Submitted URL: http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ==
Effective URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Submission: On October 18 via api from BE

Summary

This website contacted 16 IPs in 9 countries across 20 domains to perform 67 HTTP transactions. The main IP is 45.79.244.12, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 144.217.171.217 16276 (OVH)
1 1 109.234.162.107 50474 (O2SWITCH)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 1 18.197.242.25 16509 (AMAZON-02)
1 1 52.28.86.101 16509 (AMAZON-02)
1 1 69.16.231.150 32244 (LIQUIDWEB)
8 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 172.217.22.34 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
14 14 194.146.24.56 210329 (CLOUDWEBM...)
30 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 8 63.250.58.116 210329 (CLOUDWEBM...)
8 8 212.115.109.66 210329 (CLOUDWEBM...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
67 16
Domain Requested by
30 img-s-msn-com.akamaized.net simcast.com
14 img2.smartsearch.me 14 redirects
8 img4.smartsearch.me 8 redirects
8 img3.smartsearch.me 8 redirects
8 simcast.com gdmconvtrck.com
simcast.com
code.jquery.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 securepubads.g.doubleclick.net simcast.com
securepubads.g.doubleclick.net
cd-down.com
3 pagead2.googlesyndication.com simcast.com
securepubads.g.doubleclick.net
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdnjs.cloudflare.com simcast.com
2 cd-down.com 1 redirects
1 www.google.com securepubads.g.doubleclick.net
1 www.youtube.com simcast.com
1 1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 cadet.parklogic.com simcast.com
1 cdn.onesignal.com simcast.com
1 code.jquery.com simcast.com
1 www.rdr4trck.com 1 redirects
1 www.meetdate.xyz 1 redirects
1 t.insigit.com 1 redirects
1 gdmconvtrck.com cd-down.com
1 riftv.net 1 redirects
1 berhilpress.info 1 redirects
67 25

This site contains no links.

Subject Issuer Validity Valid
cd-down.com
Amazon
2020-04-22 -
2021-05-22
a year crt.sh
gdmconvtrck.com
Amazon
2020-03-21 -
2021-04-21
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.parklogic.com
COMODO RSA Domain Validation Secure Server CA
2018-12-16 -
2020-12-29
2 years crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-12 -
2022-08-17
2 years crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1
2020-07-15 -
2021-09-13
a year crt.sh
*.google.nl
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh

This page contains 4 frames:

Primary Page: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Frame ID: 5E55C349D42A3ED207464EF360AE2393
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jmZlp9o9KQo
Frame ID: C47792EB10E5541069722209868F3364
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3IAOa3d7hSSNqIqakI6WljXJmSj5KuE39U-TP7yiYxbBE4GRZZ7ZYPBTWaLE8hrxQY3CWwPznYRYxO7OH6I88uA4eWE5CBPcU2GvSGuke5AksBGMOQGsIa5TlUwg4zZHxMhR4bG7cRXQyBeQqqulxRReAmiqPQtejjXk3toQGHCqGfd52Plpsq2fh1F-SV7h8WwZANUTb9GWKIGEHIc1fva1kX6fNzY1uDVp7yRm2NWFFsfJnrzI9-BErvlf5LVE44pIGTA&sig=Cg0ArKJSzLAL5V9dWyJNEAE&adurl=
Frame ID: C1616475248B4212DAE50163EBDA14F2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: FA76EFC26EE5541FB2040C20943FA103
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ== HTTP 302
    https://riftv.net/LGPZS?sub1=1&sub2=9166&sub3=12318&sub4=798&sub5=526145 HTTP 301
    https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd Page URL
  2. https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1602997905888&h=b4062e... HTTP 302
    https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f... HTTP 302
    https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=390e6... HTTP 302
    http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cD... HTTP 302
    http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

