ff7bf1348b985603e219533283d&bo=2753,2754,2755,2756

Requested by

Host: t.adating.link
URL: https://t.adating.link/165604/3785/22391?aff_sub=265753.87joojin3fb.ru&bo=2753,2754,2755,2756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10072f1e04f1ba8175a8c3924e92614a8528bedc7f6ce9beabe7626d24c29b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s.aslnk.link
:scheme: https
:path: /m2nogm54ld/44542/4284/?aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&aff_sub3=whus72hato8io4j5i649i93i&source=102ff7bf1348b985603e219533283d&bo=2753,2754,2755,2756
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://t.adating.link/165604/2753?nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=265753.87joojin3fb.ru
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://t.adating.link/165604/2753?nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=265753.87joojin3fb.ru

Response headers

content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Wed, 17 Feb 2021 12:40:13 GMT
set-cookie: aff_ran_url_6478=20353; Path=/; Expires=Thu, 18 Feb 2021 12:40:13 GMT; Secure enc_aff_session_6478=ENC037cce2ae1d46052e58bdf415939b9e4b38666f732cd3ae3e3cf6b1f1dc41857b674ee439890ebd8740e8cf2675fffc31390346dbc39e03be4223664ae9e5d86003c3095e84b2a8bf8bb46b62a715e70d5da6e2f230d6c27e9b00e588effd331adb606aa86d5296de45c4588122e2054bcee70a9046588557a31c2e5a911eaf758fe6f56c0f6e6f49dc38fcc5c4c10e0a0b2c48915f50451d0bf2768f4de4948f0e6c1613635c89cfeff795472a81a13ca15e5faf9c44393a469f68c4d4e7d208367ba8ccefce7498f85fa084b559cb3469f613685dcd887dcc021f45fd5c3c0608eb55177ab11b7011f54e9831cc3902bbe6921fc5dfdc02ad7e932d284da5670bd482b4846db80dc69204249eb487a28da6c1f8abb140ab46542720cfa69a272f7d0ac51a5270d572ee0a755bc6c41743d872d677e68588b84caf038022cbc811e7575e9; Path=/; Expires=Fri, 17 Feb 2023 12:40:13 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Fri, 12 Jan 2024 23:20:13 GMT; Secure
tracking_id: 102116e2e7154b36136b1d3a270def
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 1E8yoKWvIecdNyws891jK-oQDJl3xRTj7QSJME3BCb0Yzax-M4NA-A==

Redirect headers

Server: nginx
Date: Wed, 17 Feb 2021 12:40:13 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.aslnk.link/m2nogm54ld/44542/4284/?aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&aff_sub3=whus72hato8io4j5i649i93i&source=102ff7bf1348b985603e219533283d&bo=2753,2754,2755,2756
Pragma: no-cache
Set-Cookie: 20aabc55-9fe1-45ac-bd10-4108cd0f740a-v4=20aabc55-9fe1-45ac-bd10-4108cd0f740a; Max-Age=86400; Expires=Thu, 18-Feb-2021 12:40:13 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=HEoeNcw4BRmUiu1eCMUopm8BrgJVfHa7nNTJJjuhkBwBmmHKoYR0xh9Lt1X6E0h8v1byC%2FlSdcvxtklKJxVV96qARekOCzzthI0pRjF8DhhHFNbce5aAk2fYQ1eSeNBNYxjiySxEtcwHTPwDLhoNVg%3D%3D; Max-Age=31536000; Expires=Thu, 17-Feb-2022 12:40:13 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None

GET vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9049 0
0

GET vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9777 0
0

GET vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9049 0
0

GET vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9777 0
0

GET
DATA 200
OK truncated
/ Frame 9049 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 9777 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 adError Show response
r.ivideosmart.com/prod/v1/ Frame 12B3 0
445 B 365ms
364ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adError?adRequestId=1613565612163-490132f00a9c6&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&errorCode=1005&errorMessage=adLoadError%3A%20There%20was%20a%20problem%20requesting%20ads%20from%20the%20server.%20InnerError%3A%206&eventAction=adError&eventPlayhead=0&eventTime=1439&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611833-5fad0a0228632&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: LTyEMHvjfnW8xxqd_IIakRts1Bm_r49wnnj0YhsiaXm8WNfn_iqliw==

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 12B3 43 B
145 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FadError&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226056&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A557257532213%3Ahid%3A175626941%3Az%3A60%3Ai%3A20210217134013%3Aet%3A1613565613%3Ac%3A1%3Arn%3A758417789%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609370%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565613%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:13 GMT
last-modified: Wed, 17-Feb-2021 12:40:13 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:13 GMT

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 9049 0
351 B 716ms
219ms Image
text/html 52.76.37.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=error&errorcode=900&mediaurl=-1&domain=oktyabrskyorsk.orb.sudrf.ru&country=PL&spid=3001403&cpid=unknown&device=desktop&playertype=unknown&clientid=unknown&adsclientid=A40-900115a6-12b4-4307-a5f2-0c027639a04a&playlistid=unknown&sound=on&startmode=click&pageurl=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&ip=37.120.211.172&adsab=0&position=0&playerversion=v4.54.3&vabucket=000&vwidth=0&hbGrp=na&fromhb=no&stackdepth=1&tagid=2323&advertiserid=71&campaignid=494&stackidx=0&savecinfo=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.37.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Feb 2021 12:40:13 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 9777 0
352 B 714ms
218ms Image
text/html 52.76.37.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=error&errorcode=900&mediaurl=-1&domain=oktyabrskyorsk.orb.sudrf.ru&country=PL&spid=3001403&cpid=unknown&device=desktop&playertype=unknown&clientid=unknown&adsclientid=A40-a66dee45-604e-4ff7-9dc6-6027ce04974e&playlistid=unknown&sound=on&startmode=click&pageurl=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&ip=37.120.211.172&adsab=0&position=0&playerversion=v4.54.3&vabucket=000&vwidth=0&hbGrp=na&fromhb=no&stackdepth=1&tagid=2323&advertiserid=71&campaignid=494&stackidx=0&savecinfo=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.37.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Feb 2021 12:40:13 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 adError Show response
r.ivideosmart.com/prod/v1/ Frame 889C 0
447 B 187ms
187ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adError?adRequestId=1613565611717-8975e99de7736&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&errorCode=1005&errorMessage=adLoadError%3A%20There%20was%20a%20problem%20requesting%20ads%20from%20the%20server.%20InnerError%3A%206&eventAction=adError&eventPlayhead=0&eventTime=1907&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611372-56faddff6e2a4&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: MRq_rWie-S-qn0BryJL0yYnJaIruBjcT3F_LKPFIN_XqdcvvSl3jYg==

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 889C 43 B
73 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FadError&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226053&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A1036648165935%3Ahid%3A1046632448%3Az%3A60%3Ai%3A20210217134013%3Aet%3A1613565613%3Ac%3A1%3Arn%3A221121719%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609370%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565613%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:13 GMT
last-modified: Wed, 17-Feb-2021 12:40:13 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:13 GMT

