simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://offtherecordpgh.com/
Effective URL:
https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Submission: On December 30 via api (December 30th 2022, 2:43:37 pm UTC) from US — Scanned from US

Summary HTTP 299 Redirects Behaviour Indicators

Summary

This website contacted 84 IPs in 5 countries across 70 domains to perform 299 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to AKAMAI-AP Akamai Technologies, Inc., SG. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 152563.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 13th 2022. Valid for: a year.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	50.28.32.8 50.28.32.8	32244 (LIQUIDWEB) (LIQUIDWEB)
9	45.79.244.12 45.79.244.12	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:303... 2606:4700:3034::ac43:9aed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2600:3c02::f0... 2600:3c02::f03c:92ff:fe2d:3e71	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	108.138.106.50 108.138.106.50	16509 (AMAZON-02) (AMAZON-02)
27	2600:1400:d::... 2600:1400:d::6878:d2ab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
1	192.241.157.60 192.241.157.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
6	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
10	18.164.124.102 18.164.124.102	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
6	18.213.132.77 18.213.132.77	14618 (AMAZON-AES) (AMAZON-AES)
3	13.35.101.24 13.35.101.24	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.56 18.164.96.56	16509 (AMAZON-02) (AMAZON-02)
1	2606:ae80:145... 2606:ae80:1451:19::1460	25751 (VALUECLICK) (VALUECLICK)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
1	145.40.89.200 145.40.89.200	54825 (PACKET) (PACKET)
1	35.211.165.199 35.211.165.199	15169 (GOOGLE) (GOOGLE)
2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.41.169.52 23.41.169.52	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	44.197.142.189 44.197.142.189	14618 (AMAZON-AES) (AMAZON-AES)
1 3	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
2	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	54.175.108.164 54.175.108.164	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:8640:764::2 2a06:8640:764::2	55081 (24SHELLS) (24SHELLS)
24	3.230.217.116 3.230.217.116	14618 (AMAZON-AES) (AMAZON-AES)
3	44.206.165.148 44.206.165.148	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.106.16 108.138.106.16	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.12.242 104.18.12.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.54.240.100 52.54.240.100	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.155.137 34.120.155.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 2	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
3	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	54.221.158.171 54.221.158.171	14618 (AMAZON-AES) (AMAZON-AES)
1	52.204.114.10 52.204.114.10	14618 (AMAZON-AES) (AMAZON-AES)
1	23.64.61.36 23.64.61.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.117.182.27 104.117.182.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
3	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1 3	20.73.234.141 20.73.234.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 5	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1	34.197.197.106 34.197.197.106	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:807::2006	15169 (GOOGLE) (GOOGLE)
1	18.164.94.225 18.164.94.225	16509 (AMAZON-02) (AMAZON-02)
1	23.57.131.233 23.57.131.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.127.204.163 199.127.204.163	26120 (RHYTHMONE) (RHYTHMONE)
1	108.138.128.39 108.138.128.39	16509 (AMAZON-02) (AMAZON-02)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	192.35.249.142 192.35.249.142	11742 (SPOTX-IAD) (SPOTX-IAD)
2	3.215.47.31 3.215.47.31	14618 (AMAZON-AES) (AMAZON-AES)
1	54.83.180.210 54.83.180.210	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:3556	() ()
1	108.138.128.34 108.138.128.34	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:251... 2600:9000:2511:e400:a:e047:752:5701	() ()
1	104.18.8.110 104.18.8.110	() ()
1	2607:f8b0:400... 2607:f8b0:4006:821::2002	() ()
3	2620:100:a001::3 2620:100:a001::3	() ()
3	2620:100:a005... 2620:100:a005::2b	() ()
12	2607:f8b0:400... 2607:f8b0:4006:81d::2001	() ()
4	2607:f8b0:400... 2607:f8b0:4006:80f::2004	() ()
1	13.225.63.3 13.225.63.3	() ()
1	52.223.22.214 52.223.22.214	() ()
1	40.85.112.191 40.85.112.191	() ()
1	34.96.105.8 34.96.105.8	() ()
1	202.233.84.1 202.233.84.1	() ()
299	84