67
Requests

87 %
HTTPS

57 %
IPv6

20
Domains

25
Subdomains

16
IPs

9
Countries

2147 kB
Transfer

2623 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ== HTTP 302
    https://riftv.net/LGPZS?sub1=1&sub2=9166&sub3=12318&sub4=798&sub5=526145 HTTP 301
    https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd Page URL
  2. https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1602997905888&h=b4062e03c3c8292ce8f677430cdb7327c585a620&req=https%3A%2F%2Fcd-down.com%2Fsmartlink%2F%3Fa%3D93640%26sm%3D4612%26s1%3Dmm%26s2%3Ddd&mt=3&svi=6118a2c6c5274fdfa03e00a3afc4ae68_1602997905888_10_4612_-1_-2_-5_8953_61&o=53216&dl=t&us=89a824a6c66e42f19f154e553f5f2795 HTTP 302
    https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=43e89b8ded494a3f984897fa8f41ef7acfe0&utm_sub=opnfnl&m=ps HTTP 302
    https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=390e6e81fb506f5fb160d0d653c8df7b334a03a9&s6=43e89b8ded494a3f984897fa8f41ef7acfe0&dci=a85f5530c55ce938f9f1ea7747928dc8f709e5e0&tds_host=t.insigit.com&tds_split=a&tds_campaign=r1992shy&tds_id=r1992shy_lp_a_524562638273_adsbridge&tds_oid=926b90433b7736a8_&tds_cid=390e6e81fb506f5fb160d0d653c8df7b334a03a9&tdsId=r1992shy_lp_a_524562638273_adsbridge&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=43e89b8ded494a3f984897fa8f41ef7acfe0&utm_sub=opnfnl&m=ps&p_tds_cid=c0077a87eead132a01087fda993bf35506e2e741&tds_reason=direct HTTP 302
    http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cDovL2ZpbmQtYmVzdC1kYXRpbmdzLmNvbS8%2FdT0wMWE4ZWt5Jm89MWRsZGw3ZSZ0PTM3NjgyNF8xMTNfZjE1ZGViYmMmY2lkPWpiZXRvNWY4YmNlOTI1YTMyZjM2MDc0MDI0Mg%3D%3D&action=action_tmp HTTP 302
    http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ== HTTP 302
  • https://riftv.net/LGPZS?sub1=1&sub2=9166&sub3=12318&sub4=798&sub5=526145 HTTP 301
  • https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Request Chain 12
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1yS3dvWWlLRkMzRURobzYzMkdoUHl2dVlkUVY2UGlTUFoyRFo4TkIyd2dEcFdIZGtpNmwyZkFjRDdNekxxN1M= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
Request Chain 13
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGhTVFZoblJjSVdIcFJqSlhiM2c2UkxkZnRudVF6TzFlaVc2WXpSVWdqamNscUJnbUNoOXdDempDWVdZcTN3ZzU= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
Request Chain 14
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Request Chain 15
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHY0cjRZbWlrZm83NkRRajExSHIzY2ZvTys4eXVIcXZrR0RnZzdkeTRLeEVaMnFza08vL05lUmJ6RG45aWpsUlE= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM.img?m=4&w=800&h=800
Request Chain 16
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Request Chain 17
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJnYU9EVXhmbEJsam5CRnFkTzdFMXFWdWlma3o0U1k0cDY4UjJyb00zT0VFV0ZWNnBoejNjeEM1bWg2MkxKNTA= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
Request Chain 18
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Request Chain 19
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdubmZkcy9RWWVvRnhhTk5jd3VwaGw3bTVrT3FzVTJiR3FDTmxoMkJFRkkzY1pXTXJWaTRuaVBIYzFzVWVMeU0= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
Request Chain 20
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Request Chain 21
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZiVUdhTnJCZ1dkS2ZSeGNOUGlja3JaWVRpTDVpamdiVGFCc3V1RzNTRG9zVVN6bktzK0tMRUxFR0lQb09tOVU= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
Request Chain 22
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Request Chain 23
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZpakNleDY5cUZlVGFDSWRVR3p1eU83SjBlQXJLcVBxS3ZuT3FKQnRWWFpNTnZmYy9sTExaRUliOEpRS2c3K2c= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
Request Chain 24
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFVPV2UxWURXellFUmVCQVZBb3hIbTBNOWJRbUdpbDAzRlBjNGVUUERDK3c9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
Request Chain 26
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDNsTVMyUmozWTkzT2d4YVpqNGI3NDhGN0NtbTZwczJUYnFEQlRWakk3azJCSmlIN0NXSm1yOENNY0ZvOVRhWG0= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ.img?m=4&w=800&h=800
Request Chain 27
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Request Chain 28
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFlkRFVBV1dyZHJXNmFTbmc0MFhZZE5qR2owb3huYXlIdyswZkJ2WFFUajYvblJBM1dKZy9PeTU4Qlg3eEZ0SEY= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
Request Chain 29
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Request Chain 30
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGNBaXZlU3B2RHptejhyWU1pT1Z1MGl5WE9HeDJWcnJ4SGhOeXlyb1IvYmZFVUE5Z1V5Z0F0ZTUvUE1hYndWS20= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
Request Chain 31
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEEycFJpeTVPQ3EySjluVGc2Mk5aQ3cyQTkrNm9XMyt0N25OUmVSU3o3K2ZoaWJXRFRKZGFQMXFKc0dpNlhDYlk= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800
Request Chain 32
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVXaFRTcXBiajBEcU1sVFVmdDFhd05oajlGeGFBZzNCWDBhcjJwNm9PSEVvaG50VXMyV2tFRXFqSnU0V0RHeXY= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK.img?m=4&w=800&h=800
Request Chain 33
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHF6WHRPeENsN0VOT3p0bUxBd1FOS2hCVVF0N1o0UmZPMUlSQTVRTmRlNmFvdSt5V2tWVzVNK3NFV0xCeGlsQVc= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK.img?m=4&w=800&h=800
Request Chain 34
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Request Chain 35
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGZDMkpFUFBWRGpPckUrOVBsc25tbDJCK2FwWVNjMHdUVHplN1RKMFFtcm9HK3hmeXZIN2JxMzR1SzdkVTB2bUo= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI.img?m=4&w=800&h=800
Request Chain 36
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdVcmM3a3ZMalZ6RXVFWDk3UkhSNGtSZ0VsbnN4U3I1aytENjBCUkFlUkZVSGE1c3F3QTBJVlFrSDdaai9lQlA= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw.img?m=4&w=800&h=800
Request Chain 37
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDF3YTkzZXdSVkViUXRVWUpwVTFwRWtONzdhcDgvQnYvU2t0U1lMZFdHdCtWR2JaUC9GRlE5Rk01VHEvUlg3OW8= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi.img?m=4&w=800&h=800
Request Chain 38
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHUycnlWcnZWSW1YQ2g4WnM4V1Jza3VlK3BpcUhFWWhFV2NtK3FiampCMUExb3FKUUh0L090L1BFdWIwMmxmQnM= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT.img?m=4&w=800&h=800
Request Chain 39
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGxWSkVTKzFGL0EzUjY1SkJPOVRVMDR5TThvVm83Q2o5QlZNRlg1RWtidnA1Z1k1OXlkK1lMMG9vQW5HbFJJbUg= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv.img?m=4&w=800&h=800
Request Chain 40
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Request Chain 41
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGRkRm5IS21vZkN3WEl3bzdqMUxRalVEOHpsWDhleGxlRTRIbDhHNFRkYSsxU011b1ZYNWszT292UVprUVl3VTY= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR.img?m=4&w=800&h=800
Request Chain 42
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZIRzU2NEFpZ0ozVzN1Zm5LZ2d6akhuS1RCbFJ6R2dCN2JqNElrcFl3WGZHZGxuMmgzWUdkb2lid3ZZTUd4aHg= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ.img?m=4&w=800&h=800

