simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paytreon.com/elina
Effective URL:
http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Submission: On January 17 via manual (January 17th 2021, 11:13:51 am UTC) from US

Summary HTTP 88 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 25 domains to perform 88 HTTP transactions. The main IP is 45.79.244.12, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2600:3c02:1::... 2600:3c02:1::2d4f:f40e	63949 (LINODE-AP...) (LINODE-AP Linode)
5	45.79.244.12 45.79.244.12	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	95.140.233.135 95.140.233.135	22822 (LLNW) (LLNW)
3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.101.179 143.204.101.179	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:9000:1a:f2c5:bfc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	52.57.195.149 52.57.195.149	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
2 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	80.239.201.11 80.239.201.11	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	2a00:1450:400... 2a00:1450:4001:81a::2006	15169 (GOOGLE) (GOOGLE)
6	2600:9000:215... 2600:9000:2156:5c00:e:a106:a680:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
88	28

2 2600:3c02:1::2d4f:f40e (United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

paytreon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
parking2.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.79.244.12 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:26f0:6c00::210:ba20 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.140.233.135 (Italy)

ASN22822 (LLNW, US)
PTR: https-95-140-233-135.ams.llnw.net

player.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.179 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-179.fra50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9000:1a:f2c5:bfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

hdrbd.ivstracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.195.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-195-149.eu-central-1.compute.amazonaws.com

ivxplayer.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f4a34435250ba69bcb8c70a6dd079512.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.239.201.11 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-11.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:5c00:e:a106:a680:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	akamaized.net img-s-msn-com.akamaized.net	102 KB
10	yandex.ru 2 redirects mc.yandex.ru	3 KB
10	ivideosmart.com player.ivideosmart.com ivxplayer.ivideosmart.com r.ivideosmart.com	58 KB
9	googlesyndication.com f4a34435250ba69bcb8c70a6dd079512.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	24 KB
5	doubleclick.net securepubads.g.doubleclick.net	126 KB
5	simcast.com simcast.com	26 KB
4	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com vid.pubmatic.com aktrack.pubmatic.com Failed	50 KB
3	googleapis.com imasdk.googleapis.com	128 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	googletagservices.com www.googletagservices.com	57 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	cloudflare.com cdnjs.cloudflare.com	4 KB
1	2mdn.net s0.2mdn.net	11 KB
1	webvisor.org mc.webvisor.org	290 B
1	google.com adservice.google.com	247 B
1	google.pl adservice.google.pl	803 B
1	jsdelivr.net cdn.jsdelivr.net	49 KB
1	aralego.net cdn.aralego.net
1	ivstracker.net hdrbd.ivstracker.net	86 KB
1	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	41 KB
1	parklogic.com parking2.parklogic.com	222 B
1	onesignal.com cdn.onesignal.com	3 KB
1	jquery.com code.jquery.com	30 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	paytreon.com 1 redirects paytreon.com	295 B
88	25

	Domain	Requested by
23	img-s-msn-com.akamaized.net	simcast.com
10	mc.yandex.ru	2 redirects simcast.com cdn.jsdelivr.net
6	r.ivideosmart.com	player.ivideosmart.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	simcast.com securepubads.g.doubleclick.net
5	simcast.com	simcast.com code.jquery.com
3	imasdk.googleapis.com	player.ivideosmart.com imasdk.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com simcast.com
3	player.ivideosmart.com	simcast.com player.ivideosmart.com
2	ads.pubmatic.com	vpaid.pubmatic.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	1 redirects simcast.com
2	cdnjs.cloudflare.com	simcast.com
1	vid.pubmatic.com	vpaid.pubmatic.com
1	vpaid.pubmatic.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	mc.webvisor.org	simcast.com
1	f4a34435250ba69bcb8c70a6dd079512.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	ivxplayer.ivideosmart.com	player.ivideosmart.com
1	cdn.jsdelivr.net	player.ivideosmart.com
1	cdn.aralego.net	player.ivideosmart.com
1	hdrbd.ivstracker.net	player.ivideosmart.com
1	d2wy8f7a9ursnm.cloudfront.net	player.ivideosmart.com
1	parking2.parklogic.com	simcast.com
1	cdn.onesignal.com	simcast.com
1	code.jquery.com	simcast.com
1	www.googletagmanager.com	simcast.com
1	paytreon.com	1 redirects
0	aktrack.pubmatic.com Failed
88	32

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.parklogic.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-01` - `2022-01-01`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.ivideosmart.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-05-29`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.ivstracker.net Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.google.pl GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
mc.webvisor.com Yandex CA	`2020-09-29` - `2021-03-23`	6 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Frame ID: 9FE2F39D9AE2B3EBA89C74A8BB7EE888
Requests: 73 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 04B27025E82F2DD469E466558A11E26A
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.433.2_en.html
Frame ID: 30141DC39C459EFEB2C313A6897AF82A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfskmR2v2JVQLKEd47yNevJptbAQdLpscw_tkiUMw1JW1-lm0jrnpgZyidDi4CrypoKTGoRNqcFRSugV7ELtWXMhU5258DkD_upVLFAs6UkthopKoQJ0igICfRE_lKnhTxx2jNvRUik2_Scdo01Qb-Vjwr8prDzxE_NmbsEbFIVUulHojFZPWkjag0bhI31IpBG14IbMVyVHpYDHSChcADRtgtR83flEDTMd4_4TJIUGtRdNFpgpiUfEyOYET9VRTpysDtSOnbfnV8erLyty4m9EQq_-y8Ffc_LP_xN_lwCg&sai=AMfl-YTTS-eqAWzIxd88sZKLkWK0t74Cf79CNcRpSZUZHDFxLmE3Jp5Sb5h8vLzGQlMBG0-oBKBiNQ3eKV-qnOPCJCx6epzWFceFb0OZLNC0LJpPyIi4u1U1RSNKsC2SNws&sig=Cg0ArKJSzNmjsC10v_QfEAE&adurl=
Frame ID: 261D13250ABE2027441C84D5C527B4B1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 80540806BEAF1B7FDE02ECEA460724CB
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 858F7E65DDF21D21CDAA6D464C78AC7E
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 907F1531E8F8228672F05C79269675BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://paytreon.com/elina HTTP 302
http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915 Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

88
Requests

91 %
HTTPS

67 %
IPv6

25
Domains

32
Subdomains

28
IPs

7
Countries

866 kB
Transfer

2297 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paytreon.com/elina HTTP 302
http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1 HTTP 302
https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=07910707-58b5-11eb-a338-1093d7b32406

Request Chain 53

https://mc.yandex.ru/watch/49007009?wmode=7&page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121330%3Aet%3A1610882010%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1446418512516%3Arqn%3A1%3Arn%3A432705379%3Ahid%3A271446993%3Ads%3A1%2C29%2C425%2C1%2C226%2C0%2C0%2C13401%2C0%2C%2C%2C%2C14084%3Afp%3A14071%3Agdpr%3A14%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882010%3Au%3A1610882010295404096%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal. HTTP 302
https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121330%3Aet%3A1610882010%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1446418512516%3Arqn%3A1%3Arn%3A432705379%3Ahid%3A271446993%3Ads%3A1%2C29%2C425%2C1%2C226%2C0%2C0%2C13401%2C0%2C%2C%2C%2C14084%3Afp%3A14071%3Agdpr%3A14%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882010%3Au%3A1610882010295404096%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Request Chain 87

https://mc.yandex.ru/watch/49007009?page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121345%3Aet%3A1610882025%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A239%3Als%3A1446418512516%3Arqn%3A8%3Arn%3A511377034%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882025%3Au%3A1610882010295404096%3Ahi%3A HTTP 302
https://mc.yandex.ru/watch/49007009/1?page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121345%3Aet%3A1610882025%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A239%3Als%3A1446418512516%3Arqn%3A8%3Arn%3A511377034%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882025%3Au%3A1610882010295404096%3Ahi%3A

