simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ==
Effective URL:
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Submission: On October 18 via api (October 18th 2020, 5:12:05 am UTC) from BE

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 9 countries across 20 domains to perform 67 HTTP transactions. The main IP is 45.79.244.12, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	144.217.171.217 144.217.171.217	16276 (OVH) (OVH)
1 1	109.234.162.107 109.234.162.107	50474 (O2SWITCH) (O2SWITCH)
1 2	2a05:d018:483... 2a05:d018:483:6110:7c95:4bfe:6d80:65e	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:483... 2a05:d018:483:6110:de04:6bd7:82f8:2d00	16509 (AMAZON-02) (AMAZON-02)
1 1	18.197.242.25 18.197.242.25	16509 (AMAZON-02) (AMAZON-02)
1 1	52.28.86.101 52.28.86.101	16509 (AMAZON-02) (AMAZON-02)
1 1	69.16.231.150 69.16.231.150	32244 (LIQUIDWEB) (LIQUIDWEB)
8	45.79.244.12 45.79.244.12	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1	2600:3c02::f0... 2600:3c02::f03c:91ff:fee2:5b0f	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14 14	194.146.24.56 194.146.24.56	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
30	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 8	63.250.58.116 63.250.58.116	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
8 8	212.115.109.66 212.115.109.66	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
6	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
67	16

1 144.217.171.217 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)

berhilpress.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.234.162.107 (France) 1 redirects

ASN50474 (O2SWITCH, FR)
PTR: 109-234-162-107.reverse.odns.fr

riftv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:483:6110:7c95:4bfe:6d80:65e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cd-down.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6110:de04:6bd7:82f8:2d00 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

gdmconvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.242.25 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-242-25.eu-central-1.compute.amazonaws.com

t.insigit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.86.101 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-86-101.eu-central-1.compute.amazonaws.com

www.meetdate.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.231.150 (Lansing, United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: mdlb01.parklogic.com

www.rdr4trck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.79.244.12 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c02::f03c:91ff:fee2:5b0f (United States)

ASN63949 (LINODE-AP Linode, LLC, US)

cadet.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 194.146.24.56 (None, ) 14 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img2.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:26f0:6c00::210:ba20 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 63.250.58.116 (United States) 8 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img3.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.115.109.66 (London, United Kingdom) 8 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img4.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	akamaized.net img-s-msn-com.akamaized.net	2 MB
30	smartsearch.me 30 redirects img2.smartsearch.me img3.smartsearch.me img4.smartsearch.me	7 KB
10	googlesyndication.com 1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	24 KB
8	simcast.com simcast.com	102 KB
6	doubleclick.net securepubads.g.doubleclick.net	124 KB
2	googletagservices.com www.googletagservices.com	56 KB
2	google.com adservice.google.com www.google.com	246 B
2	cloudflare.com cdnjs.cloudflare.com	4 KB
2	cd-down.com 1 redirects cd-down.com	5 KB
1	youtube.com www.youtube.com
1	google.nl adservice.google.nl	890 B
1	parklogic.com cadet.parklogic.com	2 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	jquery.com code.jquery.com	30 KB
1	rdr4trck.com 1 redirects www.rdr4trck.com	341 B
1	meetdate.xyz 1 redirects www.meetdate.xyz	1012 B
1	insigit.com 1 redirects t.insigit.com	1 KB
1	gdmconvtrck.com gdmconvtrck.com	1 KB
1	riftv.net 1 redirects riftv.net	353 B
1	berhilpress.info 1 redirects berhilpress.info	280 B
67	20

	Domain	Requested by
30	img-s-msn-com.akamaized.net	simcast.com
14	img2.smartsearch.me	14 redirects
8	img4.smartsearch.me	8 redirects
8	img3.smartsearch.me	8 redirects
8	simcast.com	gdmconvtrck.com simcast.com code.jquery.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	simcast.com securepubads.g.doubleclick.net cd-down.com
3	pagead2.googlesyndication.com	simcast.com securepubads.g.doubleclick.net
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	simcast.com
2	cd-down.com	1 redirects
1	www.google.com	securepubads.g.doubleclick.net
1	www.youtube.com	simcast.com
1	1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	cadet.parklogic.com	simcast.com
1	cdn.onesignal.com	simcast.com
1	code.jquery.com	simcast.com
1	www.rdr4trck.com	1 redirects
1	www.meetdate.xyz	1 redirects
1	t.insigit.com	1 redirects
1	gdmconvtrck.com	cd-down.com
1	riftv.net	1 redirects
1	berhilpress.info	1 redirects
67	25

This site contains no links.

Subject Issuer	Validity	Valid
cd-down.com Amazon	`2020-04-22` - `2021-05-22`	a year	crt.sh
gdmconvtrck.com Amazon	`2020-03-21` - `2021-04-21`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.parklogic.com COMODO RSA Domain Validation Secure Server CA	`2018-12-16` - `2020-12-29`	2 years	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.google.nl GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Frame ID: 5E55C349D42A3ED207464EF360AE2393
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jmZlp9o9KQo
Frame ID: C47792EB10E5541069722209868F3364
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3IAOa3d7hSSNqIqakI6WljXJmSj5KuE39U-TP7yiYxbBE4GRZZ7ZYPBTWaLE8hrxQY3CWwPznYRYxO7OH6I88uA4eWE5CBPcU2GvSGuke5AksBGMOQGsIa5TlUwg4zZHxMhR4bG7cRXQyBeQqqulxRReAmiqPQtejjXk3toQGHCqGfd52Plpsq2fh1F-SV7h8WwZANUTb9GWKIGEHIc1fva1kX6fNzY1uDVp7yRm2NWFFsfJnrzI9-BErvlf5LVE44pIGTA&sig=Cg0ArKJSzLAL5V9dWyJNEAE&adurl=
Frame ID: C1616475248B4212DAE50163EBDA14F2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: FA76EFC26EE5541FB2040C20943FA103
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ== HTTP 302
https://riftv.net/LGPZS?sub1=1&sub2=9166&sub3=12318&sub4=798&sub5=526145 HTTP 301
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd Page URL
https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1602997905888&h=b4062e... HTTP 302
https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f... HTTP 302
https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=390e6... HTTP 302
http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cD... HTTP 302
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr= Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