67 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
cd-down.com/smartlink/
Redirect Chain
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTE2NiZsPTc5OCZjPTUyNjE0NQ==
  • https://riftv.net/LGPZS?sub1=1&sub2=9166&sub3=12318&sub4=798&sub5=526145
  • https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
2 KB
1 KB
Document
General
Full URL
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6110:7c95:4bfe:6d80:65e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85dfb8372172f2427fc075d42df146417de9064e702fd50a9aa9170bcbfe46eb

Request headers

:method
GET
:authority
cd-down.com
:scheme
https
:path
/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 18 Oct 2020 05:11:45 GMT
content-type
text/html;charset=utf-8
server
nginx
vary
Accept-Encoding
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding
gzip

Redirect headers

status
301
date
Sun, 18 Oct 2020 05:11:46 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
x-powered-by
PHP/7.4.11
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=29bd19eac1daa22a6a8fdbf8a553ce1a; path=/ short_LGPZS=1; expires=Sun, 18-Oct-2020 05:41:46 GMT; Max-Age=1800; path=/; HttpOnly
server
o2switch-PowerBoost-v3
user
gdmconvtrck.com/
1 KB
1 KB
Script
General
Full URL
https://gdmconvtrck.com/user?a=93640&c=169426
Requested by
Host: cd-down.com
URL: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6110:de04:6bd7:82f8:2d00 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7c294a3cb6cdae6c26be664aacd29495b24b9d3f98e4c94efcafa0347c341b66

Request headers

Referer
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Oct 2020 05:11:46 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*, *
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
expires
Sat, 1 May 2020 12:00:00 GMT
Primary Request Cookie set /
simcast.com/
Redirect Chain
  • https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1602997905888&h=b4062e03c3c8292ce8f677430cdb7327c585a620&req=https%3A%2F%2Fcd-down.com%2Fsmartlink%2F%3Fa%3D93640%26sm%3D46...
  • https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=43e89b8ded494a3f984897fa8f41ef7acfe0&utm_sub=opnfnl&m=ps
  • https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=390e6e81fb506f5fb160d0d653c8df7b334a03a9&s6=43e89b8ded494a3f984897fa8f41ef7acfe0&dci=a85f5530c55ce938...
  • http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cDovL2ZpbmQtYmVzdC1kYXRpbmdzLmNvbS8%2FdT0wMWE4ZWt5Jm89MWRsZGw3ZSZ0PTM3NjgyNF8xMTNfZjE1ZGViYmMmY2lkP...
  • http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
44 KB
9 KB
Document
General
Full URL
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Requested by
Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/user?a=93640&c=169426
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
04f3b7f5c6c7f408ffffcae86522465cb634e081cecd99f223ccfca32374cce2

Request headers

Host
simcast.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd

Response headers

Date
Sun, 18 Oct 2020 05:11:46 GMT
Server
Apache/2.4.38 (Debian)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=0gtda5ib42l1il9qodm9drt05m; expires=Mon, 19-Oct-2020 05:11:46 GMT; Max-Age=86400; path=/ NB_SRVID=srv8226216; path=/
Upgrade
h2
Connection
Upgrade, close
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8871
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 18 Oct 2020 05:11:46 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
http://simcast.com
Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:47 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
status
200
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1602997907.dop129.fr8.t,1602997907.cds289.fr8.hn,1602997907.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/
13 KB
3 KB
Stylesheet
General
Full URL
http://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 05:11:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Sep 2020 04:24:01 GMT
Server
Apache/2.4.38 (Debian)
ETag
"34cd-5af8edec19a40-gzip"
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
2953
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/
55 KB
12 KB
Stylesheet
General
Full URL
http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 05:11:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jul 2019 03:45:19 GMT
Server
Apache/2.4.38 (Debian)
ETag
"daa3-58d2345dc71c0-gzip"
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
12209
OneSignalSDK.js
cdn.onesignal.com/sdks/
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:47 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3386
etag
W/"af07e3bccd7885748057bb532c526ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
5e3fc2bbdd721f35-FRA
cf-request-id
05dbb8096700001f35b1355000000001
expires
Sun, 18 Oct 2020 17:11:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
52 KB
18 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
ef588ce6c368027bf4991044820407679e8d9223039a7379aca837fe2a10a588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"666 / 491 of 1000 / last-modified: 1602886436"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17666
x-xss-protection
0
expires
Sun, 18 Oct 2020 05:11:47 GMT
enhance.js
cadet.parklogic.com/page/
2 KB
2 KB
Script
General
Full URL
https://cadet.parklogic.com/page/enhance.js?pcId=56&domain=rdr4trck.com
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:91ff:fee2:5b0f , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
c63b049f72ef1f0ae5cd28334a6b7f66cd1a44fc4f2df74902a3c24c93e1355f