2 50.28.32.8 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: peacock.parklogic.com

offtherecordpgh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.79.244.12 (Atlanta, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:9aed (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c02::f03c:92ff:fe2d:3e71 (Atlanta, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)

parking2.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.106.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-50.jfk50.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embedcdn.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:1400:d::6878:d2ab (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper

cat.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

c.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.164.124.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-102.jfk50.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.213.132.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-132-77.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.101.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-101-24.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-56.jfk50.r.cloudfront.net

p.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:ae80:1451:19::1460 (United States)

ASN25751 (VALUECLICK, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.165.199 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 199.165.211.35.bc.googleusercontent.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.169.52 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-52.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.197.142.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-142-189.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.239.230 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.75 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.175.108.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-108-164.compute-1.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:8640:764::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.206.165.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-165-148.compute-1.amazonaws.com

timber.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-16.jfk50.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.240.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-240-100.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8344:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.158.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-158-171.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.114.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-114-10.compute-1.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.64.61.36 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-36.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.27 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-27.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:824::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.73.234.141 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tra.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.80.98 (Glen Cove, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.197.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-197-106.compute-1.amazonaws.com

p2.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.94.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-94-225.jfk50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.131.233 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-131-233.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.127.204.163 (United States)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-39.jfk50.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.35.249.142 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.47.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-47-31.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.180.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-180-210.compute-1.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (None, )

ASN- ()

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:e400:a:e047:752:5701 (None, )

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.110 (None, )

ASN- ()

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2002 (None, )

ASN- ()

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::3 (None, )

ASN- ()

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a005::2b (None, )

ASN- ()

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81d::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.3 (None, )

ASN- ()

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.22.214 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.85.112.191 (None, )

ASN- ()

www.youronlinechoices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (None, )

ASN- ()

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (None, )

ASN- ()

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	akamaized.net img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 673	302 KB
24	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1224	3 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com tpc.googlesyndication.com	242 KB
16	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321 pubads.g.doubleclick.net	186 KB
14	sendtonews.com 1 redirects embed.sendtonews.com — Cisco Umbrella Rank: 19361 embedcdn.sendtonews.com — Cisco Umbrella Rank: 23230 s2l.sendtonews.com — Cisco Umbrella Rank: 21129 timber.sendtonews.com — Cisco Umbrella Rank: 21927 player.sendtonews.com — Cisco Umbrella Rank: 24740	195 KB
11	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 834 gum.criteo.com — Cisco Umbrella Rank: 446 mug.criteo.com — Cisco Umbrella Rank: 1856 rtb.va.us.criteo.com ads.us.criteo.com cat.da.us.criteo.com Failed	143 KB
10	cloudfront.net d29xw9s9x32j3w.cloudfront.net	449 KB
9	simcast.com simcast.com — Cisco Umbrella Rank: 152563	102 KB
8	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1648	2 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com	671 B
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356 cloudflare.com — Cisco Umbrella Rank: 158	30 KB
4	googletagservices.com www.googletagservices.com	187 KB
4	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 817 ib.3lift.com eb2.3lift.com	6 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522 cdn.id5-sync.com	19 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 780	49 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127 imasdk.googleapis.com — Cisco Umbrella Rank: 477	348 KB
4	neodatagroup.com 1 redirects c.neodatagroup.com — Cisco Umbrella Rank: 97787 tra.neodatagroup.com — Cisco Umbrella Rank: 79370 tracker.neodatagroup.com	13 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 743 pix.us.criteo.net Failed csm.us.criteo.net Failed	71 KB
3	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1025	892 B
3	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 760 as-sec.casalemedia.com — Cisco Umbrella Rank: 2384	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	127 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 1193	158 B
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1958 tags.crwdcntrl.net — Cisco Umbrella Rank: 1879	33 KB
2	33across.com 1 redirects lexicon.33across.com — Cisco Umbrella Rank: 3009	494 B
2	gstatic.com fonts.gstatic.com	143 KB
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 318	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 796 match.360yield.com	706 B
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1583 at.teads.tv — Cisco Umbrella Rank: 5092	892 B
2	gcprivacy.com p.gcprivacy.com — Cisco Umbrella Rank: 25871 p2.gcprivacy.com — Cisco Umbrella Rank: 17382	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	2 KB
2	offtherecordpgh.com offtherecordpgh.com	3 KB
1	microad.jp aid.send.microad.jp	641 B
1	blismedia.com tr.blismedia.com	173 B
1	youronlinechoices.com www.youronlinechoices.com
1	reson8.com ds.reson8.com	346 B
1	uidapi.com cdn.prod.uidapi.com	2 KB
1	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1381	406 B
1	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 705	948 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 739 image6.pubmatic.com Failed	112 B
1	undertone.com hb.undertone.com — Cisco Umbrella Rank: 4416	793 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1403	398 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 2070	17 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 362	17 KB
1	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3092	296 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 3358	424 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 456	540 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1098	275 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 6190	765 B
1	resonate.com cdn.resonate.com — Cisco Umbrella Rank: 11896	47 KB
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6213	2 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1875	1 KB
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1377	362 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1256	166 B
1	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3586 dclk-match.dotomi.com Failed	145 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 980	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	466 B
1	hbwrapper.com cat.hbwrapper.com — Cisco Umbrella Rank: 18175	256 B
1	parklogic.com parking2.parklogic.com — Cisco Umbrella Rank: 512988	278 B
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 27762	159 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 943	30 KB
0	e-volution.ai Failed rtb2-useast.e-volution.ai Failed
0	smartadserver.com Failed ssbsync.smartadserver.com Failed
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
0	lijit.com Failed ap.lijit.com Failed
0	uuidksinc.net Failed s.uuidksinc.net Failed
0	quantserve.com Failed cms.quantserve.com Failed
0	adrta.com Failed adrta.com Failed
0	mfadsrvr.com Failed rtb.mfadsrvr.com Failed
0	dyntrk.com Failed c.us1.dyntrk.com Failed
299	70