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
simcast.com/
Redirect Chain

http://paytreon.com/elina
http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

41 KB
8 KB

455ms
425ms

Document
text/html

45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: e3c70bef094c383f8c79956fb832a5561f3746edced1c27cac3772430a8e9805

Request headers

Host: simcast.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 11:13:16 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=74p97ckad676gomvhdh94tej12; expires=Mon, 18-Jan-2021 11:13:16 GMT; Max-Age=86400; path=/ NB_SRVID=srv8226216; path=/
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7684
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 17 Jan 2021 11:13:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By: PHP/5.5.38
Location: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPHB61BDSE

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14beeed2fbd5d93357138bd80a81649a039e82dbe46fd41a70d0f893ad7ad487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52674
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:16 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 13334ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: http://simcast.com
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1610882010.dop133.fr8.t,1610882010.cds258.fr8.hn,1610882010.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 13 KB
3 KB 302ms
272ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 25a2d0e7c65b61d3124956ae7e402b75c18c3cfd684f20bb813fb213aaa99786

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 11:13:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Sep 2020 05:07:42 GMT
Server: Apache/2.4.38 (Debian)
ETag: "34b2-5b06cc33c0380-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2950

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 302ms
273ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 11:13:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 03:45:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "daa3-58d2345dc71c0-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 12209

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 35ms
15ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:17 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 179
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 612fa56378201f45-FRA
cf-request-id: 07b1a5b23000001f45ab8dc000000001
expires: Sun, 17 Jan 2021 23:13:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 167ms
60ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

b4de1ab2c3b71df65b2fc775ea930eb6446de84dad0f4bfb562c00bd2ec6a2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "757 / 296 of 1000 / last-modified: 1610752710"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18761
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:17 GMT

GET
H/1.1 200
OK enhance.js Show response
parking2.parklogic.com/page/ 0
222 B 432ms
110ms Script
text/html 2600:3c02:1::2d4f:f40e
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=paytreon.com
Requested by: Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02:1::2d4f:f40e , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 11:13:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: close
X-Powered-By: PHP/5.5.38
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 306ms
269ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 11:13:17 GMT
Last-Modified: Wed, 26 Feb 2020 07:27:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "527-59f758988fec0"
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 28ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 303177
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1399
cf-request-id: 07b1a5b14600001f19cfb77000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZaYB1Qpi7GOQsnHhA6kokV213tezj3UGsyB3jLcgFNc2%2BoBjULgbuoEYMqRsTmv5RV6uVdfOnbyHeHQS3S%2FTOU2uNRJGd%2BEPvAu3SbaCvD%2BaYSdouvRFxwwkWMMLKKVPXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 612fa5620ae11f19-FRA
expires: Fri, 07 Jan 2022 11:13:17 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 11ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1926943
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1541
cf-request-id: 07b1a5b15500001f1975b2f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7BrofmQMjDyOBR3tNwbjExfbUZI%2FLXsisUC0F5NHXUmvSeM58wraTkIB9Q82KQXNSgoROJW91uAQkKM%2BvE4RW%2FO47UEPoh3sxb3eYa1uIigL5C1kI%2FFEngmW4NZR32jQyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 612fa5622b0b1f19-FRA
expires: Fri, 07 Jan 2022 11:13:17 GMT

GET
H2 200 BB1cPkOg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 30 KB
31 KB 46ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPkOg.img?h=500&w=1000&x=895.5&y=299.5&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e50fbc44ae8e6940a2f010c1cde04f0a48c83efb42ae16d897ecd705a5e4d15f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cPkOg
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Sun, 17 Jan 2021 10:55:57 GMT
x-datacenter: northeu
x-source-length: 135451
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430974
x-activityid: 5524d839-a52b-4e9d-8bad-a99c6732f0d6
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPkOg?h=500&w=1000&x=895.5&y=299.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 31179
expires: Fri, 22 Jan 2021 10:56:11 GMT

GET
H2 200 BB1cPj0i.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPj0i.img?h=100&w=100&x=50&y=50&m=5

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9be26d0a527e543036b5de8cd2898f8473104389c3d3156e36b37427ec02a75a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cPj0i
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Sun, 17 Jan 2021 10:55:57 GMT
x-datacenter: northeu
x-source-length: 193232
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430959
x-activityid: 274a8981-4459-465a-b40f-cf1e2d0ae836
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPj0i?h=100&w=100&x=50&y=50&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2964
expires: Fri, 22 Jan 2021 10:55:56 GMT

GET
H2 200 BBZbaoj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 351 B
712 B 6ms
6ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBZbaoj
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Fri, 15 Jan 2021 21:09:34 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 351
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=294999
x-activityid: bb2f3559-6150-4b35-9c3e-6e5c50772c28
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj
content-length: 351
expires: Wed, 20 Jan 2021 21:09:56 GMT

GET
H2 200 BB1cPkOg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPkOg.img?h=100&w=100&x=895.5&y=299.5&m=5

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c642631cbe2584dfdb2e9a20c0e2be0bd5701f5a2cdea38e7f98775baf66ad2

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cPkOg
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Sun, 17 Jan 2021 10:55:57 GMT
x-datacenter: northeu
x-source-length: 135451
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430979
x-activityid: 55a87595-d61e-4194-bc37-50808cd96b53
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPkOg?h=100&w=100&x=895.5&y=299.5&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2650
expires: Fri, 22 Jan 2021 10:56:16 GMT

GET
H2 200 AAzjSw3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 6ms
6ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzjSw3.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAzjSw3
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Sun, 17 Jan 2021 08:27:13 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 3247
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=422087
x-activityid: d98fadad-b4c4-4f54-bf22-c0ba20bc556a
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzjSw3
content-length: 3247
expires: Fri, 22 Jan 2021 08:28:04 GMT

GET
H2 200 BB1cP3JV.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 6ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cP3JV.img?h=100&w=100&x=1095&y=419&m=5

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d3b53a5763de2b0b824c14ae0b820f0e13ec389564f0bc0a20f602e9fd3d8d2

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cP3JV
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Sun, 17 Jan 2021 09:10:09 GMT
x-datacenter: northeu
x-source-length: 208657
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=424634
x-activityid: 9779de63-6ce4-4605-b748-6e70c623a1b5
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cP3JV?h=100&w=100&x=1095&y=419&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3281
expires: Fri, 22 Jan 2021 09:10:31 GMT

GET
H2 200 AAzl6aj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 6ms
6ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzl6aj.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8266b9e45c14a4aaa67f859d2960a06a7f38295e2f408c77f89a907dddc8e6e6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAzl6aj
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Wed, 13 Jan 2021 12:25:42 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 2530
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=90720
x-activityid: 764cedc8-0a23-4398-95df-41ec36489c11
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzl6aj
content-length: 2530
expires: Mon, 18 Jan 2021 12:25:17 GMT

GET
H2 200 BB1cP42Z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 7ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cP42Z.img?h=100&w=100&x=625&y=740.5&m=5