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 05:11:47 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Content-Length
2221
Keep-Alive
timeout=5, max=100
Content-Type
text/javascript;charset=UTF-8
simcastlogo_35y.png
simcast.com/templates/simcast/images/
1 KB
2 KB
Image
General
Full URL
http://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 05:11:47 GMT
Last-Modified
Wed, 26 Feb 2020 07:27:31 GMT
Server
Apache/2.4.38 (Debian)
ETag
"527-59f758988fec0"
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1319
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1494839
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
cf-request-id
05dbb8095d0000c2a453819000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602997908"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e3fc2bbc851c2a4-FRA
expires
Fri, 08 Oct 2021 05:11:47 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/
3 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1499352
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
cf-request-id
05dbb809640000c2a465864000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602997908"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e3fc2bbd85bc2a4-FRA
expires
Fri, 08 Oct 2021 05:11:47 GMT
modal.css
simcast.com/widgets/modal/
577 B
633 B
Stylesheet
General
Full URL
http://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 05:11:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Aug 2020 23:13:02 GMT
Server
Apache/2.4.38 (Debian)
ETag
"241-5acb6544e5b80-gzip"
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
272
BB1a7VIG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1yS3dvWWlLRkMzRURobzYzMkdoUHl2dVlkUVY2UGlTUFoyRFo4TkIyd2dEcFdIZGtpNmwyZkF...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
75 KB
75 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6a2dbec1a367fc4e1c33dbaae1268daa467995128f60cb04ed5cf4102af03965
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a7VIG
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
262550
status
200
x-activityid
72509a31-bb7a-4e60-8b42-6fc0b995512a
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
76492
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 05:08:01 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431831
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 05:08:58 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8uNb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGhTVFZoblJjSVdIcFJqSlhiM2c2UkxkZnRudVF6TzFlaVc2WXpSVWdqamNscUJnbUNoOXdDemp...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
54 KB
54 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f783b41bec7d99f1033609e173ef2a709d034f841d6efc878286330170f16f9b
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8uNb
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
208810
status
200
x-activityid
61294d02-6b09-4728-9491-0a16b2fa82c1
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
54964
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 02:19:49 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421658
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 02:19:25 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
660 B
1021 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXuBZ
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
660
status
200
x-activityid
377e4e78-bb46-4d46-bec0-6f0394a3f0bb
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
660
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:03:28 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=226325
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
expires
Tue, 20 Oct 2020 20:03:52 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8rTM.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHY0cjRZbWlrZm83NkRRajExSHIzY2ZvTys4eXVIcXZrR0RnZzdkeTRLeEVaMnFza08vL05lUmJ...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM.img?m=4&w=800&h=800
161 KB
161 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
9c49b31d843207871ca2278fd2dc6eb557e04eb41c2eef70f7df82104bec9282
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8rTM
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
680749
status
200
x-activityid
0ff1a541-b429-4f2d-b64d-8c91b03e13b0
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
164550
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 02:19:49 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421666
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 02:19:33 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rTM.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
660 B
1021 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXuBZ
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
660
status
200
x-activityid
377e4e78-bb46-4d46-bec0-6f0394a3f0bb
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
660
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:03:28 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=226325
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
expires
Tue, 20 Oct 2020 20:03:52 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB19TfvG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJnYU9EVXhmbEJsam5CRnFkTzdFMXFWdWlma3o0U1k0cDY4UjJyb00zT0VFV0ZWNnBoejNjeEM...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
97 KB
97 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
d6dc570ca5cb8f584dce75241aee186b6a20f22129bc3b1c3adf842fd196c682
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB19TfvG
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
405033
status
200
x-activityid
a93a0b2a-2910-4785-a5ba-b0731946f4e5
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG?m=4&w=800&h=800
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
98895
last-modified
Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413045
timing-allow-origin
*
expires
Thu, 22 Oct 2020 23:55:52 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
195 B
555 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBj0TsQ
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
195
status
200
x-activityid
6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
195
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=226324
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires
Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8mXT.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdubmZkcy9RWWVvRnhhTk5jd3VwaGw3bTVrT3FzVTJiR3FDTmxoMkJFRkkzY1pXTXJWaTRuaVB...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
98 KB
98 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
19b1d6dd56343930c7bd22eaa903a4438ccc4a22a1624d288278cb68b2b64ea0
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8mXT
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
369471
status
200
x-activityid
5326dab8-8ab7-4439-9b4e-0b677be40e92
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
100044
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413101
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 23:56:48 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
660 B
1021 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXuBZ
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
660
status
200
x-activityid
377e4e78-bb46-4d46-bec0-6f0394a3f0bb
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
660
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:03:28 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=226325
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
expires
Tue, 20 Oct 2020 20:03:52 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8fD5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZiVUdhTnJCZ1dkS2ZSeGNOUGlja3JaWVRpTDVpamdiVGFCc3V1RzNTRG9zVVN6bktzK0tMRUx...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
77 KB
78 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
5c4fbbc23b5c4e11729357bd442db7f0f24076bd6fab6cee19605afc06c20176
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8fD5
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
83064
status
200
x-activityid
9e6096ff-2acf-435d-9399-a59fa6f420fd
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
78902
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413031
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 23:55:38 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
1 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXFkn
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
1198
status
200
x-activityid
9178dc15-1478-43f7-b98e-e4f38785875d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
1198
last-modified
Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=319202
timing-allow-origin
*
x-akamai-path-stats
[1:642:358]
expires
Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8bAw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZpakNleDY5cUZlVGFDSWRVR3p1eU83SjBlQXJLcVBxS3ZuT3FKQnRWWFpNTnZmYy9sTExaRUl...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
87 KB
88 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
42fc936b173f9be34071e3426a44bde1b8badfd979f7d87cfd4c117f863b1362
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8bAw
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
139528
status
200
x-activityid
c7815bbb-5876-40ab-8981-6488a3e6992c
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
89173
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413013
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 23:55:20 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB2kwUc.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFVPV2UxWURXellFUmVCQVZBb3hIbTBNOWJRbUdpbDAzRlBjNGVUUERDK3c9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
338 B
698 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
40685f972cc54e56f7d5bd69e75ff9c0d489c12bfbb22efc939729715fdb4c02
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB2kwUc
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
338
status
200
x-activityid
45f5f6d8-c89c-4a73-b2bc-4ac5e054c7aa
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
338
last-modified
Tue, 13 Oct 2020 18:22:55 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=47439
timing-allow-origin
*
expires
Sun, 18 Oct 2020 18:22:26 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
login.js
simcast.com/widgets/login/
931 B
574 B
Script
General
Full URL
http://simcast.com/widgets/login/login.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 05:11:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Aug 2019 05:50:21 GMT
Server
Apache/2.4.38 (Debian)
ETag
"3a3-59071ea59a140-gzip"
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
199
BB1a8kcJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDNsTVMyUmozWTkzT2d4YVpqNGI3NDhGN0NtbTZwczJUYnFEQlRWakk3azJCSmlIN0NXSm1yOEN...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ.img?m=4&w=800&h=800
139 KB
140 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
9859a9fe4894cca18a3a24fcdc0c132f9d39e9b09da4c1be93b6c8981db526bc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8kcJ
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
145177
status
200
x-activityid
5ec51df2-688c-40e6-bed9-f81ea8a36c08
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
142445
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 21:21:28 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=403747
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 21:20:54 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8kcJ.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
1 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXFkn
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
1198
status
200
x-activityid
9178dc15-1478-43f7-b98e-e4f38785875d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