GET vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 7E2F 0
0

GET
DATA 200
OK truncated
/ Frame 7E2F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 202 vast
r.ivstracker.net/prod/ Frame 7E2F 0
352 B 549ms
219ms Image
text/html 52.76.37.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ivstracker.net/prod/vast?action=error&errorcode=900&mediaurl=-1&domain=oktyabrskyorsk.orb.sudrf.ru&country=PL&spid=3001403&cpid=unknown&device=desktop&playertype=unknown&clientid=unknown&adsclientid=A54-45d89079-37c4-4d7f-8397-709c63805b90&playlistid=unknown&sound=on&startmode=click&pageurl=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&ip=37.120.211.172&adsab=0&position=0&playerversion=v4.54.3&vabucket=000&vwidth=0&hbGrp=na&fromhb=no&stackdepth=1&tagid=2323&advertiserid=71&campaignid=494&stackidx=0&savecinfo=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.37.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.441.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Feb 2021 12:40:13 GMT
access-control-allow-credentials: true
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 adError Show response
r.ivideosmart.com/prod/v1/ Frame 5E91 0
447 B 355ms
354ms XHR
application/json 2600:9000:2127:3000:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adError?adRequestId=1613565612142-71b9bd22927b2&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=iframe&cpID=0&device=others&domainAppName=oktyabrskyorsk.orb.sudrf.ru&engVersion=0&errorCode=1005&errorMessage=adLoadError%3A%20There%20was%20a%20problem%20requesting%20ads%20from%20the%20server.%20InnerError%3A%206&eventAction=adError&eventPlayhead=0&eventTime=1624&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1613565611820-520e5e9d2cb6a&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.54.3&productID=0&productName=IVST-IFRAME&referrer=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:13 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: PRG50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: rFKyGmyfCkmZg_8Y0P5oXuJiOMrdHOnIPK9ijXl6LFwlrVr9GzmQXQ==

POST
H2 200 1 Show response
mc.yandex.ru/watch/49007009/ Frame 5E91 43 B
73 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fsimcast.com%2FadError&page-ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3D87joojin3fb.ru%26s%3Dbone%26sw%3D9%26tr%3D136226051&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aqtcqz10rllvgsv%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A1411462409763%3Ahid%3A781838082%3Az%3A60%3Ai%3A20210217134013%3Aet%3A1613565613%3Ac%3A1%3Arn%3A414257521%3Au%3A1613565612524664552%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613565609369%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613565613%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:13 GMT
last-modified: Wed, 17-Feb-2021 12:40:13 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 12:40:13 GMT

GET
H/1.1 200
OK history.js Show response
ckstatic.com/js/historyjs/ Frame A655 23 KB
7 KB 59ms
59ms Script
text/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ckstatic.com/js/historyjs/history.js
Requested by: Host: s.aslnk.link
URL: https://s.aslnk.link/m2nogm54ld/44542/4284/?aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&aff_sub3=whus72hato8io4j5i649i93i&source=102ff7bf1348b985603e219533283d&bo=2753,2754,2755,2756
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer: https://s.aslnk.link/m2nogm54ld/44542/4284/?aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&aff_sub3=whus72hato8io4j5i649i93i&source=102ff7bf1348b985603e219533283d&bo=2753,2754,2755,2756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Dec 2014 21:06:56 GMT
ETag: "1417727216"
X-HW: 1613565612.dop087.lo4.t,1613565612.cds276.lo4.shn,1613565612.dop087.lo4.t,1613565613.cds075.lo4.c
Content-Type: text/javascript
Cache-Control: max-age=33300
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6880

GET
H2

200

/ Show response
hello.fuckbook.tv/lander/sk_version1_pl/ Frame A655
Redirect Chain

https://secure.cmvrclicks000.com/track/NzU3LjI1MTg4My4xMzEuNDMwLjAuMC4wLjAuMC4wLjAuMA?_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b3...

14 KB
3 KB

114ms
33ms

Document
text/html

2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Requested by: Host: s.aslnk.link
URL: https://s.aslnk.link/m2nogm54ld/44542/4284/?aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&aff_sub3=whus72hato8io4j5i649i93i&source=102ff7bf1348b985603e219533283d&bo=2753,2754,2755,2756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e1e01c6786003873353d35ee51f82fa792e55e0a9fbfb26b4d64f3792a95fad4

Request headers

:method: GET
:authority: hello.fuckbook.tv
:scheme: https
:path: /lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.aslnk.link/44542/2753?aff_sub3=whus72hato8io4j5i649i93i&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&source=102ff7bf1348b985603e219533283d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.aslnk.link/44542/2753?aff_sub3=whus72hato8io4j5i649i93i&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=265753.87joojin3fb.ru%3B&aff_sub2=165604&source=102ff7bf1348b985603e219533283d

Response headers

date: Wed, 17 Feb 2021 12:40:14 GMT
content-type: text/html
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
etag: W/"602c1db6-3808"
access-control-allow-origin: *
expires: Sun, 28 Feb 2021 20:55:10 GMT
server: CDN77-Turbo
x-77-nzt: AcO1rzIOfJvvgN0AAA==
x-77-nzt-ray: k6ZAODmc3bg=
x-cache: HIT
x-age: 56704
x-77-cache: HIT
x-77-pop: frankfurtDE
content-encoding: br