67
Requests

87 %
HTTPS

57 %
IPv6

20
Domains

25
Subdomains

16
IPs

9
Countries

2147 kB
Transfer

2623 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ== HTTP 302
https://riftv.net/LGPZS?sub1=1&sub2=9166&sub3=12318&sub4=798&sub5=526145 HTTP 301
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd Page URL
https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1602997905888&h=b4062e03c3c8292ce8f677430cdb7327c585a620&req=https%3A%2F%2Fcd-down.com%2Fsmartlink%2F%3Fa%3D93640%26sm%3D4612%26s1%3Dmm%26s2%3Ddd&mt=3&svi=6118a2c6c5274fdfa03e00a3afc4ae68_1602997905888_10_4612_-1_-2_-5_8953_61&o=53216&dl=t&us=89a824a6c66e42f19f154e553f5f2795 HTTP 302
https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=43e89b8ded494a3f984897fa8f41ef7acfe0&utm_sub=opnfnl&m=ps HTTP 302
https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=390e6e81fb506f5fb160d0d653c8df7b334a03a9&s6=43e89b8ded494a3f984897fa8f41ef7acfe0&dci=a85f5530c55ce938f9f1ea7747928dc8f709e5e0&tds_host=t.insigit.com&tds_split=a&tds_campaign=r1992shy&tds_id=r1992shy_lp_a_524562638273_adsbridge&tds_oid=926b90433b7736a8_&tds_cid=390e6e81fb506f5fb160d0d653c8df7b334a03a9&tdsId=r1992shy_lp_a_524562638273_adsbridge&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=43e89b8ded494a3f984897fa8f41ef7acfe0&utm_sub=opnfnl&m=ps&p_tds_cid=c0077a87eead132a01087fda993bf35506e2e741&tds_reason=direct HTTP 302
http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cDovL2ZpbmQtYmVzdC1kYXRpbmdzLmNvbS8%2FdT0wMWE4ZWt5Jm89MWRsZGw3ZSZ0PTM3NjgyNF8xMTNfZjE1ZGViYmMmY2lkPWpiZXRvNWY4YmNlOTI1YTMyZjM2MDc0MDI0Mg%3D%3D&action=action_tmp HTTP 302
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ== HTTP 302
https://riftv.net/LGPZS?sub1=1&sub2=9166&sub3=12318&sub4=798&sub5=526145 HTTP 301
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd

Request Chain 12

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1yS3dvWWlLRkMzRURobzYzMkdoUHl2dVlkUVY2UGlTUFoyRFo4TkIyd2dEcFdIZGtpNmwyZkFjRDdNekxxN1M= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800

Request Chain 13

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGhTVFZoblJjSVdIcFJqSlhiM2c2UkxkZnRudVF6TzFlaVc2WXpSVWdqamNscUJnbUNoOXdDempDWVdZcTN3ZzU= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800

Request Chain 14

https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Request Chain 15

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHY0cjRZbWlrZm83NkRRajExSHIzY2ZvTys4eXVIcXZrR0RnZzdkeTRLeEVaMnFza08vL05lUmJ6RG45aWpsUlE= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM.img?m=4&w=800&h=800

Request Chain 16

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Request Chain 17

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJnYU9EVXhmbEJsam5CRnFkTzdFMXFWdWlma3o0U1k0cDY4UjJyb00zT0VFV0ZWNnBoejNjeEM1bWg2MkxKNTA= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800

Request Chain 18

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Request Chain 19

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdubmZkcy9RWWVvRnhhTk5jd3VwaGw3bTVrT3FzVTJiR3FDTmxoMkJFRkkzY1pXTXJWaTRuaVBIYzFzVWVMeU0= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800

Request Chain 20

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Request Chain 21

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZiVUdhTnJCZ1dkS2ZSeGNOUGlja3JaWVRpTDVpamdiVGFCc3V1RzNTRG9zVVN6bktzK0tMRUxFR0lQb09tOVU= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800

Request Chain 22

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Request Chain 23

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZpakNleDY5cUZlVGFDSWRVR3p1eU83SjBlQXJLcVBxS3ZuT3FKQnRWWFpNTnZmYy9sTExaRUliOEpRS2c3K2c= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800

Request Chain 24

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFVPV2UxWURXellFUmVCQVZBb3hIbTBNOWJRbUdpbDAzRlBjNGVUUERDK3c9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img

Request Chain 26

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDNsTVMyUmozWTkzT2d4YVpqNGI3NDhGN0NtbTZwczJUYnFEQlRWakk3azJCSmlIN0NXSm1yOENNY0ZvOVRhWG0= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ.img?m=4&w=800&h=800

Request Chain 27

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Request Chain 28

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFlkRFVBV1dyZHJXNmFTbmc0MFhZZE5qR2owb3huYXlIdyswZkJ2WFFUajYvblJBM1dKZy9PeTU4Qlg3eEZ0SEY= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800

Request Chain 29

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Request Chain 30

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGNBaXZlU3B2RHptejhyWU1pT1Z1MGl5WE9HeDJWcnJ4SGhOeXlyb1IvYmZFVUE5Z1V5Z0F0ZTUvUE1hYndWS20= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800

Request Chain 31

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEEycFJpeTVPQ3EySjluVGc2Mk5aQ3cyQTkrNm9XMyt0N25OUmVSU3o3K2ZoaWJXRFRKZGFQMXFKc0dpNlhDYlk= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800

Request Chain 32

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVXaFRTcXBiajBEcU1sVFVmdDFhd05oajlGeGFBZzNCWDBhcjJwNm9PSEVvaG50VXMyV2tFRXFqSnU0V0RHeXY= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK.img?m=4&w=800&h=800

Request Chain 33

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHF6WHRPeENsN0VOT3p0bUxBd1FOS2hCVVF0N1o0UmZPMUlSQTVRTmRlNmFvdSt5V2tWVzVNK3NFV0xCeGlsQVc= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK.img?m=4&w=800&h=800

Request Chain 34

https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Request Chain 35

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGZDMkpFUFBWRGpPckUrOVBsc25tbDJCK2FwWVNjMHdUVHplN1RKMFFtcm9HK3hmeXZIN2JxMzR1SzdkVTB2bUo= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI.img?m=4&w=800&h=800