1198
last-modified
Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=319202
timing-allow-origin
*
x-akamai-path-stats
[1:642:358]
expires
Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8b2i.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFlkRFVBV1dyZHJXNmFTbmc0MFhZZE5qR2owb3huYXlIdyswZkJ2WFFUajYvblJBM1dKZy9PeTU...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
52 KB
53 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a6aba9e0d75c3fc91da5f41da302ecf845d2dc9937f41f57211f737cbbdf9bda
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8b2i
date
Sun, 18 Oct 2020 05:11:47 GMT
x-source-length
119641
status
200
x-activityid
a2faf5fa-d87e-4feb-a123-d6f59d04ca24
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
53702
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 19:52:54 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=398521
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 19:53:48 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
195 B
555 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBj0TsQ
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
195
status
200
x-activityid
6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
195
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=226323
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires
Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a85Qv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGNBaXZlU3B2RHptejhyWU1pT1Z1MGl5WE9HeDJWcnJ4SGhOeXlyb1IvYmZFVUE5Z1V5Z0F0ZTU...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
52 KB
53 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
0865db941027b608fb3edd25259d5088c6124b0975b8f5ac7451aa2ecda80100
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a85Qv
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
167439
status
200
x-activityid
e40520d9-4c74-478e-9ada-a3709685fe21
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
53632
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 19:35:22 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=397396
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 19:35:04 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a86ks.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEEycFJpeTVPQ3EySjluVGc2Mk5aQ3cyQTkrNm9XMyt0N25OUmVSU3o3K2ZoaWJXRFRKZGFQMXF...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800
102 KB
102 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
735ed4147bec7e788964ed2deec6b8e530af0b824c7cf3d1aea047a14e6ee7f8
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a86ks
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
432711
status
200
x-activityid
0733d019-71c0-4964-af51-2d0400a7eb2b
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
104037
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 20:48:10 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=401787
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 20:48:15 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8cKK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVXaFRTcXBiajBEcU1sVFVmdDFhd05oajlGeGFBZzNCWDBhcjJwNm9PSEVvaG50VXMyV2tFRXF...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK.img?m=4&w=800&h=800
44 KB
45 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
55c78ba155ce284dcf08159541fbf6f21a4e780756ebab41431cac2513ff3137
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8cKK
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
50998
status
200
x-activityid
0969d100-637d-48d7-879f-ba9041889478
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
45252
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 18:38:51 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=394012
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 18:38:40 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cKK.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a7ZdK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHF6WHRPeENsN0VOT3p0bUxBd1FOS2hCVVF0N1o0UmZPMUlSQTVRTmRlNmFvdSt5V2tWVzVNK3N...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK.img?m=4&w=800&h=800
177 KB
177 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
1f9160b47b57147f0cbd03fd064b55c5411d8e6ce76417990125b4fe878e20a3
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a7ZdK
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
247805
status
200
x-activityid
4813c429-423b-4db4-baae-3813c6699e8a
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
180774
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 19:54:27 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=398566
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 19:54:34 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7ZdK.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
1 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXFkn
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
1198
status
200
x-activityid
9178dc15-1478-43f7-b98e-e4f38785875d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
1198
last-modified
Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=319201
timing-allow-origin
*
x-akamai-path-stats
[1:642:358]
expires
Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8cyI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGZDMkpFUFBWRGpPckUrOVBsc25tbDJCK2FwWVNjMHdUVHplN1RKMFFtcm9HK3hmeXZIN2JxMzR...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI.img?m=4&w=800&h=800
72 KB
73 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
626a430ad030e975dd16651d0397cd0867133b1541c1e9230d040a9a03fc1b18
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8cyI
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
147661
status
200
x-activityid
2b178704-3076-4f63-9778-467bf2f19ec8
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
74213
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 18:29:24 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=393461
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 18:29:29 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8cyI.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a81yw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdVcmM3a3ZMalZ6RXVFWDk3UkhSNGtSZ0VsbnN4U3I1aytENjBCUkFlUkZVSGE1c3F3QTBJVlF...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw.img?m=4&w=800&h=800
123 KB
123 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8ecb34ec6e2db08aa0c564c55ce4224fcd23429e384b42c66373eb6fe8ffec09
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a81yw
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
491041
status
200
x-activityid
a1aac5cb-9b4b-48ac-971b-170a13ec4351
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
125741
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 18:19:18 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=392843
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 18:19:11 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a81yw.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a84Vi.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDF3YTkzZXdSVkViUXRVWUpwVTFwRWtONzdhcDgvQnYvU2t0U1lMZFdHdCtWR2JaUC9GRlE5Rk0...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi.img?m=4&w=800&h=800
65 KB
66 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
fbc314feb1658292f0f5c83f821486908630415eeed9aade8f4f6bbaebec66e0
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a84Vi
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
955236
status
200
x-activityid
5a0d04dc-e4fa-4001-8d46-49533a0cfcfe
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
66918
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 17:13:29 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=388845
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 17:12:33 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a84Vi.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a7YhT.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHUycnlWcnZWSW1YQ2g4WnM4V1Jza3VlK3BpcUhFWWhFV2NtK3FiampCMUExb3FKUUh0L090L1B...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT.img?m=4&w=800&h=800
58 KB
59 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
b8b934c75f8cf3478eb8e5c0954093464dd0434258c986e924fc58b5e6860410
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a7YhT
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
314661
status
200
x-activityid
11989084-097e-43de-948a-ada16e7c4a4a
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
59657
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 16:57:56 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=387966
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 16:57:54 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7YhT.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a7UGv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGxWSkVTKzFGL0EzUjY1SkJPOVRVMDR5TThvVm83Q2o5QlZNRlg1RWtidnA1Z1k1OXlkK1lMMG9...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv.img?m=4&w=800&h=800
96 KB
96 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
032d9d86910d94742a5bddb2f2fa65c850c7140ffb35d53a75d937b5f572737a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a7UGv
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
356571
status
200
x-activityid
aa0bc692-2f9b-49d9-bdf6-184ca703c54d
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
97916
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 16:57:56 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=387994
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 16:58:22 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7UGv.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
195 B
555 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBj0TsQ
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
195
status
200
x-activityid
6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
195
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=226323
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires
Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a7XOR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGRkRm5IS21vZkN3WEl3bzdqMUxRalVEOHpsWDhleGxlRTRIbDhHNFRkYSsxU011b1ZYNWszT29...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR.img?m=4&w=800&h=800
66 KB
67 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
7b2fe681373ee1f8a8110a4b66e748244f0a49bef7feae9e28d5c2df6bb256ce
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a7XOR
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
140870
status
200
x-activityid
6dcc075c-9b60-4a44-8f3a-7f2f03d744d3
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
67902
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 16:10:03 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=385106
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 16:10:14 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:46 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7XOR.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a86NJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZIRzU2NEFpZ0ozVzN1Zm5LZ2d6akhuS1RCbFJ6R2dCN2JqNElrcFl3WGZHZGxuMmgzWUdkb2l...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ.img?m=4&w=800&h=800
84 KB
84 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6d9fe599af470adc4b70a74d42c883ccf5c94f359b107ba0018702dee6ce2d58
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a86NJ
date
Sun, 18 Oct 2020 05:11:48 GMT
x-source-length
514714
status
200
x-activityid
f70dfd1f-d8e9-41b1-bf75-f1ecbba3f98b
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
85580
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 23:04:58 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=409973
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 23:04:41 GMT