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7918d467d48880449b5d0c93fa181f79a592def322c6e15bc11a9e5bb03a7f1f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cP42Z
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Sun, 17 Jan 2021 10:55:57 GMT
x-datacenter: northeu
x-source-length: 252186
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430941
x-activityid: 51078d1e-3ebf-4d80-9300-3787f667ca61
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cP42Z?h=100&w=100&x=625&y=740.5&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3367
expires: Fri, 22 Jan 2021 10:55:38 GMT

GET
H2 200 BB1cPkGl.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPkGl.img?h=100&w=100&x=836.5&y=920&m=5

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

84ce2aebec5c93d9b1ba33b2af711e66a0f2457fd4fac2f33062e926d0abff59

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cPkGl
date: Sun, 17 Jan 2021 11:13:17 GMT
last-modified: Sun, 17 Jan 2021 09:55:38 GMT
x-datacenter: northeu
x-source-length: 363350
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427309
x-activityid: 4eec8a5a-7cba-4309-aaee-acf5e55a35bb
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPkGl?h=100&w=100&x=836.5&y=920&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2707
expires: Fri, 22 Jan 2021 09:55:06 GMT

GET
H2 200 BB1cPaRZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPaRZ.img?h=100&w=100&x=836.5&y=920&m=5

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b2744d37db1f2199e495ac57dff11b164992f567f3e986ad7eadf693c6e6cff5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cPaRZ
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 09:55:39 GMT
x-datacenter: northeu
x-source-length: 147221
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427321
x-activityid: bee586d8-76b2-4ebf-b9b1-b0098df330e3
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPaRZ?h=100&w=100&x=836.5&y=920&m=5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3648
expires: Fri, 22 Jan 2021 09:55:19 GMT

GET
H2 200 BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 142 B
502 B 6ms
6ms Image
image/gif 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB18qTPD
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Thu, 14 Jan 2021 11:17:36 GMT
timing-allow-origin: *
x-datacenter: northeu
x-source-length: 142
x-frame-options: deny
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=173041
x-activityid: 323ab846-adf4-4ee1-be54-0aae5d8ef1c6
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD
content-length: 142
expires: Tue, 19 Jan 2021 11:17:19 GMT

GET
H2 200 loader.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ 9 KB
3 KB 184ms
60ms Script
application/javascript 95.140.233.135
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.233.135 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-233-135.ams.llnw.net
Software: AmazonS3 /
Resource Hash: 0b75e40b5c122e8eea9eee5a98acd2494f116ae5c325a38bcf79e9d6b8ebc5c9

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:17 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
last-modified: Fri, 15 Jan 2021 11:36:04 GMT
server: AmazonS3
age: 2161
vary: Accept-Encoding
x-amz-id-2: LW1KkjQVgMVqfHIee84BsRaLwQeD08Sj2mZBr0Q7mYOKZZNdpB2smjosjToGRCPwQaNKxM/A2Jk=
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
content-length: 3135
x-amz-request-id: EEC392CB74217793
x-llid: 211393f210e64fff1bcd120317f83f97
expires: Sun, 17 Jan 2021 12:37:16 GMT

GET
H2 200 BB1cPkjy.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 6ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPkjy.img?h=70&w=95&x=544&y=381&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3de2404abbe680834dfd451aa94d6aa3a2fb7ceef0b0d2aa16c53887909d015c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cPkjy
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 10:55:57 GMT
x-datacenter: northeu
x-source-length: 147524
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430984
x-activityid: c2063377-6335-4712-b040-8f47595e5aa0
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPkjy?h=70&w=95&x=544&y=381&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2232
expires: Fri, 22 Jan 2021 10:56:22 GMT

GET
H2 200 BB1cOtRL.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOtRL.img?h=70&w=95&x=893&y=345&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66d79f566b5ad87cadfba5c8fa943a1fd306bfcfe4f541ed73293bc43049926f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cOtRL
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 10:55:57 GMT
x-datacenter: northeu
x-source-length: 180348
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430984
x-activityid: b3948e46-4a78-471b-ac53-b8c7f11d6a37
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOtRL?h=70&w=95&x=893&y=345&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3143
expires: Fri, 22 Jan 2021 10:56:22 GMT

GET
H2 200 BB1cPnO0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 6ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPnO0.img?h=70&w=95&x=893&y=345&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

25ebb473d5b23cc3c8e41b477e6bdb9f4715154b68ebd8f93594a849cbaca3fc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cPnO0
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 10:55:57 GMT
x-datacenter: northeu
x-source-length: 113058
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430940
x-activityid: c3f7af93-f49c-46f4-b089-0a18a9ac9a52
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPnO0?h=70&w=95&x=893&y=345&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2252
expires: Fri, 22 Jan 2021 10:55:38 GMT

GET
H2 200 BB1cOwtr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 16ms
16ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOwtr.img?h=70&w=95&x=1025&y=328.5&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e2c6d35eeab1cb2bf0738a3722fcc9dd0e9d9aee937d1e837211b15155db6879

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cOwtr
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 09:55:39 GMT
x-datacenter: northeu
x-source-length: 346426
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427317
x-activityid: e5e3402f-771d-49fa-81b3-7db1878d9bca
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOwtr?h=70&w=95&x=1025&y=328.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3567
expires: Fri, 22 Jan 2021 09:55:15 GMT

GET
H2 200 BB146ATQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB146ATQ.img?h=70&w=95&x=1025&y=328.5&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f26f6ee7c72bfb639f82e25098280681c08752cef2d6488ec3d3de2a5d76277b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB146ATQ
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 09:55:39 GMT
x-datacenter: northeu
x-source-length: 236264
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427331
x-activityid: 4f01393c-a890-4514-a51c-cba3d180ec26
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB146ATQ?h=70&w=95&x=1025&y=328.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3149
expires: Fri, 22 Jan 2021 09:55:29 GMT

GET
H2 200 BB1cPk7b.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 13ms
13ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPk7b.img?h=70&w=95&x=1025&y=328.5&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c7f8987f7c3c0e09c2bec6bd8ec0ac2fbbab034b67b3f8438da1c4e3be1c0fcf

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cPk7b
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 09:55:39 GMT
x-datacenter: northeu
x-source-length: 161926
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427341
x-activityid: 27d1595a-96fd-4416-ab4d-b432feb490d6
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cPk7b?h=70&w=95&x=1025&y=328.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2836
expires: Fri, 22 Jan 2021 09:55:39 GMT

GET
H2 200 BB1cONfa.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cONfa.img?h=70&w=95&x=1025&y=328.5&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5f262c4c657b92bc291d5639f352d51ffa1fe7b65aa4c5c1360a3085d8412052

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cONfa
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 09:55:39 GMT
x-datacenter: northeu
x-source-length: 241529
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427285
x-activityid: 69bd0ee0-7d1c-4763-aab4-ee9a003b57fb
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cONfa?h=70&w=95&x=1025&y=328.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3094
expires: Fri, 22 Jan 2021 09:54:43 GMT

GET
H2 200 BB1cO9fU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cO9fU.img?h=70&w=95&x=916.5&y=183.5&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

caf240e20b92618b18930d88d4ab2f253a72bd4a106158ce01cd92c032fc888a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cO9fU
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 09:25:56 GMT
x-datacenter: northeu
x-source-length: 154507
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=425600
x-activityid: 69a895b7-75e9-4d13-8e29-069c8d299d4a
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cO9fU?h=70&w=95&x=916.5&y=183.5&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2691
expires: Fri, 22 Jan 2021 09:26:38 GMT

GET
H2 200 BB1cOHMZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 9ms
9ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOHMZ.img?h=70&w=95&x=614&y=497&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