Request Chain 36

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdVcmM3a3ZMalZ6RXVFWDk3UkhSNGtSZ0VsbnN4U3I1aytENjBCUkFlUkZVSGE1c3F3QTBJVlFrSDdaai9lQlA= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw.img?m=4&w=800&h=800

Request Chain 37

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDF3YTkzZXdSVkViUXRVWUpwVTFwRWtONzdhcDgvQnYvU2t0U1lMZFdHdCtWR2JaUC9GRlE5Rk01VHEvUlg3OW8= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi.img?m=4&w=800&h=800

Request Chain 38

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHUycnlWcnZWSW1YQ2g4WnM4V1Jza3VlK3BpcUhFWWhFV2NtK3FiampCMUExb3FKUUh0L090L1BFdWIwMmxmQnM= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT.img?m=4&w=800&h=800

Request Chain 39

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGxWSkVTKzFGL0EzUjY1SkJPOVRVMDR5TThvVm83Q2o5QlZNRlg1RWtidnA1Z1k1OXlkK1lMMG9vQW5HbFJJbUg= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv.img?m=4&w=800&h=800

Request Chain 40

https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Request Chain 41

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGRkRm5IS21vZkN3WEl3bzdqMUxRalVEOHpsWDhleGxlRTRIbDhHNFRkYSsxU011b1ZYNWszT292UVprUVl3VTY= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR.img?m=4&w=800&h=800

Request Chain 42

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZIRzU2NEFpZ0ozVzN1Zm5LZ2d6akhuS1RCbFJ6R2dCN2JqNElrcFl3WGZHZGxuMmgzWUdkb2lid3ZZTUd4aHg= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ.img?m=4&w=800&h=800

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
cd-down.com/smartlink/
Redirect Chain

http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ==
https://riftv.net/LGPZS?sub1=1&sub2=9166&sub3=12318&sub4=798&sub5=526145
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd

2 KB
1 KB

116ms
49ms

Document
text/html

2a05:d018:483:6110:7c95:4bfe:6d80:65e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:483:6110:7c95:4bfe:6d80:65e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 85dfb8372172f2427fc075d42df146417de9064e702fd50a9aa9170bcbfe46eb

Request headers

:method: GET
:authority: cd-down.com
:scheme: https
:path: /smartlink/?a=93640&sm=4612&s1=mm&s2=dd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 18 Oct 2020 05:11:45 GMT
content-type: text/html;charset=utf-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip

Redirect headers

status: 301
date: Sun, 18 Oct 2020 05:11:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
x-powered-by: PHP/7.4.11
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=29bd19eac1daa22a6a8fdbf8a553ce1a; path=/ short_LGPZS=1; expires=Sun, 18-Oct-2020 05:41:46 GMT; Max-Age=1800; path=/; HttpOnly
server: o2switch-PowerBoost-v3

GET
H2 200 user Show response
gdmconvtrck.com/ 1 KB
1 KB 90ms
30ms Script
text/javascript 2a05:d018:483:6110:de04:6bd7:82f8:2d00
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdmconvtrck.com/user?a=93640&c=169426
Requested by: Host: cd-down.com
URL: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:483:6110:de04:6bd7:82f8:2d00 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c294a3cb6cdae6c26be664aacd29495b24b9d3f98e4c94efcafa0347c341b66

Request headers

Referer: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Oct 2020 05:11:46 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *, *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
expires: Sat, 1 May 2020 12:00:00 GMT

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
simcast.com/
Redirect Chain

https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1602997905888&h=b4062e03c3c8292ce8f677430cdb7327c585a620&req=https%3A%2F%2Fcd-down.com%2Fsmartlink%2F%3Fa%3D93640%26sm%3D46...
https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=43e89b8ded494a3f984897fa8f41ef7acfe0&utm_sub=opnfnl&m=ps
https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=390e6e81fb506f5fb160d0d653c8df7b334a03a9&s6=43e89b8ded494a3f984897fa8f41ef7acfe0&dci=a85f5530c55ce938...
http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cDovL2ZpbmQtYmVzdC1kYXRpbmdzLmNvbS8%2FdT0wMWE4ZWt5Jm89MWRsZGw3ZSZ0PTM3NjgyNF8xMTNfZjE1ZGViYmMmY2lkP...
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

44 KB
9 KB

891ms
870ms

Document
text/html

45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Requested by: Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/user?a=93640&c=169426
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 04f3b7f5c6c7f408ffffcae86522465cb634e081cecd99f223ccfca32374cce2

Request headers

Host: simcast.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd

Response headers

Date: Sun, 18 Oct 2020 05:11:46 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=0gtda5ib42l1il9qodm9drt05m; expires=Mon, 19-Oct-2020 05:11:46 GMT; Max-Age=86400; path=/ NB_SRVID=srv8226216; path=/
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8871
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 18 Oct 2020 05:11:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 23ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: http://simcast.com
Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:47 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
status: 200
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1602997907.dop129.fr8.t,1602997907.cds289.fr8.hn,1602997907.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 13 KB
3 KB 229ms
214ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 05:11:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Sep 2020 04:24:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "34cd-5af8edec19a40-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2953

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 241ms
226ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 05:11:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 03:45:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "daa3-58d2345dc71c0-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 12209

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 20ms
16ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:47 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3386
etag: W/"af07e3bccd7885748057bb532c526ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 5e3fc2bbdd721f35-FRA
cf-request-id: 05dbb8096700001f35b1355000000001
expires: Sun, 18 Oct 2020 17:11:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 91ms
33ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

ef588ce6c368027bf4991044820407679e8d9223039a7379aca837fe2a10a588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "666 / 491 of 1000 / last-modified: 1602886436"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17666
x-xss-protection: 0
expires: Sun, 18 Oct 2020 05:11:47 GMT

GET
H/1.1 200
OK enhance.js Show response
cadet.parklogic.com/page/ 2 KB
2 KB 438ms
110ms Script
text/javascript 2600:3c02::f03c:91ff:fee2:5b0f
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://cadet.parklogic.com/page/enhance.js?pcId=56&domain=rdr4trck.com
Requested by: Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02::f03c:91ff:fee2:5b0f , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: c63b049f72ef1f0ae5cd28334a6b7f66cd1a44fc4f2df74902a3c24c93e1355f