Redirect headers

date: Wed, 17 Feb 2021 12:40:14 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
set-cookie: AWSALB=pgcVfMPYsv33Ep8SLFyjnU200OlBAtj/P0vgZGs2V4GpUjyPHJpmM6hLEbPyNcIX0oB0iGsAgmPxU24FtUoXJCn2oLdFDW9qhGK6DqluyC50H5j0FFvduuuqTUN9; Expires=Wed, 24 Feb 2021 12:40:14 GMT; Path=/ AWSALBCORS=pgcVfMPYsv33Ep8SLFyjnU200OlBAtj/P0vgZGs2V4GpUjyPHJpmM6hLEbPyNcIX0oB0iGsAgmPxU24FtUoXJCn2oLdFDW9qhGK6DqluyC50H5j0FFvduuuqTUN9; Expires=Wed, 24 Feb 2021 12:40:14 GMT; Path=/; SameSite=None; Secure PHPSESSID=6emnt74due9r94q9qad42uasj6; path=/ offerit_unique_344_131_430=NzU3LjI1MTg4My4xMzEuNDMwLjAuMC4wLjAuMC44ODUxOTkwLjAuMA; Max-Age=86400; Expires=Thursday, 18 Feb 2021 12:40:14 UTC; path=/; domain=cmvrclicks000.com; Secure; SameSite=None ocode_344_430=NzU3LjI1MTg4My4xMzEuNDMwLjAuMC4wLjAuMC44ODUxOTkwLjAuMA; Max-Age=2592000; Expires=Friday, 19 Mar 2021 12:40:14 UTC; path=/; domain=cmvrclicks000.com; Secure; SameSite=None ocode_344=NzU3LjI1MTg4My4xMzEuNDMwLjAuMC4wLjAuMC44ODUxOTkwLjAuMA; Max-Age=2592000; Expires=Friday, 19 Mar 2021 12:40:14 UTC; path=/; domain=cmvrclicks000.com; Secure; SameSite=None offerit_344_430_cookie=https%3A%2F%2Fs.aslnk.link%2F44542%2F2753%3Faff_sub3%3Dwhus72hato8io4j5i649i93i%26amp%3Bnopop%3D1%26amp%3BboSequence%3D3%26amp%3Bbo%3D2754%252C2755%252C2756%26amp%3Baff_sub%3D265753.87joojin3fb.ru%253B%26amp%3Baff_sub2%3D165604%26amp%3Bsource%3D102ff7bf1348b985603e219533283d; Max-Age=2592000; Expires=Friday, 19 Mar 2021 12:40:14 UTC; path=/; domain=cmvrclicks000.com; Secure; SameSite=None offerit_344_430=NzU3LjI1MTg4My4xMzEuNDMwLjAuMC4wLjAuMC44ODUxOTkwLjAuMA|||1602d0eae323904.03350817; Max-Age=2592000; Expires=Friday, 19 Mar 2021 12:40:14 UTC; path=/; domain=cmvrclicks000.com; Secure; SameSite=None
server: Apache/2.4.46 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *

GET
H2 200 main.css
hello.fuckbook.tv/lander/sk_version1_pl/assets/css/ Frame A655 7 KB
2 KB 34ms
31ms Stylesheet
text/css 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/assets/css/main.css
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ec859792750d39a1c02ab387fbd95f31bdaec8b8e1ecfb74a0aaaca661d2b9f

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJFTL3vgN0AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-1cc8"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: GLw8uaZnva4=
x-77-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-cache: HIT
x-age: 56704
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A655 4 KB
723 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito|Roboto

Requested by

Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3adc426283f8a6705c564483ff2e106dbbce868f6a7f08eba54a206372f56ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 12:40:14 GMT
server: ESF
date: Wed, 17 Feb 2021 12:40:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Feb 2021 12:40:14 GMT

GET
H2 200 bootstrap.min.css
hello.fuckbook.tv/lander/sk_version1_pl/assets/css/ Frame A655 138 KB
19 KB 43ms
39ms Stylesheet
text/css 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/assets/css/bootstrap.min.css
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzL7ibbvf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-22682"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: Pl11kAtzMJs=
x-77-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 loader.css
hello.fuckbook.tv/_fuckbook/ Frame A655 698 B
558 B 45ms
41ms Stylesheet
text/css 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_fuckbook/loader.css
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e7b8ac018c02d7f6e1d765a5dfe8d8a231339c8c2afc59d47b6355823195507a

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJPbajvg+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a10-2ba"
last-modified: Tue, 16 Feb 2021 19:16:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: CfcNOTpAicg=
x-77-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-cache: HIT
x-age: 61315
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:38:19 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
hello.fuckbook.tv/_vendor/ Frame A655 84 KB
29 KB 72ms
68ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_vendor/jquery-2.2.4.min.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzL65mDvs+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a11-14e49"
last-modified: Tue, 16 Feb 2021 19:16:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: SGV7SweyUAA=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61363
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:31 GMT

GET
H2 200 popwin.js Show response
hello.fuckbook.tv/lander/sk_version1_pl/assets/js/ Frame A655 2 KB
1 KB 78ms
74ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/assets/js/popwin.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a616191739c34a7e06849d477f62511c9e5fba6cee3619b9974f1022b1a6b7a1

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJ1N73vf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-7f1"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: kkkgh9AXjCQ=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 script.js Show response
hello.fuckbook.tv/lander/sk_version1_pl/assets/js/ Frame A655 53 KB
16 KB 87ms
83ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/assets/js/script.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d2e6ffc115dfb4bb743c67250599d10d2eedc5e5ae050fb78b482a196ed05a39

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzIa1Xrvf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-d547"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: uuQnrYaFzXM=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 jquery-ui.effects_min.js Show response
hello.fuckbook.tv/lander/sk_version1_pl/assets/js/ Frame A655 24 KB
8 KB 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/assets/js/jquery-ui.effects_min.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ee8f6966cc5af322e27eb42fb1eb0fb7e6660a9b09925a5d27abb3de7da8f4f2

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJCW4nvf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-614f"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: 81IOzDxs5ww=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 universalPS.js Show response
hello.fuckbook.tv/lander/sk_version1_pl/assets/js/ Frame A655 16 KB
4 KB 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/assets/js/universalPS.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9cb6284baf8d5785254eeffc17cf53bc32d63e7ae881dd2fef8da67c32397d8a

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJcPkLvf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-3f26"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: S8Jh4AH5xic=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 ff_actions.js Show response
hello.fuckbook.tv/lander/sk_version1_pl/assets/js/ Frame A655 6 KB
2 KB 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/assets/js/ff_actions.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7c71d6ed5df5d69bf38e97ec679045a9c90264585b22b604f3c26c13e60b5cd5

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJ2Yjrvf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-183d"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: D7eJLpfAACQ=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 api-form-mapper.js Show response
hello.fuckbook.tv/lander/sk_version1_pl/assets/js/ Frame A655 2 KB
1020 B 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/assets/js/api-form-mapper.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: df13b88b18295cf23f7afbc5b89f4c8b30378afee1ba0dc584cb07e90b5fd8c0

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzLANr7vf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-886"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: twFjc9PA7Pc=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 Config-fuckbook_pps.js Show response
hello.fuckbook.tv/_fuckbook/ Frame A655 108 B
412 B 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_fuckbook/Config-fuckbook_pps.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fab0ce7f6462ecb77026b7ebe9c07f478a784c00eb03160bf2ac7e9abab84e51

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzLiIlzvrO8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a10-6c"
last-modified: Tue, 16 Feb 2021 19:16:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: TStLJYfngxI=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61356
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:38 GMT

GET
H2 200 bundle.js Show response
hello.fuckbook.tv/_webpack/ Frame A655 9 KB
4 KB 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_webpack/bundle.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c107c46bb1294b24f52aefad38ca86f6debc075d096b99cc10984f2c2335dfa3

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzL3XY3vs+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a11-25bd"
last-modified: Tue, 16 Feb 2021 19:16:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: ky3TQqd/zJY=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61363
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:31 GMT

GET
H2 200 CommonMapper.js Show response
hello.fuckbook.tv/_fuckbook/ Frame A655 389 B
523 B 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_fuckbook/CommonMapper.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 32e3eec9a924202b839cab09cb0f7ae26e65f9ea1f886d077d69ada1884178e0