79d7fa0d3e840cfd64115e83b37a19730919c7d2ea0d39c609160daefb15ae3b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cOHMZ
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 09:10:09 GMT
x-datacenter: northeu
x-source-length: 147793
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=424519
x-activityid: c104d023-c225-4ad2-8b47-cde58f155fa9
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOHMZ?h=70&w=95&x=614&y=497&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3163
expires: Fri, 22 Jan 2021 09:08:37 GMT

GET
H2 200 BB1cP0uF.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cP0uF.img?h=70&w=95&x=992&y=436&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

329fbe1905d0e76ad1791221fb51946b7bc1d04a3f8f2a2e6ab1afea0baa53ce

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cP0uF
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 08:55:28 GMT
x-datacenter: northeu
x-source-length: 127875
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=423708
x-activityid: 48538533-3414-46c1-afe2-41d9ee37ec87
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cP0uF?h=70&w=95&x=992&y=436&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 2673
expires: Fri, 22 Jan 2021 08:55:06 GMT

GET
H2 200 BB1cOOVU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 6ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOOVU.img?h=70&w=95&x=930&y=428&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a21581f00fac97051b8e811ea9cf08fd2f91c72499b95f894cb21735123319a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cOOVU
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 08:25:42 GMT
x-datacenter: northeu
x-source-length: 249578
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=421958
x-activityid: a2057ff1-fd4d-4f8e-8cd0-ac267c8ed0eb
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOOVU?h=70&w=95&x=930&y=428&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 3227
expires: Fri, 22 Jan 2021 08:25:56 GMT

GET
H2 200 BB1cOjAh.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 7 KB
7 KB 6ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOjAh.img?h=400&w=300&x=870&y=1085&m=2

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a387cf58a6ed83706c1eebd372cf3b50bd917e1c20d09d02dea6814c99810412

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1cOjAh
date: Sun, 17 Jan 2021 11:13:18 GMT
last-modified: Sun, 17 Jan 2021 10:55:57 GMT
x-datacenter: northeu
x-source-length: 183893
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430867
x-activityid: 303b6bc8-127b-42e8-a574-314331ba901c
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cOjAh?h=400&w=300&x=870&y=1085&m=2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
timing-allow-origin: *
content-length: 7029
expires: Fri, 22 Jan 2021 10:54:25 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
59 B 13ms
13ms Other
text/plain 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NPHB61BDSE&gtm=2oe161&_p=208976571&sr=1600x1200&ul=en-us&cid=1947632392.1610881997&_s=1&dl=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&dr=&dt=Welcome%20to%20the%20Simcast%20News%20portal.&sid=1610881996&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPHB61BDSE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 13ms
13ms Other
text/plain 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NPHB61BDSE&gtm=2oe161&_p=208976571&sr=1600x1200&ul=en-us&cid=1947632392.1610881997&_s=2&dl=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&dr=&dt=Welcome%20to%20the%20Simcast%20News%20portal.&sid=1610881996&sct=1&seg=0&en=view_search_results&_et=2&ep.search_term=bone
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPHB61BDSE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 62ms
61ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:30 GMT

GET
H2 200 bundle.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ 200 KB
48 KB 71ms
71ms Script
application/javascript 95.140.233.135
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.233.135 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-233-135.ams.llnw.net
Software: AmazonS3 /
Resource Hash: b9695e814e44555bcbecb09bbba613500fe8bd347527c2d019dd2b0109221d66

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
last-modified: Fri, 15 Jan 2021 11:36:04 GMT
server: AmazonS3
age: 2186
vary: Accept-Encoding
x-amz-id-2: L0jS0jfXnbZgpA7YX06CZJJh/vXsIW3GNSYd58odtEjYg36p1fkVkvGSXODPGU1N5NAVjtJfxko=
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
content-length: 48357
x-amz-request-id: 529BBB9B92F07AC4
x-llid: 6fc5077c40aa1e10a60d767cb0bc0712
expires: Sun, 17 Jan 2021 12:37:04 GMT

GET
H/1.1 200
OK js.php Show response
simcast.com/widgets/ms/ 1 B
520 B 305ms
275ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/ms/js.php?fra=0&ip=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: */*
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Jan 2021 11:13:30 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8
Content-Length: 21
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ 40 KB
41 KB 168ms
57ms Script
application/javascript 143.204.101.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.179 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 00:36:32 GMT
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 11702219
ETag: "e63788b8657ac52b3cdbb970e551c2a4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 40961
X-Amz-Cf-Id: EWtqc0u2mKFF3mQmA9LrggQAy3nfDcCze39tXM5Uc0ITtjY3vKw0mg==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 316 KB
109 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c578980c114d760959edf5bb6b58f54b7a6f963cdec420a45fb74ecac5d57b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111324
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:30 GMT

GET
H2 200 3001403 Show response
hdrbd.ivstracker.net/hbplacementsservices/ 283 KB
86 KB 37ms
7ms Script
text/javascript 2600:9000:206f:9000:1a:f2c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001403
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9000:1a:f2c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 703582cf7c253e051fd594d18a62c5012a18f7956e88d424b639c65db82fa633

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:04:41 GMT
content-encoding: gzip
age: 528
x-amzn-requestid: 8ab9f0cf-9001-464c-bf4c-025d35a98d95
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cache-control: private, max-age=600
x-amzn-trace-id: Root=1-600419c9-7ba4ef02793dec4856b06e60;Sampled=0
x-amz-cf-pop: FRA56-C1
x-amz-apigw-id: ZSj3hFhKSQ0FQhg=
x-amz-cf-id: a_fl2zdY9_wqJ5nc3MhIa_lmCRu583fXT1sWxV-wiF9qVy1JB2QboA==

GET
H2 200 sync.html
cdn.aralego.net/ucfad/cookie/ Frame 04B2 0
0 38ms
16ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-type: text/html
set-cookie: __cfduid=d179e82674673096eb4caa83b9e7e0a951610882010; expires=Tue, 16-Feb-21 11:13:30 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified: Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 5892
cf-request-id: 07b1a5e47d00002b65adaf4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lDIG6ZxxTXG4tts65%2BGtQ%2BG9EwdiiDzyQXTSTBSo6qQP0ZQrIvS98j0hch18ve2TD2KvKKSYtP9rkFmXvkGi%2BXRHXySiKOWrCSlvRjyTz8dqWUBltJCcLp1zMH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 612fa5b3f95e2b65-FRA
content-encoding: br

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6838
date: Sun, 17 Jan 2021 09:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 17 Jan 2021 11:19:32 GMT

GET
H2 200 moat-tracker.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/assets/ 1 KB
1 KB 65ms
64ms Script
application/javascript 95.140.233.135
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/assets/moat-tracker.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.233.135 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-233-135.ams.llnw.net
Software: AmazonS3 /
Resource Hash: 74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
last-modified: Thu, 14 Jan 2021 12:34:48 GMT
server: AmazonS3
age: 203325
vary: Accept-Encoding
x-amz-id-2: OHtLP8m1gnD3WTh4a5tjkCpD1ND/Dnk4kpGyNJo3E/jXF7myGpw1juvcRtmi5wB1yL72OERNy78=
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 775
x-amz-request-id: 891863B7D9B3B6DA
x-llid: 91d14bb45819e3ef84b4c94d4a18dbe9
expires: Fri, 22 Jan 2021 02:44:45 GMT