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 05:11:47 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: Keep-Alive
X-Powered-By: PHP/5.5.38
Content-Length: 2221
Keep-Alive: timeout=5, max=100
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 224ms
206ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 05:11:47 GMT
Last-Modified: Wed, 26 Feb 2020 07:27:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "527-59f758988fec0"
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1494839
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1399
cf-request-id: 05dbb8095d0000c2a453819000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602997908"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e3fc2bbc851c2a4-FRA
expires: Fri, 08 Oct 2021 05:11:47 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 15ms
10ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1499352
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1541
cf-request-id: 05dbb809640000c2a465864000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602997908"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e3fc2bbd85bc2a4-FRA
expires: Fri, 08 Oct 2021 05:11:47 GMT

GET
H/1.1 200
OK modal.css
simcast.com/widgets/modal/ 577 B
633 B 232ms
214ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/modal/modal.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 05:11:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Aug 2020 23:13:02 GMT
Server: Apache/2.4.38 (Debian)
ETag: "241-5acb6544e5b80-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 272

GET
H2

200

BB1a7VIG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1yS3dvWWlLRkMzRURobzYzMkdoUHl2dVlkUVY2UGlTUFoyRFo4TkIyd2dEcFdIZGtpNmwyZkF...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800

75 KB
75 KB

59ms
19ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

6a2dbec1a367fc4e1c33dbaae1268daa467995128f60cb04ed5cf4102af03965

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a7VIG
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 262550
status: 200
x-activityid: 72509a31-bb7a-4e60-8b42-6fc0b995512a
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 76492
timing-allow-origin: *
last-modified: Sun, 18 Oct 2020 05:08:01 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431831
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG?m=4&w=800&h=800
expires: Fri, 23 Oct 2020 05:08:58 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a8uNb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGhTVFZoblJjSVdIcFJqSlhiM2c2UkxkZnRudVF6TzFlaVc2WXpSVWdqamNscUJnbUNoOXdDemp...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800

54 KB
54 KB

60ms
21ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f783b41bec7d99f1033609e173ef2a709d034f841d6efc878286330170f16f9b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8uNb
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 208810
status: 200
x-activityid: 61294d02-6b09-4728-9491-0a16b2fa82c1
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 54964
timing-allow-origin: *
last-modified: Sun, 18 Oct 2020 02:19:49 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=421658
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb?m=4&w=800&h=800
expires: Fri, 23 Oct 2020 02:19:25 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

660 B
1021 B

83ms
44ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXuBZ
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 660
status: 200
x-activityid: 377e4e78-bb46-4d46-bec0-6f0394a3f0bb
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 660
timing-allow-origin: *
last-modified: Thu, 15 Oct 2020 20:03:28 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=226325
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
expires: Tue, 20 Oct 2020 20:03:52 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a8rTM.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHY0cjRZbWlrZm83NkRRajExSHIzY2ZvTys4eXVIcXZrR0RnZzdkeTRLeEVaMnFza08vL05lUmJ...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM.img?m=4&w=800&h=800

161 KB
161 KB

48ms
9ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9c49b31d843207871ca2278fd2dc6eb557e04eb41c2eef70f7df82104bec9282

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8rTM
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 680749
status: 200
x-activityid: 0ff1a541-b429-4f2d-b64d-8c91b03e13b0
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 164550
timing-allow-origin: *
last-modified: Sun, 18 Oct 2020 02:19:49 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=421666
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM?m=4&w=800&h=800
expires: Fri, 23 Oct 2020 02:19:33 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

660 B
1021 B

83ms
44ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXuBZ
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 660
status: 200
x-activityid: 377e4e78-bb46-4d46-bec0-6f0394a3f0bb
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 660
timing-allow-origin: *
last-modified: Thu, 15 Oct 2020 20:03:28 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=226325
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
expires: Tue, 20 Oct 2020 20:03:52 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB19TfvG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJnYU9EVXhmbEJsam5CRnFkTzdFMXFWdWlma3o0U1k0cDY4UjJyb00zT0VFV0ZWNnBoejNjeEM...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800

97 KB
97 KB

60ms
21ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

d6dc570ca5cb8f584dce75241aee186b6a20f22129bc3b1c3adf842fd196c682

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB19TfvG
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 405033
status: 200
x-activityid: a93a0b2a-2910-4785-a5ba-b0731946f4e5
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG?m=4&w=800&h=800
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 98895
last-modified: Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=413045
timing-allow-origin: *
expires: Thu, 22 Oct 2020 23:55:52 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

195 B
555 B

13ms
13ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBj0TsQ
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 195
status: 200
x-activityid: 6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 195
timing-allow-origin: *
last-modified: Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=226324
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires: Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a8mXT.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdubmZkcy9RWWVvRnhhTk5jd3VwaGw3bTVrT3FzVTJiR3FDTmxoMkJFRkkzY1pXTXJWaTRuaVB...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800

98 KB
98 KB

9ms
8ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

19b1d6dd56343930c7bd22eaa903a4438ccc4a22a1624d288278cb68b2b64ea0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8mXT
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 369471
status: 200
x-activityid: 5326dab8-8ab7-4439-9b4e-0b677be40e92
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 100044
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=413101
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 23:56:48 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

660 B
1021 B

7ms
7ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXuBZ
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 660
status: 200
x-activityid: 377e4e78-bb46-4d46-bec0-6f0394a3f0bb
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 660
timing-allow-origin: *
last-modified: Thu, 15 Oct 2020 20:03:28 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=226325
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
expires: Tue, 20 Oct 2020 20:03:52 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a8fD5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZiVUdhTnJCZ1dkS2ZSeGNOUGlja3JaWVRpTDVpamdiVGFCc3V1RzNTRG9zVVN6bktzK0tMRUx...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800

77 KB
78 KB

10ms
8ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

5c4fbbc23b5c4e11729357bd442db7f0f24076bd6fab6cee19605afc06c20176

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8fD5
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 83064
status: 200
x-activityid: 9e6096ff-2acf-435d-9399-a59fa6f420fd
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 78902
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=413031
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 23:55:38 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