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJzQgDvs+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a10-185"
last-modified: Tue, 16 Feb 2021 19:16:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: 8QBzFIhPWz0=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61363
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:31 GMT

GET
H2 200 Api.js Show response
hello.fuckbook.tv/_fuckbook/ Frame A655 1 KB
809 B 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_fuckbook/Api.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 48df5cd7cd4d381bc89a1bea9eae507be54c8d1f74fe8eca345a483906badc10

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJt+t/vs+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a10-4cf"
last-modified: Tue, 16 Feb 2021 19:16:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: T3/HiLLnqjk=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61363
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:31 GMT

GET
H2 200 promise.js Show response
hello.fuckbook.tv/_vendor/ Frame A655 6 KB
2 KB 95ms
92ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_vendor/promise.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9fbbf200dbf021f29455b9d6d7f30684651c947c2a4efb2d25c899ba8aa0305b

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzKOoKzvs+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a11-185b"
last-modified: Tue, 16 Feb 2021 19:16:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: ++lwa4pOYBg=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61363
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:31 GMT

GET
H2 200 fetch.js Show response
hello.fuckbook.tv/_vendor/ Frame A655 13 KB
4 KB 95ms
93ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_vendor/fetch.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 569412044c38c2bea3e7fe86b0adf72eb004e84abafbf4eadc951b7026a4e976

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzK0Xe7vs+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a11-32d4"
last-modified: Tue, 16 Feb 2021 19:16:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: HDUkZ9GIBPo=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61363
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:31 GMT

GET
H2 200 ga.js Show response
hello.fuckbook.tv/_vendor/ Frame A655 414 B
555 B 95ms
93ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_vendor/ga.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4b9cd48b66d6d503827e4b933cb4466fab14005180037b95a180494bfa98daef

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzIQoDjvs+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a11-19e"
last-modified: Tue, 16 Feb 2021 19:16:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: eMc60i5WcIc=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61363
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:31 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame A655 9 KB
3 KB 12ms
11ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66109913f2822c41c56c88299701fab6e98eacd1c10c2934fc96843e5ce5aad9

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 988
etag: W/"3f9cea746e7c44bbeb5e95be9fce4a67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 622f9362eaf21f15-FRA
cf-request-id: 08519a71ce00001f155e2f3000000001
expires: Sat, 20 Feb 2021 12:40:14 GMT

GET
H2 200 logo.svg
hello.fuckbook.tv/lander/sk_version1_pl/img/ Frame A655 12 KB
5 KB 34ms
33ms Image
image/svg+xml 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/img/logo.svg
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d93992bfe481bab44f1e9e3474a1c1bcbb9620a49308244650f688294397dafd

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzKr1orvf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1db6-2e5b"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: 3/N7pMXoz8A=
x-77-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 devices-320x182.png
hello.fuckbook.tv/lander/sk_version1_pl/img/ Frame A655 63 KB
63 KB 36ms
35ms Image
image/png 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hello.fuckbook.tv/lander/sk_version1_pl/img/devices-320x182.png
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8ae15fad210e68e366a30b51cfa5afc0cb95bab5c67de83c05b11ce0cedfe802

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzKAbuTvf90AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
etag: "602c1db6-fc4d"
last-modified: Tue, 16 Feb 2021 19:32:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: jKZ4DgQxK60=
x-77-cache: HIT
content-type: image/png
access-control-allow-origin: *
x-cache: HIT
x-age: 56703
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 64589
expires: Sun, 28 Feb 2021 20:55:11 GMT

GET
H2 200 general.js Show response
hello.fuckbook.tv/_scripts/ Frame A655 776 B
565 B 30ms
30ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_scripts/general.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 83d620321e127757d6d2b7517c85cb8eea2c28b6eecb2330198bf16fd83419a5

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzKY3Nvvs+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a10-308"
last-modified: Tue, 16 Feb 2021 19:16:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: kJCW7VKWDGM=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61363
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:31 GMT

GET
H2 200 second-offer.js Show response
hello.fuckbook.tv/_scripts/ Frame A655 463 B
558 B 32ms
32ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_scripts/second-offer.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 45579bb9fe8be3b8c3f1076a693c899f4c0bdd05320de9e5e6293661b575c02f

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzIBvhLvrO8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a11-1cf"
last-modified: Tue, 16 Feb 2021 19:16:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: I41/x9Q9JvE=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61356
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:38 GMT

GET
H2 200 back-button-redirect_dating.js Show response
hello.fuckbook.tv/_scripts/ Frame A655 2 KB
1 KB 32ms
31ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_scripts/back-button-redirect_dating.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 59290f79b516e97d9abad3d83c67459636db4f3260fb1b88a75921ef3938bb7b

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzJR7NXvg+8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a10-780"
last-modified: Tue, 16 Feb 2021 19:16:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: uzg3aPhUnsg=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61315
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:38:19 GMT

GET
H2 200 close-button-redirect.js Show response
hello.fuckbook.tv/_scripts/ Frame A655 617 B
637 B 32ms
31ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/_scripts/close-button-redirect.js
Requested by: Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ec9eff91231fb2886c12a055d47ed9dd765b962cb58fe730021fbe98aa694ac5

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzKDYp7vrO8AAA==
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: br
etag: W/"602c1a10-269"
last-modified: Tue, 16 Feb 2021 19:16:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: YRXXjK6xnuA=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 61356
x-77-pop: frankfurtDE
expires: Sun, 28 Feb 2021 19:37:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A655 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/_vendor/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hello.fuckbook.tv/lander/sk_version1_pl/?af=757&af_source=offerit&oid=1602d0eae323904.03350817&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=102116e2e7154b36136b1d3a270def&subaff=44542&subaff2=165604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6778
date: Wed, 17 Feb 2021 10:47:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Feb 2021 12:47:16 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 889C 8 KB
7 KB 37ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e85a2b5c32cc8744be7467165529f587341d45b0ba3ec36dfc8513d202dbec01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6405
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 889C 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:14 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 645F 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 17 Feb 2021 12:02:07 GMT
expires: Thu, 17 Feb 2022 12:02:07 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2287
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 645F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 6612
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6215
x-xss-protection: 0
expires: Thu, 17 Feb 2022 10:50:02 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 12B3 8 KB
7 KB 49ms
35ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