Redirect headers

date
Sun, 18 Oct 2020 05:11:47 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86NJ.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
pubads_impl_2020101501.js
securepubads.g.doubleclick.net/gpt/
272 KB
96 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
81769ec6be856e69d17c22fdbf79b9e05b7c0ece06edc79db4114a8567298643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Oct 2020 08:42:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97658
x-xss-protection
0
expires
Sun, 18 Oct 2020 05:11:47 GMT
integrator.js
adservice.google.nl/adsid/
109 B
890 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 05:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
246 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 05:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
3 KB
847 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2273414770456611&correlator=4303528747926115&output=ldjh&impl=fifs&eid=21067119%2C21068029%2C21065517%2C21065976%2C21067753&vrg=2020101501&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201018&iu_parts=51855962%2Csimcast%2Csimcast_970x250%2Csimcast_728x90%2Csimcast_728x90_2%2Csimcast_728x90_3%2CSimcast_300x250%2Csimcast_300x600%2Csimcast_320x50&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=970x250%7C728x90%2C728x90%2C728x90%2C728x90%2C300x250%2C300x600%2C320x50&cust_params=sub_id%3Drdr4trck.com&cookie_enabled=1&bc=23&abxe=1&lmt=1602997908&dt=1602997908078&dlt=1602997907554&idt=501&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C10%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C110%2C-9%2C-9%2C-9%2C-9%2C-9&adks=1580246415%2C330538255%2C2731548126%2C101588295%2C2408052046%2C1831785291%2C2541982844&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Drdr4trck.com%26s%3Dbone%26sw%3D17%26tr%3D&dssz=14&icsg=2720&std=0&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C1580x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C1580x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=945865044.1602997908&ga_sid=1602997908&ga_hid=114586244&fws=2%2C0%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
683a3df91af67a3811e85a93ec140c61c3e83aaad67e31df0fb41896a895e7c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
328
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/
74 KB
74 KB
Font
General
Full URL
http://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Origin
http://simcast.com
Referer
http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 05:11:48 GMT
Last-Modified
Mon, 08 Jul 2019 03:51:01 GMT
Server
Apache/2.4.38 (Debian)
ETag
"126b0-58d235a3ef340"
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
font/woff2
Content-Length
75440
jmZlp9o9KQo
www.youtube.com/embed/ Frame C477
0
0
Document
General
Full URL
https://www.youtube.com/embed/jmZlp9o9KQo
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/jmZlp9o9KQo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Response headers