1 KB
2 KB

22ms
20ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXFkn
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 1198
status: 200
x-activityid: 9178dc15-1478-43f7-b98e-e4f38785875d
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1198
last-modified: Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=319202
timing-allow-origin: *
x-akamai-path-stats: [1:642:358]
expires: Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a8bAw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZpakNleDY5cUZlVGFDSWRVR3p1eU83SjBlQXJLcVBxS3ZuT3FKQnRWWFpNTnZmYy9sTExaRUl...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800

87 KB
88 KB

10ms
8ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

42fc936b173f9be34071e3426a44bde1b8badfd979f7d87cfd4c117f863b1362

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8bAw
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 139528
status: 200
x-activityid: c7815bbb-5876-40ab-8981-6488a3e6992c
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 89173
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=413013
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 23:55:20 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB2kwUc.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFVPV2UxWURXellFUmVCQVZBb3hIbTBNOWJRbUdpbDAzRlBjNGVUUERDK3c9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img

338 B
698 B

15ms
13ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

40685f972cc54e56f7d5bd69e75ff9c0d489c12bfbb22efc939729715fdb4c02

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB2kwUc
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 338
status: 200
x-activityid: 45f5f6d8-c89c-4a73-b2bc-4ac5e054c7aa
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 338
last-modified: Tue, 13 Oct 2020 18:22:55 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=47439
timing-allow-origin: *
expires: Sun, 18 Oct 2020 18:22:26 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK login.js Show response
simcast.com/widgets/login/ 931 B
574 B 236ms
218ms Script
application/javascript 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/login/login.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 05:11:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Aug 2019 05:50:21 GMT
Server: Apache/2.4.38 (Debian)
ETag: "3a3-59071ea59a140-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 199

GET
H2

200

BB1a8kcJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDNsTVMyUmozWTkzT2d4YVpqNGI3NDhGN0NtbTZwczJUYnFEQlRWakk3azJCSmlIN0NXSm1yOEN...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ.img?m=4&w=800&h=800

139 KB
140 KB

12ms
12ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9859a9fe4894cca18a3a24fcdc0c132f9d39e9b09da4c1be93b6c8981db526bc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8kcJ
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 145177
status: 200
x-activityid: 5ec51df2-688c-40e6-bed9-f81ea8a36c08
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 142445
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 21:21:28 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=403747
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 21:20:54 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

1 KB
2 KB

7ms
7ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXFkn
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 1198
status: 200
x-activityid: 9178dc15-1478-43f7-b98e-e4f38785875d
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1198
last-modified: Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=319202
timing-allow-origin: *
x-akamai-path-stats: [1:642:358]
expires: Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a8b2i.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFlkRFVBV1dyZHJXNmFTbmc0MFhZZE5qR2owb3huYXlIdyswZkJ2WFFUajYvblJBM1dKZy9PeTU...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800

52 KB
53 KB

14ms
14ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a6aba9e0d75c3fc91da5f41da302ecf845d2dc9937f41f57211f737cbbdf9bda

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8b2i
date: Sun, 18 Oct 2020 05:11:47 GMT
x-source-length: 119641
status: 200
x-activityid: a2faf5fa-d87e-4feb-a123-d6f59d04ca24
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 53702
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 19:52:54 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=398521
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 19:53:48 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

195 B
555 B

12ms
7ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBj0TsQ
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 195
status: 200
x-activityid: 6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 195
timing-allow-origin: *
last-modified: Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=226323
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires: Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a85Qv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGNBaXZlU3B2RHptejhyWU1pT1Z1MGl5WE9HeDJWcnJ4SGhOeXlyb1IvYmZFVUE5Z1V5Z0F0ZTU...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800

52 KB
53 KB

16ms
11ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

0865db941027b608fb3edd25259d5088c6124b0975b8f5ac7451aa2ecda80100

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a85Qv
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 167439
status: 200
x-activityid: e40520d9-4c74-478e-9ada-a3709685fe21
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 53632
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 19:35:22 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=397396
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 19:35:04 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a86ks.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEEycFJpeTVPQ3EySjluVGc2Mk5aQ3cyQTkrNm9XMyt0N25OUmVSU3o3K2ZoaWJXRFRKZGFQMXF...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800

102 KB
102 KB

18ms
13ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

735ed4147bec7e788964ed2deec6b8e530af0b824c7cf3d1aea047a14e6ee7f8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a86ks
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 432711
status: 200
x-activityid: 0733d019-71c0-4964-af51-2d0400a7eb2b
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 104037
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 20:48:10 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=401787
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 20:48:15 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a8cKK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVXaFRTcXBiajBEcU1sVFVmdDFhd05oajlGeGFBZzNCWDBhcjJwNm9PSEVvaG50VXMyV2tFRXF...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK.img?m=4&w=800&h=800

44 KB
45 KB

13ms
8ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

55c78ba155ce284dcf08159541fbf6f21a4e780756ebab41431cac2513ff3137

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8cKK
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 50998
status: 200
x-activityid: 0969d100-637d-48d7-879f-ba9041889478
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 45252
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 18:38:51 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=394012
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 18:38:40 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a7ZdK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHF6WHRPeENsN0VOT3p0bUxBd1FOS2hCVVF0N1o0UmZPMUlSQTVRTmRlNmFvdSt5V2tWVzVNK3N...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK.img?m=4&w=800&h=800

177 KB
177 KB

21ms
17ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1f9160b47b57147f0cbd03fd064b55c5411d8e6ce76417990125b4fe878e20a3

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a7ZdK
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 247805
status: 200
x-activityid: 4813c429-423b-4db4-baae-3813c6699e8a
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 180774
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 19:54:27 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=398566
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 19:54:34 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

1 KB
2 KB

12ms
8ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXFkn
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 1198
status: 200
x-activityid: 9178dc15-1478-43f7-b98e-e4f38785875d
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1198
last-modified: Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=319201
timing-allow-origin: *
x-akamai-path-stats: [1:642:358]
expires: Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a8cyI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGZDMkpFUFBWRGpPckUrOVBsc25tbDJCK2FwWVNjMHdUVHplN1RKMFFtcm9HK3hmeXZIN2JxMzR...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI.img?m=4&w=800&h=800

72 KB
73 KB

15ms
10ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

626a430ad030e975dd16651d0397cd0867133b1541c1e9230d040a9a03fc1b18

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a8cyI
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 147661
status: 200
x-activityid: 2b178704-3076-4f63-9778-467bf2f19ec8
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 74213
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 18:29:24 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=393461
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 18:29:29 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a81yw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdVcmM3a3ZMalZ6RXVFWDk3UkhSNGtSZ0VsbnN4U3I1aytENjBCUkFlUkZVSGE1c3F3QTBJVlF...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw.img?m=4&w=800&h=800