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 146 KB
49 KB 8ms
8ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9612ce9faa5781fe3b76ae0a58d40ce72dad5e1998c0411661c1fc5b6a8d0c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31465
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 50471
etag: W/"2468e-ukKuWkifOOgP0jTk5Jxv9EGB4Ac"
x-served-by: cache-fra19136-FRA
date: Sun, 17 Jan 2021 11:13:30 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ad-tag Show response
ivxplayer.ivideosmart.com/prod/outstream/ 3 KB
3 KB 206ms
67ms XHR
application/json 52.57.195.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivxplayer.ivideosmart.com/prod/outstream/ad-tag?key=09fffbe3432899f1611c2f14301b50ea&playertype=IVST&canonicalUrl=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.195.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-195-149.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 9c84ec6909f6d2d12a5198a074afeb6864577cae6e28aeaa37fff43d9f1a1104

Request headers

Accept: application/json
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:30 GMT
x-powered-by: Express
etag: W/"a8b-Jg7a/lrAEWS0BvRC5U+vsQrViQQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
x-robots-tag: none
content-length: 2699
expires: 0

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1
https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=07910707-58b5-11eb-a338-1093d7b32406

0
588 B

57ms
57ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=07910707-58b5-11eb-a338-1093d7b32406
Requested by: Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Sun, 17 Jan 2021 11:13:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 14
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Sun, 17 Jan 2021 11:13:30 GMT
Server: nginx
Location: /partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=07910707-58b5-11eb-a338-1093d7b32406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 7
Connection: keep-alive
Content-Length: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
803 B 39ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
247 B 19ms
19ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 152ms
97ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1396971792734165&correlator=2989778952552633&output=ldjh&impl=fif&eid=21067994%2C21068426%2C21068773%2C21069792%2C21069803&vrg=2021010903&ptt=17&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20210117&iu_parts=51855962%2Ctest%2CTraffic_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cookie_enabled=1&bc=23&abxe=1&lmt=1610882010&dt=1610882010283&dlt=1610881996678&idt=13580&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1667&adks=1306720187&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1947632392.1610881997&ga_sid=1610882010&ga_hid=208976571&fws=0&ohw=0&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

aeddd01aba35c4ec12a6062d55aec7b6e453207babb4e0214ed019421619aaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9382
x-xss-protection: 0
google-lineitem-id: 5399501512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314905801
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f4a34435250ba69bcb8c70a6dd079512.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 52ms
16ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f4a34435250ba69bcb8c70a6dd079512.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

1 Show response
mc.yandex.ru/watch/49007009/
Redirect Chain

https://mc.yandex.ru/watch/49007009?wmode=7&page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610881995995%3As%3...
https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610881995995%3As...

186 B
277 B

52ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121330%3Aet%3A1610882010%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1446418512516%3Arqn%3A1%3Arn%3A432705379%3Ahid%3A271446993%3Ads%3A1%2C29%2C425%2C1%2C226%2C0%2C0%2C13401%2C0%2C%2C%2C%2C14084%3Afp%3A14071%3Agdpr%3A14%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882010%3Au%3A1610882010295404096%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

07f145e939216c55862ca4c71d4da3929ff32381443df27bca06424cf41692c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17-Jan-2021 11:13:30 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:30 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:30 GMT
last-modified: Sun, 17-Jan-2021 11:13:30 GMT
location: /watch/49007009/1?wmode=7&page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121330%3Aet%3A1610882010%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1446418512516%3Arqn%3A1%3Arn%3A432705379%3Ahid%3A271446993%3Ads%3A1%2C29%2C425%2C1%2C226%2C0%2C0%2C13401%2C0%2C%2C%2C%2C14084%3Afp%3A14071%3Agdpr%3A14%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882010%3Au%3A1610882010295404096%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.
strict-transport-security: max-age=31536000
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:30 GMT

GET
H2 200 advert.gif
mc.webvisor.org/metrika/ 43 B
290 B 188ms
61ms Image
image/gif 80.239.201.11
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/metrika/advert.gif

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.11 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),

Reverse DNS

80-239-201-11.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
last-modified: Wed, 30 Dec 2020 19:28:30 GMT
etag: "5feccf70-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 17 Jan 2021 12:13:30 GMT

GET
H/1.1 200
OK bridge3.433.2_en.html
imasdk.googleapis.com/js/core/ Frame 3014 0
0 13ms
7ms Document
text/html 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.433.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 191950
Date: Sun, 17 Jan 2021 07:39:01 GMT
Expires: Mon, 17 Jan 2022 07:39:01 GMT
Last-Modified: Thu, 14 Jan 2021 20:47:25 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 12869

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:81a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:30 GMT

GET
H2 200 pageLoad Show response
r.ivideosmart.com/prod/v1/ 0
447 B 219ms
183ms XHR
application/json 2600:9000:2156:5c00:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/pageLoad?clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=ivs-player&cpID=0&device=others&domainAppName=simcast.com&engVersion=0&eventAction=pageLoad&eventPlayhead=0&eventTime=249&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1610882010195-f91f1e507867&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.53.1&productID=0&productName=IVST&referrer=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: http://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: s-_5xMyiWOYeR4-c0ZUTxwbi7G_YmvHdUIrK3LQPzY6xy7VW_WQ1hA==

GET
H2 200 playerViewable Show response
r.ivideosmart.com/prod/v1/ 0
446 B 216ms
185ms XHR
application/json 2600:9000:2156:5c00:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/playerViewable?clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=ivs-player&cpID=0&device=others&domainAppName=simcast.com&engVersion=0&eventAction=playerViewable&eventPlayhead=0&eventTime=254&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1610882010195-f91f1e507867&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.53.1&productID=0&productName=IVST&referrer=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: http://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: tlRvbb-b_TuZ5iW2VtD9aL6rGgOK2hrm0BDwPi6kq12RdFYjIh66_A==

GET
H2 200 adRequest Show response
r.ivideosmart.com/prod/v1/ 0
446 B 212ms
185ms XHR
application/json 2600:9000:2156:5c00:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adRequest?adRequestId=1610882010443-71c96579594c6&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=ivs-player&cpID=0&device=others&domainAppName=simcast.com&engVersion=0&eventAction=adRequest&eventPlayhead=0&eventTime=257&hb=0&hbBidders=none&hbNetworks=none&hbWinner=none&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1610882010195-f91f1e507867&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.53.1&productID=0&productName=IVST&referrer=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: http://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: rf3NgbsPTyQ723t1JSqZg0qqt2qw7Fp6_MmYtYja4rGftl4aeIyGsw==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 261D 0
0 81ms
81ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfskmR2v2JVQLKEd47yNevJptbAQdLpscw_tkiUMw1JW1-lm0jrnpgZyidDi4CrypoKTGoRNqcFRSugV7ELtWXMhU5258DkD_upVLFAs6UkthopKoQJ0igICfRE_lKnhTxx2jNvRUik2_Scdo01Qb-Vjwr8prDzxE_NmbsEbFIVUulHojFZPWkjag0bhI31IpBG14IbMVyVHpYDHSChcADRtgtR83flEDTMd4_4TJIUGtRdNFpgpiUfEyOYET9VRTpysDtSOnbfnV8erLyty4m9EQq_-y8Ffc_LP_xN_lwCg&sai=AMfl-YTTS-eqAWzIxd88sZKLkWK0t74Cf79CNcRpSZUZHDFxLmE3Jp5Sb5h8vLzGQlMBG0-oBKBiNQ3eKV-qnOPCJCx6epzWFceFb0OZLNC0LJpPyIi4u1U1RSNKsC2SNws&sig=Cg0ArKJSzNmjsC10v_QfEAE&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jan 2021 11:13:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:30 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210112/r20110914/ Frame 261D 18 KB
7 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210112/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03e6e60650dd4c47ef5e0e3c8f5ebdb43ca0411ca5b3b11524daddf742000cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 10:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 17616492908633636027
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Jan 2021 10:26:39 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210112/r20110914/client/ Frame 261D 3 KB
2 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210112/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bedb45393c83af82725e0bd528842203d8f29e949bee43307496a825e43f7ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 10:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1496
x-xss-protection: 0
server: cafe
etag: 10626176854215176681
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Jan 2021 10:30:26 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 261D 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad15939d9e5ee609e2a5030616ad2a8df25ed3aea074188a7dec282a157bae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610714114181599"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29425
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:30 GMT