	Domain	Requested by
27	img-s-msn-com.akamaized.net	simcast.com
24	c2shb.pubgw.yahoo.com	cdn.adapex.io
12	tpc.googlesyndication.com	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
10	d29xw9s9x32j3w.cloudfront.net	embed.sendtonews.com simcast.com
9	simcast.com	offtherecordpgh.com simcast.com code.jquery.com
8	btlr.sharethrough.com	cdn.adapex.io
8	securepubads.g.doubleclick.net	cdn.adapex.io securepubads.g.doubleclick.net offtherecordpgh.com
7	pagead2.googlesyndication.com	simcast.com pagead2.googlesyndication.com 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
6	s2l.sendtonews.com	embed.sendtonews.com
5	cm.g.doubleclick.net	2 redirects 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
5	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
4	www.google.com	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
4	cdnjs.cloudflare.com	simcast.com embed.sendtonews.com ads.us.criteo.com
3	ads.us.criteo.com	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
3	rtb.va.us.criteo.com	offtherecordpgh.com
3	static.criteo.net	cdn.adapex.io securepubads.g.doubleclick.net static.criteo.net ads.us.criteo.com
3	id5-sync.com	cdn.adapex.io cdn.id5-sync.com 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
3	timber.sendtonews.com	embed.sendtonews.com
3	onetag-sys.com	1 redirects cdn.adapex.io 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
3	c.amazon-adsystem.com	embed.sendtonews.com c.amazon-adsystem.com
3	www.googletagmanager.com	simcast.com cdn.adapex.io www.googletagmanager.com
3	embed.sendtonews.com	1 redirects offtherecordpgh.com embed.sendtonews.com
2	tlx.3lift.com	d29xw9s9x32j3w.cloudfront.net 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
2	targeting.unrulymedia.com	d29xw9s9x32j3w.cloudfront.net
2	tra.neodatagroup.com	1 redirects simcast.com
2	mug.criteo.com	simcast.com
2	lexicon.33across.com	1 redirects simcast.com
2	gum.criteo.com	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	ib.adnxs.com	cdn.adapex.io d29xw9s9x32j3w.cloudfront.net
2	htlb.casalemedia.com	cdn.adapex.io d29xw9s9x32j3w.cloudfront.net
2	imasdk.googleapis.com	embed.sendtonews.com imasdk.googleapis.com
2	fonts.googleapis.com	embed.sendtonews.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.jsdelivr.net	cdn.adapex.io securepubads.g.doubleclick.net
2	offtherecordpgh.com	offtherecordpgh.com
1	aid.send.microad.jp	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
1	tr.blismedia.com	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
1	match.360yield.com	1 redirects
1	www.youronlinechoices.com	simcast.com
1	eb2.3lift.com	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
1	ib.3lift.com	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com ib.3lift.com
1	pubads.g.doubleclick.net	embed.sendtonews.com imasdk.googleapis.com
1	ds.reson8.com	cdn.resonate.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	prebid-server.rubiconproject.com	d29xw9s9x32j3w.cloudfront.net
1	search.spotxchange.com	d29xw9s9x32j3w.cloudfront.net
1	hbopenbid.pubmatic.com	d29xw9s9x32j3w.cloudfront.net
1	hb.undertone.com	d29xw9s9x32j3w.cloudfront.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	lb.eu-1-id5-sync.com	cdn.adapex.io
1	secure.cdn.fastclick.net	offtherecordpgh.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	s0.2mdn.net	imasdk.googleapis.com
1	p2.gcprivacy.com	p.gcprivacy.com
1	tracker.neodatagroup.com	simcast.com
1	qsearch-a.akamaihd.net	simcast.com
1	at.teads.tv	cdn.adapex.io
1	id.crwdcntrl.net	cdn.adapex.io
1	idx.liadm.com	cdn.adapex.io
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com cdn.adapex.io
1	id.sv.rkdms.com	js-sec.indexww.com
1	cdn.resonate.com	embed.sendtonews.com
1	player.sendtonews.com	embed.sendtonews.com
1	ghb.adtelligent.com	cdn.adapex.io
1	prebid.media.net	cdn.adapex.io
1	ad.360yield.com	cdn.adapex.io
1	a.teads.tv	cdn.adapex.io
1	grid.bidswitch.net	cdn.adapex.io
1	prebid.a-mo.net	cdn.adapex.io
1	bidder.criteo.com	cdn.adapex.io
1	web.hb.ad.cpe.dotomi.com	cdn.adapex.io
1	p.gcprivacy.com	cdn.adapex.io
1	js-sec.indexww.com	embed.sendtonews.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.neodatagroup.com	offtherecordpgh.com
1	cloudflare.com	cdn.adapex.io
1	cat.hbwrapper.com	cdn.adapex.io
1	embedcdn.sendtonews.com	simcast.com
1	parking2.parklogic.com	simcast.com
1	cdn.adapex.io	simcast.com
1	code.jquery.com	simcast.com
0	csm.us.criteo.net Failed	ads.us.criteo.com
0	pix.us.criteo.net Failed	ads.us.criteo.com
0	rtb2-useast.e-volution.ai Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	ssbsync.smartadserver.com Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	cs.chocolateplatform.com Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	ap.lijit.com Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	s.uuidksinc.net Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	cms.quantserve.com Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	adrta.com Failed	ads.us.criteo.com
0	cat.da.us.criteo.com Failed	ads.us.criteo.com
0	image6.pubmatic.com Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	rtb.mfadsrvr.com Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	c.us1.dyntrk.com Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
0	dclk-match.dotomi.com Failed	6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
299	102