123 KB
123 KB

21ms
18ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8ecb34ec6e2db08aa0c564c55ce4224fcd23429e384b42c66373eb6fe8ffec09

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a81yw
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 491041
status: 200
x-activityid: a1aac5cb-9b4b-48ac-971b-170a13ec4351
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 125741
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 18:19:18 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=392843
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 18:19:11 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a84Vi.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDF3YTkzZXdSVkViUXRVWUpwVTFwRWtONzdhcDgvQnYvU2t0U1lMZFdHdCtWR2JaUC9GRlE5Rk0...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi.img?m=4&w=800&h=800

65 KB
66 KB

19ms
15ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

fbc314feb1658292f0f5c83f821486908630415eeed9aade8f4f6bbaebec66e0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a84Vi
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 955236
status: 200
x-activityid: 5a0d04dc-e4fa-4001-8d46-49533a0cfcfe
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 66918
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 17:13:29 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=388845
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 17:12:33 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a7YhT.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHUycnlWcnZWSW1YQ2g4WnM4V1Jza3VlK3BpcUhFWWhFV2NtK3FiampCMUExb3FKUUh0L090L1B...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT.img?m=4&w=800&h=800

58 KB
59 KB

20ms
16ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b8b934c75f8cf3478eb8e5c0954093464dd0434258c986e924fc58b5e6860410

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a7YhT
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 314661
status: 200
x-activityid: 11989084-097e-43de-948a-ada16e7c4a4a
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 59657
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 16:57:56 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=387966
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 16:57:54 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a7UGv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGxWSkVTKzFGL0EzUjY1SkJPOVRVMDR5TThvVm83Q2o5QlZNRlg1RWtidnA1Z1k1OXlkK1lMMG9...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv.img?m=4&w=800&h=800

96 KB
96 KB

22ms
18ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

032d9d86910d94742a5bddb2f2fa65c850c7140ffb35d53a75d937b5f572737a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a7UGv
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 356571
status: 200
x-activityid: aa0bc692-2f9b-49d9-bdf6-184ca703c54d
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 97916
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 16:57:56 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=387994
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 16:58:22 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

195 B
555 B

9ms
7ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBj0TsQ
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 195
status: 200
x-activityid: 6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 195
timing-allow-origin: *
last-modified: Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=226323
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires: Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a7XOR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGRkRm5IS21vZkN3WEl3bzdqMUxRalVEOHpsWDhleGxlRTRIbDhHNFRkYSsxU011b1ZYNWszT29...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR.img?m=4&w=800&h=800

66 KB
67 KB

19ms
15ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

7b2fe681373ee1f8a8110a4b66e748244f0a49bef7feae9e28d5c2df6bb256ce

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a7XOR
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 140870
status: 200
x-activityid: 6dcc075c-9b60-4a44-8f3a-7f2f03d744d3
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 67902
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 16:10:03 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=385106
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 16:10:14 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1a86NJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZIRzU2NEFpZ0ozVzN1Zm5LZ2d6akhuS1RCbFJ6R2dCN2JqNElrcFl3WGZHZGxuMmgzWUdkb2l...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ.img?m=4&w=800&h=800

84 KB
84 KB

24ms
21ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

6d9fe599af470adc4b70a74d42c883ccf5c94f359b107ba0018702dee6ce2d58

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1a86NJ
date: Sun, 18 Oct 2020 05:11:48 GMT
x-source-length: 514714
status: 200
x-activityid: f70dfd1f-d8e9-41b1-bf75-f1ecbba3f98b
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 85580
timing-allow-origin: *
last-modified: Sat, 17 Oct 2020 23:04:58 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=409973
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ?m=4&w=800&h=800
expires: Thu, 22 Oct 2020 23:04:41 GMT

Redirect headers

date: Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3-Q050 200 pubads_impl_2020101501.js Show response
securepubads.g.doubleclick.net/gpt/ 272 KB
96 KB 72ms
42ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

81769ec6be856e69d17c22fdbf79b9e05b7c0ece06edc79db4114a8567298643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:42:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97658
x-xss-protection: 0
expires: Sun, 18 Oct 2020 05:11:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
890 B 48ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Oct 2020 05:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
246 B 20ms
20ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Oct 2020 05:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
847 B 93ms
93ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2273414770456611&correlator=4303528747926115&output=ldjh&impl=fifs&eid=21067119%2C21068029%2C21065517%2C21065976%2C21067753&vrg=2020101501&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201018&iu_parts=51855962%2Csimcast%2Csimcast_970x250%2Csimcast_728x90%2Csimcast_728x90_2%2Csimcast_728x90_3%2CSimcast_300x250%2Csimcast_300x600%2Csimcast_320x50&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=970x250%7C728x90%2C728x90%2C728x90%2C728x90%2C300x250%2C300x600%2C320x50&cust_params=sub_id%3Drdr4trck.com&cookie_enabled=1&bc=23&abxe=1&lmt=1602997908&dt=1602997908078&dlt=1602997907554&idt=501&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C10%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C110%2C-9%2C-9%2C-9%2C-9%2C-9&adks=1580246415%2C330538255%2C2731548126%2C101588295%2C2408052046%2C1831785291%2C2541982844&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Drdr4trck.com%26s%3Dbone%26sw%3D17%26tr%3D&dssz=14&icsg=2720&std=0&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C1580x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C1580x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=945865044.1602997908&ga_sid=1602997908&ga_hid=114586244&fws=2%2C0%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

683a3df91af67a3811e85a93ec140c61c3e83aaad67e31df0fb41896a895e7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 328
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 74ms
40ms Other
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
5ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 74 KB
74 KB 233ms
218ms Font
font/woff2 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: simcast.com
URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Origin: http://simcast.com
Referer: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 05:11:48 GMT
Last-Modified: Mon, 08 Jul 2019 03:51:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "126b0-58d235a3ef340"
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: font/woff2
Content-Length: 75440

GET
H2 200 jmZlp9o9KQo
www.youtube.com/embed/ Frame C477 0
0 119ms
99ms Document
text/html 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jmZlp9o9KQo