GET
H3-Q050 200 2364309221291099109
tpc.googlesyndication.com/simgad/ Frame 261D 807 B
971 B 37ms
22ms Image
image/gif 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2364309221291099109

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 22:32:12 GMT
x-content-type-options: nosniff
age: 218478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 807
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 05:45:21 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jan 2022 22:32:12 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610714114181599"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28294
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:30 GMT

POST
H2 200 1
mc.yandex.ru/watch/49007009/ 43 B
73 B 53ms
53ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-ref=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&page-url=goal%3A%2F%2Fsimcast.com%2FpageLoad&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121330%3Aet%3A1610882010%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Als%3A1446418512516%3Arqn%3A2%3Arn%3A355518866%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Afu%3A3%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882011%3Au%3A1610882010295404096%3App%3A3629563401%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:30 GMT
last-modified: Sun, 17-Jan-2021 11:13:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:30 GMT

POST
H2 200 1
mc.yandex.ru/watch/49007009/ 43 B
85 B 51ms
50ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-ref=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&page-url=goal%3A%2F%2Fsimcast.com%2FplayerViewable&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121330%3Aet%3A1610882010%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Als%3A1446418512516%3Arqn%3A3%3Arn%3A807921927%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Afu%3A3%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882011%3Au%3A1610882010295404096%3App%3A3629563401%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:30 GMT
last-modified: Sun, 17-Jan-2021 11:13:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:30 GMT

POST
H2 200 1
mc.yandex.ru/watch/49007009/ 43 B
73 B 58ms
57ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-ref=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&page-url=goal%3A%2F%2Fsimcast.com%2FadRequest&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121330%3Aet%3A1610882010%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Als%3A1446418512516%3Arqn%3A4%3Arn%3A836468618%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Afu%3A3%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882011%3Au%3A1610882010295404096%3App%3A3629563401%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:30 GMT
last-modified: Sun, 17-Jan-2021 11:13:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:30 GMT

GET
DATA 200
OK truncated
/ Frame 261D 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53815d0de90d9656f592cd43503a4d9e3e3408dfeff5bc72251efa0bc8e0e4a9

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 261D 0
22 B 81ms
80ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvZM8t9AVaHHk3uMEofC1Mgrh-xMUA1TkrwrJ-u19L4Z3luAZvcM2Jie1NV9Si5FnqKBtYuASasNL_zDWCr1w84P9GCWYFUi0TRvErLDa8Ubr7MA9Lo-9xv_sS6mFX7_fuInhExjrL2K0RbfKDO_h30lj0Bs5Fc2mNziB-eP1bNspgckwclmuf94ehzloV9hsob0Ez4c-UWJUQwc91SpFwdEBeqeykYpPY6bmje5r1QdjqB1TLBagV4oKW4jstqjheXZNYLuPf0yhmdZias5VYsJ13bkQoVgZpKUrGOJYDZs1Z&sai=AMfl-YQUUF7H8Si48sq8f8XHvsacEXJfa4cIioY953PUu3dxd8KoWP6YukoVbh4VvdHPPTfXY-0OwB7M0_GBkETicGla2TCEdpukLesR6jvyvujj4U8TC3ZNfLaGBxum3GA&sig=Cg0ArKJSzLyc_OLdjb72EAE&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jan 2021 11:13:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 39ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021010903&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21a1f430799bf20c0df74bc2b3d879148b618f4446e764bcb78c7f3dc9209289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6697
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Sun, 17 Jan 2021 11:13:30 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 8054 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Sun, 17 Jan 2021 09:56:48 GMT
expires: Mon, 17 Jan 2022 09:56:48 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4602
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021010903&jk=1396971792734165&bg=!bG-lbyzNAAUYkFXlGDsAKQB2-DxaJTWk3qlB0N7kXWqHKh-cMUlshfJ6rvqcK2JnwOxxMNWawC2TAgAAAK5SAAAAEmgBBwoAiA37fJvHT7bel_OmUSlkLIQfrNwF2JaXQfRlWN9pDeGcV3s4ouca5qClU7U9TA0BPvOlDOF_aO1yvwlphV3N6MsnONvmXdNgi_cU_O8VwJ2Y0l1sT5QEeXdHucCoYsv43ALl7AX31rDI_bSVNPnB4--QoC8HIZ7DMmS_uGfPyF-nB1fCWq8GkLuZAd7vvQiaprOtn0Xr2xMFb1xG63bEpvavdWbLiU8JFY7Na-Ioo9uTF__-UOf29dBRL6nHCKPUzgLhrOzNgTU47XfTxAJUXiSkCNtnKMC6UTFxUzBiQFAlJwdIi8MYs8KeRSUINkD3_RsGLbaGLwGqfoJASZoTD-X3fWtHW5-OySmIqVoakrsRw7uwKfaABLS44DOyBOR_b41wmW8yyN5wQL0PTlWrLmjRvTK-TnkR2vmAAS11wNOeA2GRgaAT0_0dHkYOExb3tiKBcda6besEXUMgg1t7yIl6yLPvEzRxuAGvSOcbYLimQZvUALWVdUv68JAvbWuo99CjDljgDKAR_oaYIvXIIItRQmuzc9NDNV-gnOGEJCcXOOKJqD7jTFiQ0UdU3BRKA3uBNT55g8KN1u7WSBnO4gF86G5H2ulmOcBklWYWqH-EFnyMzzyRq3bvCHl54lLKuCvaPf7FSG4r_dLjmP1X2JnwJ7emprpWq-xKy6UjrBJkeLDACnC9lYrZag96SRbXiRWF5qLo0a77N4cSYccbkXcCIum6TWQfXCe8GwSD-Z0U1htVtdX0_8F3i8dMnuFP3gjxnTZXhafu_hXh4b1zzX7UFDCzPRx7c0ovWGJ6PQ992nfL1qeVXIIZ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsManagerLoaded Show response
r.ivideosmart.com/prod/v1/ 0
447 B 181ms
181ms XHR
application/json 2600:9000:2156:5c00:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adsManagerLoaded?adRequestId=1610882010443-71c96579594c6&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=ivs-player&cpID=0&device=others&domainAppName=simcast.com&engVersion=0&eventAction=adsManagerLoaded&eventPlayhead=0&eventTime=1279&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1610882010195-f91f1e507867&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.53.1&productID=0&productName=IVST&referrer=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:31 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: http://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: KFNJe6CUg-QvbglY4cAMTABI4uME_oyhFzQlJWJc2eSvy5Xwu69p6A==