149a2f167e094cd940bc3293b941528e038917061054326e7aeb072d8f94b26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6470
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 12B3 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:14 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4FB1 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 17 Feb 2021 12:02:07 GMT
expires: Thu, 17 Feb 2022 12:02:07 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2287
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FB1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 6612
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6215
x-xss-protection: 0
expires: Thu, 17 Feb 2022 10:50:02 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 889C 0
164 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021101&jk=43390541987040&bg=!39yl3J_NAAXRs2QT0TsAKQB2-DxaeyFAdItBrj337Wkguij9p9O8sIIsRbXUWotlTj1cnVjGLn79AgAAAFZSAAAAE2gBBwoAkaBoczYytQRRcl3BYwb5fTQPIdrl3vz2MFYfOs9kC_o1PjiQYjt4TLfV0k3GnOWexGr3V-YegfciO3Qc6DsulYQhuJShndhuSiyi4CYfkzw7pkgl3SlfJLhsVgpqoa_I0_LSF0a4FukTeriC7SXbVxYjkV_J5vRaVYZqVW-BNvv4MbM1TM0GejZQW_3pU6tv4veZAfDVodbEqSo-I6D8rY1r5-AqnsL7sv7csz3yM73IJPoAjUc0WXCnFGr2w_FiTECkRI5MyKCI_EyOI_GpeeGaqN1FeXtMB-fV5h11uULZfq8gy21aydjFCxVKlF11VtOe6gcsc7SzNY-xdmn5q0tJ7qml1VKRiwdsKwjZWcIY8gktZQG2kGbd6FhK8PSriqr6rhkPD3cVSoSahrd2FHLN7-i15zjE1QBFgaF-cG-cO2V4EGtgp3SwgLU5M_5awLrWhJ67vZ8wsY52U5WvaFu9hudjDB1-FWLJvELLt5qCbEaH-RiP9o2F7NNbl3px1TMjG3lgPSLya_ffdxyWfi4hoiNLfi387gAlKgvc8XWCxnkHIk8o29VOsIhZBN-_s96OSKxOi6V809AUmiksMe2tWLPASRyzUKoX9HIVpaKQmzsqQ5FrrWAy9L0tNLNQlIBanOtYpoGht-PXJ1HYl452HmI9-09LMYBNw0TC1lyS1f3Oji-Br6AO_IQIvj4vTER3Llo7xh0xJ1fTt0r4oAX0TQfCOlcCaVY9u-_A_54MOBqTmHCkxFs1IbHDr35I3lBR0Nv08_E7b_UfMOk1M59FrgPxL_RAh7RaZ1z4Dhvx6qbcZEGa6Ioxx59VePLimxKBXCLY3fMezjFg-bRhUa5dlF6C

Requested by

Host: oktyabrskyorsk.orb.sudrf.ru
URL: http://oktyabrskyorsk.orb.sudrf.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226053
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5E91 8 KB
6 KB 25ms
24ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

363a1bda554c56b679c1f988a590565704627920a23fc302f89deb4b6bfda565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6399
x-xss-protection: 0

GET
H/1.1 200
OK cnt
stat.sputnik.ru/ 43 B
508 B 87ms
87ms Image
image/gif 5.143.224.43
SPUTNIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stat.sputnik.ru/cnt?p=7&pg=http%3A%2F%2Foktyabrskyorsk.orb.sudrf.ru%2F&pfs=0&pdls=1&pdle=18&pcs=18&pce=43&prqs=43&prss=206&prse=333&pdl=209&pdi=871&pdcs=871&pdce=889&pdc=6270&ples=6270&plee=6270&rn=0.898594754226214
Protocol: HTTP/1.1
Server: 5.143.224.43 , Russian Federation, ASN201907 (SPUTNIK, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://oktyabrskyorsk.orb.sudrf.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 12:40:14 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E91 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 12:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 17 Feb 2021 12:40:14 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame B01E 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 17 Feb 2021 12:02:07 GMT
expires: Thu, 17 Feb 2022 12:02:07 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2287
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response
pagead2.googlesyndication.com/bg/ Frame B01E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 6612
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6215
x-xss-protection: 0
expires: Thu, 17 Feb 2022 10:50:02 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12B3 0
46 B 40ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021101&jk=4162675627452124&bg=!vb6lvv3NAAXRs2QT0TsAKQB2-DxaZjHScF3E1u5PyssdjTbMnIVsz0ESK2VwAvJvvrBQFoQF6DuTAgAAAGFSAAAAHmgBBwoAWJ8bJBKLu3dRPk0rxc_Cr1Za24_TbvIvhRwn2gmWhqiivJRjSXBcokPx8nzSKuW97vbTkggNEvpTSuLGpvRZ3FEXNGaR-UmZ_i6bZzIwoMu8fhWcD5Ngsx6ZAe6XUR_lXklfeJHo7lamu98jO8qurawcG2NtpH-V1boD96AlxpUHiBfkvho5iZHcrTvtdzIQufQ3z2s6jsXNYSIK04jdaqrtwW2xoNSlSjhFZh5xKKHHOB6XxJDxIgC1pKhlNNG0JzlaY1xK9mCrhdInbItG9uZaDCTZtW71NKv8rTyWkHP8mg_aLuAobhrOIfvHdD1NO21nXjzvHyS8BgrLdqL2l5n1O5zT3v8wD4YBpFW46Mtyzl62iVmtRJL7s2myHdwcl218NBHHoCXrnO7yM5UBaOLzXcD8FzVswBsPU7DYHKQ2paPucxW9daNvug45rWXAmk4OKFf_x7wVyd0R3p99sokOATjnyr70B4vIMTnlJqn6R6bZckN2trMb4Xhu6etPMc-7L52iuoirFqzhx9WYsvfvaiCuCaTi2SGWcp8uLH0DvWgTVuK90x6cvuFJs3rYvoDFalE52t8nM_qjiinlrgqB9f38PTRL1o5sXp2hT35Bs4xPcSOspcGNTu_MHP7QN95pmBfBbLv9NTxGEsVGC7fzr1caZau4gyPOAt7SfrUbsAMjh5cHzKuBw702_Xi0ZeEXRLIDLDk0eGRQNedd0F-4aMeCxmrcxYhaV40EkvX3-HD7HUKxSmXHyMijw8UK58tNYvZD-nDDjg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226056
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E91 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021101&jk=4164259287789909&bg=!W1ilWBvNAAXRs2QT0TsAKQB2-Dxaq4XpUE7AD-YLFi48PHyfXBFVaXoBlOcMCHXG8yhqTIT5s2eMAgAAAGFSAAAAEmgBBwoBRZ1_EbwhUgiB0qZdksWFxVNF6Ut7cMMdrudq7Ho1vIOgHQPGhld6ZeSLy4AequS9y-HoFMdbXpg0p5n1gjfXkMT9sm4MXofKTB9oxNO4ljkKNsH1zKKBNfboWmDlw_m88drk_g6NI0PegvGbGLpgMEggEKB_dZYNi-4nH4cxYE0BhP0ZJqD0pSxalY0s1L-ONjjumc_WkwhdhdqRngYhnI3-kaqpYybgMerOGD_Lr9gsZ9JD49N3XgRXrPdoReVj19WGyO3xHrPRJlJnnOMzHh3VATwV4IhYkaDh1OKcZoB2sgwqeo0UsRmq4H40lB7mb830rlI1e7yYb4T0In-Ki2VqUhD62QSWZYHy_TPtNpohHCPJb_7AmqoGdJ5R9Wn33do5DuzvbwkywMj00CuIJOHqpX9z8MLecOiWhbnSfPJWc_BkdtSZAgK2cNuG1lRwcfmCynbV5Cec36Nb50N9-XCM9LB6IP6bkz4VHh-R0mpiifmf86PjJ6ymeSZr2K82VmufA3Xdeglo1Bs_Jdn4ctQpTtiCIpX8DqLxuA7elRG45dL2RlPNHFtoM0O0BFpafOCovDYDuRMCJ__PzbP3alYy4lJlSI9bkBpSwhz3iwR-svicOE2l_PzVj0SlLugp9kZUpRn5c_A9qdbWy9RAyP-0DSSHQyhTiHeJ3ICYWNhZW3NfykW1J0O1fgHPy5zi4ciG5iIB_-xVBrlfLqIhqszQpuMqGpS09dtq1vkHxhgo-wrBszu-66wzNuGWruCpOatbZGSmJqrffiqreAgli7zCh_1CjhFM8wcscyjiwMv7wvqx7ibVNHnjBTIKXd8f6aJEJMKwBt_ZtoEnrorIBW3EWDi_RXCuyB3uT_6vCYsvF-55T-JZq7qrL1QAkqJie4X2VZU4Csprf4girlWuwDCQ1leXdEl1qq5gGtcbGRL77wJTC9qehiB8KoG6OEzPXRsfJqvPgZhIFVFuQgbNgiUng2tqB5CFuu4e-UrSzTIjDjzAVKPGL5s_wPDmrcqQ2tapLNqVF0eyTkdLd3gToRNnh1aAFe0wdr1-_LMwHzMN3_XRizyJc3EovC3jK51o24dwG7xI4OPv8WOindi9qh9TnIDeB7Ybt242