status
200
cache-control
no-cache
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
content-encoding
br
content-length
10205
content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Sun, 18 Oct 2020 05:11:48 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=ACpA6onwYSY; path=/; domain=.youtube.com; secure; expires=Fri, 16-Apr-2021 05:11:48 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=ACpA6onwYSY; path=/; domain=.youtube.com; secure; expires=Fri, 16-Apr-2021 05:11:48 GMT; httponly; samesite=None YSC=4TCZUjeDhtU; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 18-Oct-2020 05:41:48 GMT
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/
23 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2273414770456611&correlator=4303528747926115&output=ldjh&impl=fifs&eid=21067119%2C21068029%2C21065517%2C21065976%2C21067753&vrg=2020101501&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201018&iu_parts=51855962%2Ctest%2CTraffic_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cust_params=sub_id%3Drdr4trck.com&cookie_enabled=1&bc=23&abxe=1&lmt=1602997908&dt=1602997908188&dlt=1602997907554&idt=501&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1831&adks=890817012&ucis=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Drdr4trck.com%26s%3Dbone%26sw%3D17%26tr%3D&dssz=20&icsg=10883&std=0&csl=283&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=945865044.1602997908&ga_sid=1602997908&ga_hid=114586244&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
58ffae9d072c8de7da38e4b7457db3377bb33350ef96b02a1d56732d79fb6b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9246
x-xss-protection
0
google-lineitem-id
5399501512
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138314905801
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js.php
simcast.com/widgets/ms/
1 B
367 B
XHR
General
Full URL
http://simcast.com/widgets/ms/js.php?fra=0&ip=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept
*/*
Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Oct 2020 05:11:48 GMT
Content-Encoding
gzip
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, close
Content-Type
text/html; charset=UTF-8
Content-Length
21
Expires
Thu, 19 Nov 1981 08:52:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
779 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2273414770456611&r=1x1&w=1&h=1&a=0
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Oct 2020 05:11:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C161
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3IAOa3d7hSSNqIqakI6WljXJmSj5KuE39U-TP7yiYxbBE4GRZZ7ZYPBTWaLE8hrxQY3CWwPznYRYxO7OH6I88uA4eWE5CBPcU2GvSGuke5AksBGMOQGsIa5TlUwg4zZHxMhR4bG7cRXQyBeQqqulxRReAmiqPQtejjXk3toQGHCqGfd52Plpsq2fh1F-SV7h8WwZANUTb9GWKIGEHIc1fva1kX6fNzY1uDVp7yRm2NWFFsfJnrzI9-BErvlf5LVE44pIGTA&sig=Cg0ArKJSzLAL5V9dWyJNEAE&adurl=
Requested by
Host: cd-down.com
URL: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 05:11:48 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201014/r20110914/ Frame C161
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201014/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20d9780645e96c5273c4e1b6f46b94518dd9de586dbaf178f841c8151931e26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 17 Oct 2020 17:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42885
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7201
x-xss-protection
0
server
cafe
etag
13490672151077077007
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Oct 2020 17:17:03 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201014/r20110914/client/ Frame C161
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201014/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 17 Oct 2020 21:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1335
x-xss-protection
0
server
cafe
etag
1884878862150193934
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Oct 2020 21:37:14 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C161
75 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52f7679a6157f3fbbe5ec30d613e5ddd98121049d1bc60b890a8b32da7be8865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602674900477171"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28907
x-xss-protection
0
expires
Sun, 18 Oct 2020 05:11:48 GMT
l
www.google.com/ads/measurement/ Frame C161
0
0
Image
General
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaTwfxgLas0sTrkGIXSUItoL9vUPcfGyoumr0H_r9cp9fvTDl4nmY6onfACKPKZToVXmD2afCKQHqu89zzf8naRr5w5V-Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

2364309221291099109
tpc.googlesyndication.com/simgad/ Frame C161
807 B
970 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2364309221291099109
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 17:48:54 GMT
x-content-type-options
nosniff
age
386574
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
807
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 05:45:21 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Oct 2021 17:48:54 GMT
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602674900477171"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Sun, 18 Oct 2020 05:11:48 GMT
truncated
/ Frame C161
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f89018318cf44ede24393878c7ff3b32ef60de059b20ba322647716d80d26eb2

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C161
0
21 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfO0hewlDzME1KW1bh_RvrHRju8cdR2uxhYVJfqZghGTA45psZOUhSbZikj3Z2_RXTE1gPrAiC4LwF7tKBeM8hUpnkTtVtQOeZOFx-81RceEFMEPpDGZSe9ILQoQsoTdm1xDhX42GTZ6i2dUnqx5m2fkRp664BdXYBmzWIBgxWhHFNtmoCNq1WlM82VIipM1PnJpiYOmsPNPloriuV0z-ZGrs09IwlK4TQYvrCK5-zHJ8rZYG-OWdH3x699pFYLpqpf1bMdVw0&sig=Cg0ArKJSzOmmnKfVV89YEAE&adurl=
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 05:11:48 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020101501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad66cec5d9581acbc8f69ad21b6f5acb869979868f4cdae370cb9076143f7f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 05:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6354
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js?21068029
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 05:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Sun, 18 Oct 2020 05:11:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame FA76
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Sat, 17 Oct 2020 23:50:46 GMT
expires
Sun, 17 Oct 2021 23:50:46 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
19262
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
223 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020101501&jk=2273414770456611&bg=!IyClIADNAAUZK2QAGVh3YnwCW4rXeQIAAABUUgAAAAwKANQzep1Hi4_w7NmQOQk-14T7zpFOu7_tS7Eb4tbbQbPAY9Aydh9PAhet_p-kilBOYsZa3JP5vE-DK3J0Xkxl99guX6wRgz77G8zQsiOGctecBHzwWYpWquKakpk-_ZeXXdYrAQ7NkoUq1gCHv4rg_Vn4H7TBVXu4HvH6GHKOLzdlnGzswPYnHvEJpVJytkCTPGdVN9lUEudejufeqax4T8yaH6koTciOwuNYV_Z6c2V24R7V21oWw3p0pKtWCccOvaLV_cxcd4dLyd97x57aJSU2MizyO5kBo53JJnQsIfKjTwhgwJSi1rhapBhZii0IfdwhJZ2AJ-RH5gEWHMaHHAUREc9rhkF1SNUZnuS2OtxgZPeXK6aRGLBdYW_4ksGfyqiuV5wIsJ7wnR5eY6CLwK3Q665l5aaBp5lWo39o5YpMFPzI9hcDumDKSQlctrIX-SVv2HcZRmphDg0Vh0A_uHAAwv22lP2dEqYqmrdHoXQa6_GPvoviG0qRxFqNlsrASnA4QtYRI2iWlSGc9U12N4ThjEUQoTANVfN3Jw_UmeBXEafQPVYeI5Ghyi8fjVk6jZNYhut56A2S1paZdP6U6q8wRShWTRVDmgfA7v3UK2fWzuiLz2OdOMXaMy35PXT8_41DvInFNetkCfWDnaQNT-Br0Mur9pSV2Drh0s-sk2eQxTucvEQrIsbqPAuTi9sMmnwlm7wJoIH6pZUqHlaq2Nf0mgU9o5A9G1mcamso6H99M7rH850tJ8JxHHCTgyOCSrJgxJxLC5JO6iMwPrCbEl-oz8hqpFMLJcJhdA7hHUS4Hvra8nAyavNMZpXFXQfUcQu5bwZhWOmdk-4p
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Oct 2020 05:11:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| trustedTypes function| $ function| jQuery object| OneSignal object| googletag object| ggeac object| google_js_reporting_queue function| include function| getParametersFromUrl function| getParameters function| forSaleBanner object| parameters function| myConfirm function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| displayModal function| displayComment object| google_image_requests object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ACpA6onwYSY
.simcast.com/ Name: __gads
Value: ID=a495db1eeb61e2be:T=1602997908:S=ALNI_MZQVoL4iYNn4HhNf2J633-RFYzeYQ
.youtube.com/ Name: YSC
Value: 4TCZUjeDhtU
simcast.com/ Name: NB_SRVID
Value: srv8226216
simcast.com/ Name: PHPSESSID
Value: 0gtda5ib42l1il9qodm9drt05m