This site contains no links.

Subject Issuer	Validity	Valid
*.simcast.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-13` - `2023-10-14`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.parklogic.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-19` - `2024-01-19`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cat.hbwrapper.com R3	`2022-12-03` - `2023-03-03`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2022-12-11` - `2023-12-11`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sendtonews.com Amazon RSA 2048 M02	`2022-11-21` - `2023-12-20`	a year	crt.sh
sni8045gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.sendtonews.com Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.gcprivacy.com Amazon	`2022-12-03` - `2024-01-01`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.a-mo.net R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.360yield.com Amazon	`2022-08-16` - `2023-09-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
securedvisit.com Amazon	`2022-10-29` - `2023-11-26`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.undertone.com Amazon	`2022-09-03` - `2023-10-01`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
cdn.prod.uidapi.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-18` - `2023-03-15`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-12` - `2023-03-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
youronlinechoices.com Go Daddy Secure Certificate Authority - G2	`2022-07-02` - `2023-08-03`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Frame ID: 11F9C50C828910655BF87DF1731608DE
Requests: 153 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: EB03A6637DAA21E97780C74F5EC47F38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1672411384&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672411383332&bpp=77&bdt=5290&idt=1388&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1325951197830&frm=20&pv=2&ga_vid=1904202345.1672411385&ga_sid=1672411385&ga_hid=1691519251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31071277%2C44779793&oid=2&pvsid=774823005204104&tmod=961705477&uas=0&nvt=1&ref=http%3A%2F%2Fofftherecordpgh.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1535
Frame ID: 338B60AB0F67B82623D82FA294270EE2
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 098E4EFC77B7795DE4FB597458234805
Requests: 18 HTTP requests in this frame

Frame: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64E354E95394C2A98BA16E8B748440A4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 87398D029587DC83D2DA9A2589749D64
Requests: 2 HTTP requests in this frame

Frame: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90849E8581723A467B801C5E24572701
Requests: 9 HTTP requests in this frame

Frame: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAF4A434A0AEC0B3289A53A7678A4AE2
Requests: 9 HTTP requests in this frame

Frame: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9A6E122E36A42055931906500BBE7A96
Requests: 9 HTTP requests in this frame