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/?d=87joojin3fb.ru&s=bone&sw=9&tr=136226051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 12:40:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vpaid.pubmatic.com
URL: http://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=0&vw=0&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=oktyabrskyorsk.orb.sudrf.ru&js=0&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1

Domain: vpaid.pubmatic.com
URL: http://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=0&vw=0&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=oktyabrskyorsk.orb.sudrf.ru&js=0&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1

Domain: vpaid.pubmatic.com
URL: http://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=0&vw=0&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=oktyabrskyorsk.orb.sudrf.ru&js=0&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1

Domain: vpaid.pubmatic.com
URL: http://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=0&vw=0&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=oktyabrskyorsk.orb.sudrf.ru&js=0&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1

Domain: vpaid.pubmatic.com
URL: http://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=0&vw=0&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=oktyabrskyorsk.orb.sudrf.ru&js=0&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1

Domain: vpaid.pubmatic.com
URL: http://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=0&vw=0&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=oktyabrskyorsk.orb.sudrf.ru&js=0&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js(Line 1) Message: 2021-02-17T12:40:11.365Z IVS Player SDK for HTML5: SDK script v4.54.3 loaded.
console-api	warning	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js(Line 1) Message: Setting key through IVS.config is deprecated, please set the key through Builder options
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js(Line 1) Message: 2021-02-17T12:40:11.366Z IVS Loader: Config set.
console-api	warning	URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001403(Line 49) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js(Line 1) Message: 2021-02-17T12:40:11.819Z IVS Player SDK for HTML5: SDK script v4.54.3 loaded.
console-api	warning	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js(Line 1) Message: Setting key through IVS.config is deprecated, please set the key through Builder options
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js(Line 1) Message: 2021-02-17T12:40:11.819Z IVS Loader: Config set.
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js(Line 1) Message: 2021-02-17T12:40:11.831Z IVS Player SDK for HTML5: SDK script v4.54.3 loaded.
console-api	warning	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js(Line 1) Message: Setting key through IVS.config is deprecated, please set the key through Builder options
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js(Line 1) Message: 2021-02-17T12:40:11.831Z IVS Loader: Config set.
console-api	warning	URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001403(Line 49) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001403(Line 49) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2304d494e1ffc5737ec8ac47d45199a5.safeframe.googlesyndication.com
512603063efb978512386277d3be6264.safeframe.googlesyndication.com
87joojin3fb.ru
a.ivstracker.net
a.vfgtg.com
ac0f126b590141b9b50fcf1fcffb3b37.safeframe.googlesyndication.com
adservice.google.com
adservice.google.pl
api-maps.yandex.ru
cdn.aralego.net
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
ckstatic.com
click.junmediadirect.com
code.jquery.com
counter.sudrf.ru
d2wy8f7a9ursnm.cloudfront.net
files.sudrf.ru
fonts.googleapis.com
hdrbd.ivstracker.net
hello.fuckbook.tv
imasdk.googleapis.com
img-s-msn-com.akamaized.net
ivxplayer.ivideosmart.com
mc.yandex.ru
oktyabrskyorsk.orb.sudrf.ru
pagead2.googlesyndication.com
parking2.parklogic.com
player.ivideosmart.com
r.ivideosmart.com
r.ivstracker.net
s.aslnk.link
s0.2mdn.net
secure.cmvrclicks000.com
securepubads.g.doubleclick.net
simcast.com
stat.sputnik.ru
sync.aralego.com
sync.search.spotxchange.com
t.adating.link
tile.openstreetmap.org
tpc.googlesyndication.com
vpaid.pubmatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.openstreetmap.org
yastatic.net
vpaid.pubmatic.com
142.250.186.34
162.210.196.208
18.195.149.11
18.197.237.28
185.94.180.125
198.134.116.18
2001:4de0:ac19::1:b:3a
2001:978:2:2c::172:d
205.185.216.10
2600:3c02:1::2d4f:f40e
2600:9000:206f:8600:1a:f2c5:bfc0:93a1
2600:9000:2127:3000:e:a106:a680:93a1
2606:4700:20::681a:567
2606:4700::6810:125e
2606:4700::6812:e234
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba39
2a02:6b8:20::215
2a02:6b8::173
2a02:6b8::1:119
2a02:6ea0:c700::3
2a04:4e42:1b::621
2a04:4e42:1b::729
34.197.15.189
45.79.244.12
5.143.224.43
52.76.22.239
52.76.37.30
65.9.58.8
65.9.91.169
79.133.87.8
018551b6a5d0d1e2c4be92162162e7ee9ef34f0ab3b0315bb5c524e4b388b0d4
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
066178ab43861f58cdd20a1035d8f65ebf9e45d5e8e9e6ceed149c106b1fd7eb
066955d722c79000b012be811aa1a1b2cc5b7205c5228a70886e6b959e53e976