POST
H2 200 1
mc.yandex.ru/watch/49007009/ 43 B
145 B 51ms
51ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-ref=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&page-url=goal%3A%2F%2Fsimcast.com%2FadsManagerLoaded&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121331%3Aet%3A1610882011%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Als%3A1446418512516%3Arqn%3A5%3Arn%3A827208519%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C14862%2C14862%2C2%2C%3Agdpr%3A14%3Afu%3A3%3Aeu%3A1%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882011%3Au%3A1610882010295404096%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:31 GMT
last-modified: Sun, 17-Jan-2021 11:13:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:31 GMT

GET
H/1.1 200
OK loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 858F 52 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a54bce3233c930b9799a20a1b806eee59f74c318c0361da6755b27d84e67778e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 10:59:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 14 Jan 2021 20:52:29 GMT
Server: sffe
Age: 852
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 18835
X-XSS-Protection: 0
Expires: Sun, 17 Jan 2021 11:14:19 GMT

GET
H2 200 adLoaded Show response
r.ivideosmart.com/prod/v1/ 0
448 B 180ms
180ms XHR
application/json 2600:9000:2156:5c00:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adLoaded?adCnt=1&adId=PM_VPAID_AD&adNum=1&adPod=0&adRequestId=1610882010443-71c96579594c6&adSystem=PubMatic&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=ivs-player&cpID=0&device=others&domainAppName=simcast.com&engVersion=0&eventAction=adLoaded&eventPlayhead=0&eventTime=1327&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1610882010195-f91f1e507867&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.53.1&productID=0&productName=IVST&referrer=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:31 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: http://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: 8XcRBmVvab9VNKDX6cgBKbQ9uV3jMFyPRk6PLogE8bJY_38ejI1D-w==

POST
H2 200 1
mc.yandex.ru/watch/49007009/ 43 B
73 B 51ms
51ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-ref=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&page-url=goal%3A%2F%2Fsimcast.com%2FadLoaded&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121331%3Aet%3A1610882012%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Als%3A1446418512516%3Arqn%3A6%3Arn%3A617182676%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Afu%3A3%3Aeu%3A1%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882012%3Au%3A1610882010295404096%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:31 GMT
last-modified: Sun, 17-Jan-2021 11:13:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:31 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 858F 150 KB
35 KB 202ms
87ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 11:13:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 907F 0
0 171ms
61ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=60080
Expires: Mon, 18 Jan 2021 03:54:51 GMT
Date: Sun, 17 Jan 2021 11:13:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 858F 37 KB
14 KB 191ms
65ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 11:13:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94f8-5b232eca8cf5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=60080
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Mon, 18 Jan 2021 03:54:51 GMT

GET
H/1.1 200
OK AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 858F 27 B
746 B 340ms
130ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1&cb=1610882011764&SAVersion=2&inIframe=1&pageURL=http%253A%252F%252Fsimcast.com%252F%253Fd%253Dpaytreon.com%2526s%253Dbone%2526sw%253D9%2526tr%253D97141915&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=http%253A%252F%252Fsimcast.com%252F%253Fd%253Dpaytreon.com%2526s%253Dbone%2526sw%253D9%2526tr%253D97141915&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-1-17%2012:13:32&ranreq=0.687715339334042&timezone=1&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 11:13:41 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: http://simcast.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg
Content-Type: application/xml; charset=utf-8

GET track
aktrack.pubmatic.com/ Frame 858F 0
0

GET
H2 200 adError Show response
r.ivideosmart.com/prod/v1/ 0
448 B 183ms
182ms XHR
application/json 2600:9000:2156:5c00:e:a106:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.ivideosmart.com/prod/v1/adError?adRequestId=1610882010443-71c96579594c6&clientCity=Warsaw&clientConnType=Corporate&clientCountry=PL&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=M247%20Ltd&containerID=ivs-player&cpID=0&device=others&domainAppName=simcast.com&engVersion=0&errorCode=901&errorMessage=adPlayError%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20InnerError%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20Ad%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&eventAction=adError&eventPlayhead=0&eventTime=2443&isOutstream=1&pageArticleID=d664375789fc5c634c4b23e5c337bbde&pageID=1610882010195-f91f1e507867&playerFlag=AD_preFetch&playerMajorVersion=4&playerVersion=v4.53.1&productID=0&productName=IVST&referrer=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&spID=3001403&spName=Simcast%20Outstream&videoDuration=0&videoID=0&videoPlayedDuration=0&videoRequestId=none&videoType=ivideostream
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:e:a106:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 11:13:32 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: http://simcast.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Cache-Control,Content-Type,Vary
content-length: 0
x-amz-cf-id: TVUkpWDpGz4tYs3XGvUheoaqWjMAiq7cNr9OMpwEL9GdntXsXx9Xuw==

POST
H2 200 1
mc.yandex.ru/watch/49007009/ 43 B
145 B 52ms
52ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-ref=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&page-url=goal%3A%2F%2Fsimcast.com%2FadError&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121332%3Aet%3A1610882013%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Als%3A1446418512516%3Arqn%3A7%3Arn%3A356217312%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Afu%3A3%3Aeu%3A1%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882013%3Au%3A1610882010295404096%3Ahi%3A%3At%3AWelcome%20to%20the%20Simcast%20News%20portal.

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:32 GMT
last-modified: Sun, 17-Jan-2021 11:13:32 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:32 GMT

GET
H2

200

1
mc.yandex.ru/watch/49007009/
Redirect Chain

https://mc.yandex.ru/watch/49007009?page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A...
https://mc.yandex.ru/watch/49007009/1?page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%...

43 B
71 B

57ms
57ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49007009/1?page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121345%3Aet%3A1610882025%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A239%3Als%3A1446418512516%3Arqn%3A8%3Arn%3A511377034%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882025%3Au%3A1610882010295404096%3Ahi%3A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://simcast.com/?d=paytreon.com&s=bone&sw=9&tr=97141915
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:45 GMT
last-modified: Sun, 17-Jan-2021 11:13:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Jan 2021 11:13:45 GMT
last-modified: Sun, 17-Jan-2021 11:13:45 GMT
location: /watch/49007009/1?page-url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dpaytreon.com%26s%3Dbone%26sw%3D9%26tr%3D97141915&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610881995995%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210117121345%3Aet%3A1610882025%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A239%3Als%3A1446418512516%3Arqn%3A8%3Arn%3A511377034%3Ahid%3A271446993%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1990%3Arqnl%3A1%3Ast%3A1610882025%3Au%3A1610882010295404096%3Ahi%3A
strict-transport-security: max-age=31536000
access-control-allow-origin: http://simcast.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 17-Jan-2021 11:13:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=159892&s=781699&a=3383941&ts=1610882013&wa=0&e=95&vc=2

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simcast.com/	1970-01-20 00:49:38	Name: __gads Value: ID=443a1c743c5dff47-224a7d5493b90090:T=1610882010:S=ALNI_MbcGJpXtfRiIVi96mcXs-2IwTO4Fw
.simcast.com/	1970-01-19 15:29:14	Name: _ym_isad Value: 2
simcast.com/	1969-12-31 23:59:59	Name: NB_SRVID Value: srv8226217
.simcast.com/	1970-01-20 08:59:14	Name: _ga Value: GA1.2.1947632392.1610881997
.simcast.com/	1970-01-20 00:13:38	Name: _ym_uid Value: 1610882010295404096
simcast.com/	1970-01-19 15:29:28	Name: PHPSESSID Value: l480oap4slkta0iiepqho9qbg3
.simcast.com/	1970-01-20 00:13:38	Name: _ym_d Value: 1610882010
.simcast.com/	1970-01-19 15:29:28	Name: _gid Value: GA1.2.562337323.1610882010