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jmZlp9o9KQo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Response headers

status: 200
cache-control: no-cache
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
content-encoding: br
content-length: 10205
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Sun, 18 Oct 2020 05:11:48 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=ACpA6onwYSY; path=/; domain=.youtube.com; secure; expires=Fri, 16-Apr-2021 05:11:48 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=ACpA6onwYSY; path=/; domain=.youtube.com; secure; expires=Fri, 16-Apr-2021 05:11:48 GMT; httponly; samesite=None YSC=4TCZUjeDhtU; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 18-Oct-2020 05:41:48 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
9 KB 76ms
76ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

58ffae9d072c8de7da38e4b7457db3377bb33350ef96b02a1d56732d79fb6b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9246
x-xss-protection: 0
google-lineitem-id: 5399501512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314905801
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js.php Show response
simcast.com/widgets/ms/ 1 B
367 B 237ms
222ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/ms/js.php?fra=0&ip=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: */*
Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Oct 2020 05:11:48 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8
Content-Length: 21
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
779 B 33ms
13ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2273414770456611&r=1x1&w=1&h=1&a=0

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Oct 2020 05:11:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C161 0
0 38ms
38ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3IAOa3d7hSSNqIqakI6WljXJmSj5KuE39U-TP7yiYxbBE4GRZZ7ZYPBTWaLE8hrxQY3CWwPznYRYxO7OH6I88uA4eWE5CBPcU2GvSGuke5AksBGMOQGsIa5TlUwg4zZHxMhR4bG7cRXQyBeQqqulxRReAmiqPQtejjXk3toQGHCqGfd52Plpsq2fh1F-SV7h8WwZANUTb9GWKIGEHIc1fva1kX6fNzY1uDVp7yRm2NWFFsfJnrzI9-BErvlf5LVE44pIGTA&sig=Cg0ArKJSzLAL5V9dWyJNEAE&adurl=

Requested by

Host: cd-down.com
URL: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Oct 2020 05:11:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201014/r20110914/ Frame C161 17 KB
8 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201014/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20d9780645e96c5273c4e1b6f46b94518dd9de586dbaf178f841c8151931e26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 17 Oct 2020 17:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7201
x-xss-protection: 0
server: cafe
etag: 13490672151077077007
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Oct 2020 17:17:03 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201014/r20110914/client/ Frame C161 3 KB
1 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201014/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 17 Oct 2020 21:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1335
x-xss-protection: 0
server: cafe
etag: 1884878862150193934
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Oct 2020 21:37:14 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C161 75 KB
29 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52f7679a6157f3fbbe5ec30d613e5ddd98121049d1bc60b890a8b32da7be8865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602674900477171"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28907
x-xss-protection: 0
expires: Sun, 18 Oct 2020 05:11:48 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame C161 0
0 18ms
17ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaTwfxgLas0sTrkGIXSUItoL9vUPcfGyoumr0H_r9cp9fvTDl4nmY6onfACKPKZToVXmD2afCKQHqu89zzf8naRr5w5V-Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol: HTTP/1.1
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 2364309221291099109
tpc.googlesyndication.com/simgad/ Frame C161 807 B
970 B 27ms
13ms Image
image/gif 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2364309221291099109

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 17:48:54 GMT
x-content-type-options: nosniff
age: 386574
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 807
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 05:45:21 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 17:48:54 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602674900477171"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Sun, 18 Oct 2020 05:11:48 GMT

GET
DATA 200
OK truncated
/ Frame C161 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f89018318cf44ede24393878c7ff3b32ef60de059b20ba322647716d80d26eb2

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C161 0
21 B 37ms
36ms Image
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfO0hewlDzME1KW1bh_RvrHRju8cdR2uxhYVJfqZghGTA45psZOUhSbZikj3Z2_RXTE1gPrAiC4LwF7tKBeM8hUpnkTtVtQOeZOFx-81RceEFMEPpDGZSe9ILQoQsoTdm1xDhX42GTZ6i2dUnqx5m2fkRp664BdXYBmzWIBgxWhHFNtmoCNq1WlM82VIipM1PnJpiYOmsPNPloriuV0z-ZGrs09IwlK4TQYvrCK5-zHJ8rZYG-OWdH3x699pFYLpqpf1bMdVw0&sig=Cg0ArKJSzOmmnKfVV89YEAE&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Oct 2020 05:11:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 37ms
24ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020101501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad66cec5d9581acbc8f69ad21b6f5acb869979868f4cdae370cb9076143f7f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Oct 2020 05:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6354
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 05:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Sun, 18 Oct 2020 05:11:48 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame FA76 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Sat, 17 Oct 2020 23:50:46 GMT
expires: Sun, 17 Oct 2021 23:50:46 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19262
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 15ms
15ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020101501&jk=2273414770456611&bg=!IyClIADNAAUZK2QAGVh3YnwCW4rXeQIAAABUUgAAAAwKANQzep1Hi4_w7NmQOQk-14T7zpFOu7_tS7Eb4tbbQbPAY9Aydh9PAhet_p-kilBOYsZa3JP5vE-DK3J0Xkxl99guX6wRgz77G8zQsiOGctecBHzwWYpWquKakpk-_ZeXXdYrAQ7NkoUq1gCHv4rg_Vn4H7TBVXu4HvH6GHKOLzdlnGzswPYnHvEJpVJytkCTPGdVN9lUEudejufeqax4T8yaH6koTciOwuNYV_Z6c2V24R7V21oWw3p0pKtWCccOvaLV_cxcd4dLyd97x57aJSU2MizyO5kBo53JJnQsIfKjTwhgwJSi1rhapBhZii0IfdwhJZ2AJ-RH5gEWHMaHHAUREc9rhkF1SNUZnuS2OtxgZPeXK6aRGLBdYW_4ksGfyqiuV5wIsJ7wnR5eY6CLwK3Q665l5aaBp5lWo39o5YpMFPzI9hcDumDKSQlctrIX-SVv2HcZRmphDg0Vh0A_uHAAwv22lP2dEqYqmrdHoXQa6_GPvoviG0qRxFqNlsrASnA4QtYRI2iWlSGc9U12N4ThjEUQoTANVfN3Jw_UmeBXEafQPVYeI5Ghyi8fjVk6jZNYhut56A2S1paZdP6U6q8wRShWTRVDmgfA7v3UK2fWzuiLz2OdOMXaMy35PXT8_41DvInFNetkCfWDnaQNT-Br0Mur9pSV2Drh0s-sk2eQxTucvEQrIsbqPAuTi9sMmnwlm7wJoIH6pZUqHlaq2Nf0mgU9o5A9G1mcamso6H99M7rH850tJ8JxHHCTgyOCSrJgxJxLC5JO6iMwPrCbEl-oz8hqpFMLJcJhdA7hHUS4Hvra8nAyavNMZpXFXQfUcQu5bwZhWOmdk-4p