Frame: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC61982BE4F9891E43581E26B7EE1049
Requests: 11 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y674_QADkKoIaA9mAAGjD6plJQXYhEpkxPJdSw&u=%7CyWPliGUAZesR3nxl1BpO2jHuPQMty%2Bz%2FwfiIASCpnQw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPncnRevasRBj59v3HV1q5jS-2OjRKCLS1pVeUgdaJe8I4tmKKZtQigIXbDXEXvHZkFmfICw1sIxnuo-BLyzzXbdCUDYfZU-BS0iiBa3RKhBKJRGtHUwAp3-M4qsgN27hl5-Om6Zn-Y2-QnrFmUW1e0rT21o-255Y6elqCGPXHPR6tEgnScHsIj33HPiHSkS1AsSBEdyls4z--GmVTNdbwuRmMzWo1ACRO1S3LvKEgNb6H0yYsY_t6Y5i9C1shtozQE8Xs_0MS4JO2aPCDHZWxhjeBumLYaTM3Ec835Jqt3Jsmg8RMzQlLCvL6VuYaqnJ-dmUSjAFdSYNYvlMY0TMplVPIhSs2WBK5ZFd4prl2568MtByBmU9WHHTUstaYppZ1FvZRFP1MB73qXEAdOgi1-BIRLNXMotpRCc8wPDpwomoEVPiB45tZZrv_NeZWrNz9ByKpRqgdC9EsxFhn_t4bW9_M7cM7OOrGd48IevxDED_vJjuCjVk8-t8Qr7QuZGdzWq8D2Wm_nn47q8M-EgtO3RePvLDEiKhMM1JlpUUZQ--xI-v_LpA4RKplh7vQAbNM9ROLnQy1kzZ-nbp3m9K_Se5b15TUyfIWZF&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNyM7_fiuY6qhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoEpwJP0KNvwZcel_DVXmZ1l6e8a57qUxzNT9Ra2bb-Y6lcxdK6--NTeyjWj1cj6wye5ZwnqOA_4Rb1O5yFKCYJbMlElGEKI1dWuBaJwMx78sUB9-2RhwmpR6I_vGLuutxTeSMXVWN46uYZpAzgEIR3ae1KfdDl_m0Vqv1uN602ZjpMsNtDp-C84yClpxklWV6DfYxzjUSK-yXq3uXr_n6ZbXMpqhyVBOYe2hzPTDkkdToX5CTMFTKvCu-CrLVhOPfGN2Bq_Eea2RdDW8AZJaC7f8sbqf7teYGosO579o3yMVJ81dc322w1cMnaRzKDjJmlXE8qnBG-gwPjgXr7iCZl33yqJbHP-rkCju_fNG2fATjtjzpwf3WyYeqJnYFtxPzihspdJB8IEgu_4AQBgAaAw4D6y5vOzFigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2SDK5hxm1jXc590Y16r17McNRKZQ%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 4BCB45A645DE8C2947CA4EA4D79EC3CD
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F29DF547F5FA865C79F2E55F23C68F9