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js(Line 1) Message: 2021-01-17T11:13:30.187Z IVS Player SDK for HTML5: SDK script v4.53.1 loaded.
console-api	warning	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js(Line 1) Message: Setting key through IVS.config is deprecated, please set the key through Builder options
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js(Line 1) Message: 2021-01-17T11:13:30.188Z IVS Loader: Config set.
console-api	warning	URL: https://hdrbd.ivstracker.net/hbplacementsservices/3001403(Line 49) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1&cb=1610882011764
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=http%253A%252F%252Fsimcast.com%252F%253Fd%253Dpaytreon.com%2526s%253Dbone%2526sw%253D9%2526tr%253D97141915&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=http%253A%252F%252Fsimcast.com%252F%253Fd%253Dpaytreon.com%2526s%253Dbone%2526sw%253D9%2526tr%253D97141915&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-1-17 12:13:32&ranreq=0.687715339334042&timezone=1&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:PM AdRequest Time: 0.847secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Ad Error Time: 0.849secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-info:Total Component Time since player call: 1.125secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=159892&siteId=781699&adId=3383941&vadFmt=3&vapi=2&vminl=2&vmaxl=60&vh=235&vw=417&placement=3&vtype=0&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&gdpr=&gdpr_consent=&us_privacy=&kadpageurl=simcast.com&schain=1.0%2C1%21ivideosmart.com%2C3001403%2C1(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.com
adservice.google.pl
aktrack.pubmatic.com
cdn.aralego.net
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
d2wy8f7a9ursnm.cloudfront.net
f4a34435250ba69bcb8c70a6dd079512.safeframe.googlesyndication.com
hdrbd.ivstracker.net
imasdk.googleapis.com
img-s-msn-com.akamaized.net
ivxplayer.ivideosmart.com
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
parking2.parklogic.com
paytreon.com
player.ivideosmart.com
r.ivideosmart.com
s0.2mdn.net
securepubads.g.doubleclick.net
simcast.com
sync.search.spotxchange.com
tpc.googlesyndication.com
vid.pubmatic.com
vpaid.pubmatic.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
aktrack.pubmatic.com
142.250.74.194
143.204.101.179
185.64.190.75
185.94.180.125
2.18.233.180
2001:4de0:ac19::1:b:1b
2600:3c02:1::2d4f:f40e
2600:9000:206f:9000:1a:f2c5:bfc0:93a1
2600:9000:2156:5c00:e:a106:a680:93a1
2606:4700:20::ac43:47fe
2606:4700::6810:135e
2606:4700::6812:e234
2a00:1450:4001:801::2002
2a00:1450:4001:815::200e
2a00:1450:4001:818::2008
2a00:1450:4001:81a::2006
2a00:1450:4001:81b::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:821::2001
2a00:1450:4001:825::2001
2a02:26f0:6c00::210:ba20
2a02:6b8::1:119
2a04:4e42:3::621
45.79.244.12
52.57.195.149
80.239.201.11
95.140.233.135
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03e6e60650dd4c47ef5e0e3c8f5ebdb43ca0411ca5b3b11524daddf742000cb3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07f145e939216c55862ca4c71d4da3929ff32381443df27bca06424cf41692c3
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b75e40b5c122e8eea9eee5a98acd2494f116ae5c325a38bcf79e9d6b8ebc5c9
14beeed2fbd5d93357138bd80a81649a039e82dbe46fd41a70d0f893ad7ad487
15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e
21a1f430799bf20c0df74bc2b3d879148b618f4446e764bcb78c7f3dc9209289
25a2d0e7c65b61d3124956ae7e402b75c18c3cfd684f20bb813fb213aaa99786
25ebb473d5b23cc3c8e41b477e6bdb9f4715154b68ebd8f93594a849cbaca3fc
30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845
329fbe1905d0e76ad1791221fb51946b7bc1d04a3f8f2a2e6ab1afea0baa53ce
3ad15939d9e5ee609e2a5030616ad2a8df25ed3aea074188a7dec282a157bae6
3de2404abbe680834dfd451aa94d6aa3a2fb7ceef0b0d2aa16c53887909d015c
4a21581f00fac97051b8e811ea9cf08fd2f91c72499b95f894cb21735123319a
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
53815d0de90d9656f592cd43503a4d9e3e3408dfeff5bc72251efa0bc8e0e4a9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c642631cbe2584dfdb2e9a20c0e2be0bd5701f5a2cdea38e7f98775baf66ad2
5f262c4c657b92bc291d5639f352d51ffa1fe7b65aa4c5c1360a3085d8412052
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
66d79f566b5ad87cadfba5c8fa943a1fd306bfcfe4f541ed73293bc43049926f
703582cf7c253e051fd594d18a62c5012a18f7956e88d424b639c65db82fa633
74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2
7918d467d48880449b5d0c93fa181f79a592def322c6e15bc11a9e5bb03a7f1f
79d7fa0d3e840cfd64115e83b37a19730919c7d2ea0d39c609160daefb15ae3b
7c578980c114d760959edf5bb6b58f54b7a6f963cdec420a45fb74ecac5d57b6
8266b9e45c14a4aaa67f859d2960a06a7f38295e2f408c77f89a907dddc8e6e6
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
84ce2aebec5c93d9b1ba33b2af711e66a0f2457fd4fac2f33062e926d0abff59
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8d3b53a5763de2b0b824c14ae0b820f0e13ec389564f0bc0a20f602e9fd3d8d2
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9612ce9faa5781fe3b76ae0a58d40ce72dad5e1998c0411661c1fc5b6a8d0c71
9be26d0a527e543036b5de8cd2898f8473104389c3d3156e36b37427ec02a75a
9c84ec6909f6d2d12a5198a074afeb6864577cae6e28aeaa37fff43d9f1a1104
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
a387cf58a6ed83706c1eebd372cf3b50bd917e1c20d09d02dea6814c99810412
a54bce3233c930b9799a20a1b806eee59f74c318c0361da6755b27d84e67778e
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
aeddd01aba35c4ec12a6062d55aec7b6e453207babb4e0214ed019421619aaf3
b2744d37db1f2199e495ac57dff11b164992f567f3e986ad7eadf693c6e6cff5
b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069
b4de1ab2c3b71df65b2fc775ea930eb6446de84dad0f4bfb562c00bd2ec6a2c2
b9695e814e44555bcbecb09bbba613500fe8bd347527c2d019dd2b0109221d66
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bedb45393c83af82725e0bd528842203d8f29e949bee43307496a825e43f7ae3
c7f8987f7c3c0e09c2bec6bd8ec0ac2fbbab034b67b3f8438da1c4e3be1c0fcf
caf240e20b92618b18930d88d4ab2f253a72bd4a106158ce01cd92c032fc888a
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
e2c6d35eeab1cb2bf0738a3722fcc9dd0e9d9aee937d1e837211b15155db6879
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c70bef094c383f8c79956fb832a5561f3746edced1c27cac3772430a8e9805
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e50fbc44ae8e6940a2f010c1cde04f0a48c83efb42ae16d897ecd705a5e4d15f
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
f26f6ee7c72bfb639f82e25098280681c08752cef2d6488ec3d3de2a5d76277b

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

91 %HTTPS

67 %IPv6

25 Domains

32 Subdomains

28 IPs

7 Countries

866 kBTransfer

2297 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

91 %
HTTPS

67 %
IPv6

25
Domains

32
Subdomains

28
IPs

7
Countries

866 kB
Transfer

2297 kB
Size

8
Cookies

88 HTTP transactions
1 data transactions