07f145e939216c55862ca4c71d4da3929ff32381443df27bca06424cf41692c3
08ce8f55a5e0e44c091aecc3072861afe3a0770d1160d43e53305a9d29bd367c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b75e40b5c122e8eea9eee5a98acd2494f116ae5c325a38bcf79e9d6b8ebc5c9
0c55aac30ac48360d573d5c998f9f60412f898a18ac9ac64886d9d0e854f8979
0c6373801647c3563d7c191c2b7fac05d3bf649fb6b7f74de58f4f8949fe096e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10072f1e04f1ba8175a8c3924e92614a8528bedc7f6ce9beabe7626d24c29b22
1082b879cd43a0dec9ab3cc9ae2ddad7426c64e73fed45067c89afcac5bdd227
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
149a2f167e094cd940bc3293b941528e038917061054326e7aeb072d8f94b26a
15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e
1816d33079fc42ac6d0e24eb736e64ce38e0dfde23672d232edbd27b9eee62c0
1b4e2df224973caa007d063d6307f921ef0f1acb2abe15b5b8b89772feaae29e
1b52454404fe1806a4e8078acce90cabaa099cac0fa80566a01ee298df173622
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
209a5227f46f1acd75de1f99fbf200087e5beb30fb69e22b74209d1b9cda9e43
231e4d087ed49138cc210153632128a77fc75e281c5ca7254dbb7356cfc6d4ad
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
23f04f552b78a8607328f002e73650b6bd9f9daf4bb458ba571ecfef950e56dc
248abff25ccc2999d056cb76cda6a00b811f7859a0eb06bdb5cf680d28fbf2d4
25a2d0e7c65b61d3124956ae7e402b75c18c3cfd684f20bb813fb213aaa99786
263af8adfff945e13f719f75f5ceb3f076dc6d8ada3fae24228053065fb6718a
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
30fbdc3bcdb5d192dcb0794f38c72c163d833e3e6a26825bfe888dbae78d1c67
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
32e3eec9a924202b839cab09cb0f7ae26e65f9ea1f886d077d69ada1884178e0
33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd
363a1bda554c56b679c1f988a590565704627920a23fc302f89deb4b6bfda565
3c30d9beae2f3a31440cfe2421977bf416d2ad9f473b22951277ff3065e1d8fe
3d40816de353cfeccf46dc8b4ea80d2801cecff89e3f37dd95b4d473ea68d030
44f4c4b4880af1f974aae99eb91e9fd77179ddc4d35f959159740f149804bc1e
45462ca58b2b14c8cd755fe8f073a5bc6272680ef0622c2934a2e8ba480daaab
45579bb9fe8be3b8c3f1076a693c899f4c0bdd05320de9e5e6293661b575c02f
46006f2ffc8a8e86f64f3e649244c7870ce4909fea3bf95af5c4c7bbd4ae0d30
4833fc7ef5957c380151e29736138277f85e045c5be897580f7a12eda78006a6
48df5cd7cd4d381bc89a1bea9eae507be54c8d1f74fe8eca345a483906badc10
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b9cd48b66d6d503827e4b933cb4466fab14005180037b95a180494bfa98daef
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4ec859792750d39a1c02ab387fbd95f31bdaec8b8e1ecfb74a0aaaca661d2b9f
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
5029ef4d789762960d2a7a147360b9aedf3a25b2d5fe423fa36891a16aa9ae56
522be6e519408f7d56785f3e31bc8d050a32a5b79c8ec822dfcf3d8579f58215
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5512f400cac3fbb1fdfbb02989ed098f88a2af5a6e4ba3d88a039bc421ea7ffe
5677a0d4d9c566052cb2b4e67411461ad04d690c00c316b371ab759b1c29b145
569412044c38c2bea3e7fe86b0adf72eb004e84abafbf4eadc951b7026a4e976
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
58b848223d98c6dec8cdebff01def77b7b4fbb2cb866aaf9f14628d63eff7ca8
59290f79b516e97d9abad3d83c67459636db4f3260fb1b88a75921ef3938bb7b
59419b056537d451a62e0a356c0fbce98c42aaac1f066d3c54a1ef313e422334
5f85bc052b616b40afea5aa9404ce191962eac638513c89da22e899606df4df5
60a3490fd1afcf46ff0867cd7e05085c36a9715cde9c158df780b656ff645685
60bfd02abedb2a031ba5dda484e6c137b9a7c4d821ddda623facc21fd0814b4a
61e9ac4901c4b6384636090bc8f501f266d400cd2074a9ffc11045ca5c7c68c4
622389a165345ce9238ee0db6a0407c84fc6f42a95d617243636d23878b1c7a6
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
62ff0b037ac7948642bc0749ef70716eb41c4e4c8f1b668c102a32580200bec8
63412f01c0b2325e258cfed1b7a5cb4b18f68e523bd3fc64e452f1309c8a812d
63605aeb9a71eccfa62508f9d1c7ddd645bba6a6894ce9cd182501e73b4d4411
63c4118b2bc2d3b3da298a6bcefa57246f7969db2574cacc7a12ae7ab0036d13
64176276a4a18bf622c5bfc5be0336a187be4d16a0e2017a26a4bc8d1dd5589f
65029cd6cc61b78a405703655d664539b6201b56f2ec2a205447a3a3c529d593
65c75933bb39086a6cd7513f86c40ab6d4b2512e12cbf5f4e218dac023400ec2
66109913f2822c41c56c88299701fab6e98eacd1c10c2934fc96843e5ce5aad9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be6dbd83a1d29f762151ebcccdfd5b260b06277051ec10ac92d4545a8fd1840
6be976f68ea8f7910100178760a6be09f7a85a35bec4ceb610569007b288e989
6d072dc01f4291909389823f0dd7ad7b7acf1d3a0b00da1dc84aee32e03bf5a7
6ff1c6b1f8ceeb0cbb7216b55f3749a33eb7f6e71957dc45a9460403a7cd8644
74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2
75189de31f58b2d7e9e7154f473c7e2115f419edb92a3cefbfd25c894858673f
76c4d61c00b913369b43e2eb89dc6529ce9d1d350d189930d3bb4332478d8438
772904df9d55182098103a90a6b86e47523c3193b6f69b0cb92bf61dfacaba9b
779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875
785f875b00c33e9b5372d7ada25ba6200bd430db1f01a58eb3ff8eb3c31e7257
7c71d6ed5df5d69bf38e97ec679045a9c90264585b22b604f3c26c13e60b5cd5
7cfe6a10f24cfde45ba6f286a71c1e15476c0d9469434ad7dba61cea1e74cb9d
7d671fec43fda18d014d5c6072475c4c74fadb916db17303769920fcbf6ce5fa
7f3f194ec57a8deba117d04f687b0610405aa3a691e293690868ecd21a53ad64
7fcd755da0caede32e1258930ee9ef2eba1fcc808e2da898655732b0e2f7e13f
80692cd2f93edd12ffef00a9ce19b1f31d4eb711da2f4d3e045d2a5ed406ce02