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1156d6cbd950dd72bfc6323908ad5491.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
berhilpress.info
cadet.parklogic.com
cd-down.com
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
gdmconvtrck.com
img-s-msn-com.akamaized.net
img2.smartsearch.me
img3.smartsearch.me
img4.smartsearch.me
pagead2.googlesyndication.com
riftv.net
securepubads.g.doubleclick.net
simcast.com
t.insigit.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.meetdate.xyz
www.rdr4trck.com
www.youtube.com
109.234.162.107
144.217.171.217
172.217.22.34
18.197.242.25
194.146.24.56
2001:4de0:ac19::1:b:3b
212.115.109.66
2600:3c02::f03c:91ff:fee2:5b0f
2606:4700::6811:4f6b
2606:4700::6812:e134
2a00:1450:4001:806::2001
2a00:1450:4001:814::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2002
2a02:26f0:6c00::210:ba20
2a05:d018:483:6110:7c95:4bfe:6d80:65e
2a05:d018:483:6110:de04:6bd7:82f8:2d00
45.79.244.12
52.28.86.101
63.250.58.116
69.16.231.150
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
032d9d86910d94742a5bddb2f2fa65c850c7140ffb35d53a75d937b5f572737a
0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f3b7f5c6c7f408ffffcae86522465cb634e081cecd99f223ccfca32374cce2
0865db941027b608fb3edd25259d5088c6124b0975b8f5ac7451aa2ecda80100
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70
19b1d6dd56343930c7bd22eaa903a4438ccc4a22a1624d288278cb68b2b64ea0
1f9160b47b57147f0cbd03fd064b55c5411d8e6ce76417990125b4fe878e20a3
20d9780645e96c5273c4e1b6f46b94518dd9de586dbaf178f841c8151931e26a
40685f972cc54e56f7d5bd69e75ff9c0d489c12bfbb22efc939729715fdb4c02
42fc936b173f9be34071e3426a44bde1b8badfd979f7d87cfd4c117f863b1362
52f7679a6157f3fbbe5ec30d613e5ddd98121049d1bc60b890a8b32da7be8865
55c78ba155ce284dcf08159541fbf6f21a4e780756ebab41431cac2513ff3137
58ffae9d072c8de7da38e4b7457db3377bb33350ef96b02a1d56732d79fb6b52
5c4fbbc23b5c4e11729357bd442db7f0f24076bd6fab6cee19605afc06c20176
626a430ad030e975dd16651d0397cd0867133b1541c1e9230d040a9a03fc1b18
683a3df91af67a3811e85a93ec140c61c3e83aaad67e31df0fb41896a895e7c0
6a2dbec1a367fc4e1c33dbaae1268daa467995128f60cb04ed5cf4102af03965
6d9fe599af470adc4b70a74d42c883ccf5c94f359b107ba0018702dee6ce2d58
735ed4147bec7e788964ed2deec6b8e530af0b824c7cf3d1aea047a14e6ee7f8
7b2fe681373ee1f8a8110a4b66e748244f0a49bef7feae9e28d5c2df6bb256ce
7c294a3cb6cdae6c26be664aacd29495b24b9d3f98e4c94efcafa0347c341b66
81769ec6be856e69d17c22fdbf79b9e05b7c0ece06edc79db4114a8567298643
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
85dfb8372172f2427fc075d42df146417de9064e702fd50a9aa9170bcbfe46eb
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
8ecb34ec6e2db08aa0c564c55ce4224fcd23429e384b42c66373eb6fe8ffec09
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9859a9fe4894cca18a3a24fcdc0c132f9d39e9b09da4c1be93b6c8981db526bc
9c49b31d843207871ca2278fd2dc6eb557e04eb41c2eef70f7df82104bec9282
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a6aba9e0d75c3fc91da5f41da302ecf845d2dc9937f41f57211f737cbbdf9bda
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
ad66cec5d9581acbc8f69ad21b6f5acb869979868f4cdae370cb9076143f7f74
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
b8b934c75f8cf3478eb8e5c0954093464dd0434258c986e924fc58b5e6860410
c63b049f72ef1f0ae5cd28334a6b7f66cd1a44fc4f2df74902a3c24c93e1355f
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4
d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9
d6dc570ca5cb8f584dce75241aee186b6a20f22129bc3b1c3adf842fd196c682
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ef588ce6c368027bf4991044820407679e8d9223039a7379aca837fe2a10a588
f783b41bec7d99f1033609e173ef2a709d034f841d6efc878286330170f16f9b
f89018318cf44ede24393878c7ff3b32ef60de059b20ba322647716d80d26eb2
fbc314feb1658292f0f5c83f821486908630415eeed9aade8f4f6bbaebec66e0
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051