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Oct 2020 05:11:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 17:35:49	Name: VISITOR_INFO1_LIVE Value: ACpA6onwYSY
.simcast.com/	1970-01-19 22:38:13	Name: __gads Value: ID=a495db1eeb61e2be:T=1602997908:S=ALNI_MZQVoL4iYNn4HhNf2J633-RFYzeYQ
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 4TCZUjeDhtU
simcast.com/	1969-12-31 23:59:59	Name: NB_SRVID Value: srv8226216
simcast.com/	1970-01-19 13:18:04	Name: PHPSESSID Value: 0gtda5ib42l1il9qodm9drt05m

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
berhilpress.info
cadet.parklogic.com
cd-down.com
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
gdmconvtrck.com
img-s-msn-com.akamaized.net
img2.smartsearch.me
img3.smartsearch.me
img4.smartsearch.me
pagead2.googlesyndication.com
riftv.net
securepubads.g.doubleclick.net
simcast.com
t.insigit.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.meetdate.xyz
www.rdr4trck.com
www.youtube.com
109.234.162.107
144.217.171.217
172.217.22.34
18.197.242.25
194.146.24.56
2001:4de0:ac19::1:b:3b
212.115.109.66
2600:3c02::f03c:91ff:fee2:5b0f
2606:4700::6811:4f6b
2606:4700::6812:e134
2a00:1450:4001:806::2001
2a00:1450:4001:814::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2002
2a02:26f0:6c00::210:ba20
2a05:d018:483:6110:7c95:4bfe:6d80:65e
2a05:d018:483:6110:de04:6bd7:82f8:2d00
45.79.244.12
52.28.86.101
63.250.58.116
69.16.231.150
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
032d9d86910d94742a5bddb2f2fa65c850c7140ffb35d53a75d937b5f572737a
0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f3b7f5c6c7f408ffffcae86522465cb634e081cecd99f223ccfca32374cce2
0865db941027b608fb3edd25259d5088c6124b0975b8f5ac7451aa2ecda80100
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70
19b1d6dd56343930c7bd22eaa903a4438ccc4a22a1624d288278cb68b2b64ea0
1f9160b47b57147f0cbd03fd064b55c5411d8e6ce76417990125b4fe878e20a3
20d9780645e96c5273c4e1b6f46b94518dd9de586dbaf178f841c8151931e26a
40685f972cc54e56f7d5bd69e75ff9c0d489c12bfbb22efc939729715fdb4c02
42fc936b173f9be34071e3426a44bde1b8badfd979f7d87cfd4c117f863b1362
52f7679a6157f3fbbe5ec30d613e5ddd98121049d1bc60b890a8b32da7be8865
55c78ba155ce284dcf08159541fbf6f21a4e780756ebab41431cac2513ff3137
58ffae9d072c8de7da38e4b7457db3377bb33350ef96b02a1d56732d79fb6b52
5c4fbbc23b5c4e11729357bd442db7f0f24076bd6fab6cee19605afc06c20176
626a430ad030e975dd16651d0397cd0867133b1541c1e9230d040a9a03fc1b18
683a3df91af67a3811e85a93ec140c61c3e83aaad67e31df0fb41896a895e7c0
6a2dbec1a367fc4e1c33dbaae1268daa467995128f60cb04ed5cf4102af03965
6d9fe599af470adc4b70a74d42c883ccf5c94f359b107ba0018702dee6ce2d58
735ed4147bec7e788964ed2deec6b8e530af0b824c7cf3d1aea047a14e6ee7f8
7b2fe681373ee1f8a8110a4b66e748244f0a49bef7feae9e28d5c2df6bb256ce
7c294a3cb6cdae6c26be664aacd29495b24b9d3f98e4c94efcafa0347c341b66
81769ec6be856e69d17c22fdbf79b9e05b7c0ece06edc79db4114a8567298643
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
85dfb8372172f2427fc075d42df146417de9064e702fd50a9aa9170bcbfe46eb
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
8ecb34ec6e2db08aa0c564c55ce4224fcd23429e384b42c66373eb6fe8ffec09
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9859a9fe4894cca18a3a24fcdc0c132f9d39e9b09da4c1be93b6c8981db526bc
9c49b31d843207871ca2278fd2dc6eb557e04eb41c2eef70f7df82104bec9282
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a6aba9e0d75c3fc91da5f41da302ecf845d2dc9937f41f57211f737cbbdf9bda
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
ad66cec5d9581acbc8f69ad21b6f5acb869979868f4cdae370cb9076143f7f74
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
b8b934c75f8cf3478eb8e5c0954093464dd0434258c986e924fc58b5e6860410
c63b049f72ef1f0ae5cd28334a6b7f66cd1a44fc4f2df74902a3c24c93e1355f
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4
d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9
d6dc570ca5cb8f584dce75241aee186b6a20f22129bc3b1c3adf842fd196c682
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ef588ce6c368027bf4991044820407679e8d9223039a7379aca837fe2a10a588
f783b41bec7d99f1033609e173ef2a709d034f841d6efc878286330170f16f9b
f89018318cf44ede24393878c7ff3b32ef60de059b20ba322647716d80d26eb2
fbc314feb1658292f0f5c83f821486908630415eeed9aade8f4f6bbaebec66e0
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

87 %HTTPS

57 %IPv6

20 Domains

25 Subdomains

16 IPs

9 Countries

2147 kBTransfer

2623 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

87 %
HTTPS

57 %
IPv6

20
Domains

25
Subdomains

16
IPs

9
Countries

2147 kB
Transfer

2623 kB
Size

5
Cookies

67 HTTP transactions
1 data transactions