82af2a0ae337f1d9f253987bc2ef24e798e381e20a934dd6772580ddd6872db1
8380896772684889c455700d8f48d4e64eefffd68aefc759e149d19c52024178
83d620321e127757d6d2b7517c85cb8eea2c28b6eecb2330198bf16fd83419a5
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
87d2a93397e4ef70cd8aa7bd0bcbe63a537278b7c2da6d5c8101c9f287b4ea07
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
885e79609a907cfddf8dc37e809b60cc648427de8b98e39cebc7d64ff1be9228
8a37a4a4ee2ef80af64c05dc78ba6015976287e181b86398407f468e902bddad
8ae15fad210e68e366a30b51cfa5afc0cb95bab5c67de83c05b11ce0cedfe802
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8c13e72184c194fdadb746292c1da357a26c320b53b5a8708ce4d758de79e514
8e9fd910d2acb98470b5aaf583adeb2c33ab8096642d5ced54ba0eba4f42fde2
8f8c0a1cf01bf7eb996724d52c767e1070ce22afeb9714c7b492b0a774f41455
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
917b028b3d50f93cd30aa593328bca55686d566c1f2854704e82185c1d7925f5
93423dc19c305a53046031cab1826e7613f88901a548fdcdb4336c8afd141c8a
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
96a72659a5c7711afb54369e2dcb9e1568bc720022a7dff6cd0d86a99f3fc982
9b35fd5662b947c0f4171e7151a3ec0dfeae870f1e0b4965618b6a8925f328dd
9cb6284baf8d5785254eeffc17cf53bc32d63e7ae881dd2fef8da67c32397d8a
9dd0c8abb83e7f24cd84b5342c2bec45e14e7999dc1582987b5295f7dca2efbb
9fbbf200dbf021f29455b9d6d7f30684651c947c2a4efb2d25c899ba8aa0305b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a1807749421289c879874aa8e2dde5d217a8a6c8a058b1e5338cdefbb94c4b47
a3bc83f9c907d7ebbbff9cd6a3c7264087732f2b6aafd1af72354917b50752bd
a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64
a54d736b8c7c9f30bc5549a0919456932835f7c48bc70e60770c819b90585cfc
a616191739c34a7e06849d477f62511c9e5fba6cee3619b9974f1022b1a6b7a1
a78fd25e34139b8bc2e57b1c4b5605cae54e6757e729cfd60d944597189f261d
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
aa3dfa8bde9ad45690a9905401ac64cb44c1724db4d665fa4670de3190cb9886
b11f7164b878d9d39c5f9dd97a22e3bf2f8bd338543400f78711d878ed5bbe8a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15a37cb040e2260d22cc829c0fba941bfcc80b189eed02a953bb109f1592090
b333a78ca139124c42563c1087affcfdbdcfd1c729a4492d77d0a23131e5a354
ba66f541fd81ac7c99d86bac4cf071c9f0000f408b7487afc1bd5e35e20b87fc
bc6174c58f3b03eaf9a7d956dd3562e785e1189ea23dd71a6cf7c6f0e8d8c8b7
bcdfa7f53c57a13941486b881e750d732dddd86be44fd16054b293635fc6bcdf
c107c46bb1294b24f52aefad38ca86f6debc075d096b99cc10984f2c2335dfa3
c66b29890269ffbea3aedb6930f93a2da2150da70ebaf6a6a9294f8f9bc09086
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c783873ff47a4267dfce638b7ec12c7d540338941c3780691cf2128a2a098ad4
c9982d600c46e6b6d7a634a92df5e6ef8a84157023bf6d6a45c4d23c0d182aa7
cbcbfdfd326b9a628dcf5af943a7ea8fa9bccc0d7733e4cabd94da561179bfe5
cd67da33f9059d87720bc8f44b603b2df075976912d41d4dd85fa6386fd23d15
cd71d8a267e6931dcd1772be1ddf9d1b8120f469985b4600bf064757850b5353
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
d2e6ffc115dfb4bb743c67250599d10d2eedc5e5ae050fb78b482a196ed05a39
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d66b81539befc6fb2dae815908fbdf0ff8796727404e592eac2aa836b9018356
d6f1b7cd2dbf678557a2ff3d6a942fea98bfb3f635004a7f7f2b6afbc59b9c72
d93992bfe481bab44f1e9e3474a1c1bcbb9620a49308244650f688294397dafd
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
df13b88b18295cf23f7afbc5b89f4c8b30378afee1ba0dc584cb07e90b5fd8c0
e16b9ef2ff7cd185ece5bcc1ac32782c99b665eb78c080ad4779e4c7658256b4
e1e01c6786003873353d35ee51f82fa792e55e0a9fbfb26b4d64f3792a95fad4
e3adc426283f8a6705c564483ff2e106dbbce868f6a7f08eba54a206372f56ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7641e313e74d0615d6368032d41c791ab6ceef64705a2db52948c2f5205e9ac
e7b8ac018c02d7f6e1d765a5dfe8d8a231339c8c2afc59d47b6355823195507a
e85a2b5c32cc8744be7467165529f587341d45b0ba3ec36dfc8513d202dbec01
e86fd19ce6330e2e00d7ea818d3c7497c18cdd53ea4bf6400e525fbf1e104d47
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
ebdb4bdad1d806aabc46e250d161083ffe6d86257357a85ecf46a351e35b3cae
ec9eff91231fb2886c12a055d47ed9dd765b962cb58fe730021fbe98aa694ac5
ee8f6966cc5af322e27eb42fb1eb0fb7e6660a9b09925a5d27abb3de7da8f4f2
ef9dd6bfeb48deb6f5395365a97b5a6cb666437e09198c3186856c73554d7451
f1f3fd9aa5d2f2ecb632ad80ec2f1ba327594d36088e6f26a56f811db239db50
f83388a16342353f3d72874143cfe959f369a5ea0fb674c7c982b1625f0a8d5f
f9feefbc496011aee2106288dc88148e0af7e306cc8e0efc56a773a0bbac3375
fab0ce7f6462ecb77026b7ebe9c07f478a784c00eb03160bf2ac7e9abab84e51
fafe7427fe35ca6019feaa1503ca63fac2b266c39cde179ff57b277d0c872cbc
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
fe36091ff384e62412789ec0e25e0686bd6f50aa7e23f07446f9600f9f977b56

oktyabrskyorsk.orb.sudrf.ru Open in urlscan Pro 79.133.87.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

350 Requests

86 %HTTPS

66 %IPv6

36 Domains

50 Subdomains

42 IPs

5 Countries

4991 kBTransfer

13499 kBSize

0 Cookies

15 Outgoing links

Redirected requests

350 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

oktyabrskyorsk.orb.sudrf.ru Open in urlscan Pro
79.133.87.8 Public Scan

Screenshot
Live screenshot

Full Image

350
Requests

86 %
HTTPS

66 %
IPv6

36
Domains

50
Subdomains

42
IPs

5
Countries

4991 kB
Transfer

13499 kB
Size

0
Cookies

350 HTTP transactions
0 data transactions