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y674_QADkKsIaA9mAAGjD7w0eK1GVkMYRvMVJA&u=%7CyWPliGUAZeuWsJ0ALB1vETGDr52M%2FeTp9DDz45MZ3ho%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxYIRKBNvkiUF6CwtTAnLJp9MR8arCmr2RA2pbQCgDLNLmsNxUyvc1qTJ8njkQVGULQTKUPjIAvMGByLWsn0UXDWC68-WyQeOTKEPdjsXCA2lymR1cWM-2aI6zbSPzGYStFm-_dnzHfDXCftgdcMiadeIMpf3HTcGPu7s-uZpL6tQ-nz3Aw7fjlpWQuAdjE9pKnbPaf9Lrx2s54vJz2QcPJ4RrePJHMhIADoEw6Kt3-yreqVozLcJpS9zwBlFBys6PpGh9opljDQA8cz1iOprLOQerHVRKQIpvYG_n5U-XAIBxoGFz1UgLAZKfkSA7eQCtRGAOXOiewm6gUcpd8ens2XsjgwzWhD4kBFq3pUmlkIhu3UA7ddCtI5ARpK8QRLHtwh6lgAkUZoIn5kHr3VOJTklRs_KSQvna2mHWttSZ2k-mQvJzzkq7AEjWG6yWXg9VFORZ0LZUz_51APWXqHYqnoqZdRKmrXOKbUKok11ismLQPt_xX5Kk5wSU9HY28c9-UwcxHhxAg8R6YO_NTMUg19rpv6ZaF3i9y_0xPP7J82eKc3VZyo1FkxM0MMwnM8Tkg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8yc7_fiuY6uhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoErQJP0CNqCFS9eDw8ZBiKDwzPLA9b9_YVxOyF6yjRq5HtbYMUJz7dNwgkMGh-5dC2kUqS62JnMfms_9Rt19Bm4YKpVSOyWuqeZK-G8ogi7MBO91BU05sKzGJZFfmq0khfolvio5U2W8k5NphKlTUn6MhOkjmISYJe3qJiO97af6h6lfwuM7agzlAh4WLGaY-hWtHbgN2t-DHLYumXI_4Ti2vh1A9RTzSL5GSE2MOtd_W9DqIIScUxGP-9yRThm5OhE9icVSdm3jz82Vw3um6oQRzIc_eekF9ov8JZBM8kQTah0_lZAUEvvdHg0mfK2PQTRM671uQJxoIjoaLz88k5Fjk958cewKKzO-GdYUo5RbGyCypAgLeqkWYv1OvcdF_bl71xOCq41s4CWhtRdzGe4AQBgAa79cz7k7PVmQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31_ErP26W-z0V57H1czsc-TPB-sA%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: C9B590762CBC774D5ECE7816A446A20C
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D9E212719C83E3EF10A08EEEC12F3068
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y674_QADkKwIaA9mAAGjD8is31gUNcpjlks5Lw&u=%7CyWPliGUAZeuRA3ziNgCJ217onkA4yKOsVB12sLFGLXo%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxbf7GV_ocqf_hoNwZ99SBsWIQ8htYHGDjHKSeDrKzQAoix1EN715e52K7URbaLqF9eyiWHctlJJZj3TSuqi_VmPOyknO0mDAoTuDAYRBC0TGmbZOWpYUpV4NZ7lvaXRUiipOgoHc9M7TwvvRbS-1s33u-9T7YlOzaiYqEJ-41y8JqmxG0HWBEwTaBvfyZeohJjsc9u-k6WWBishS-TiLYb0sLYeT6YSjf3zCd600Odm3L2YlsbI138i0IwuZHQmzK62wezxuEu3-E8mnp9bx-YDpLkTv7PeQJVlbdqekTmqXJDKbsU45nAamG2BcfLxWrHp7ZO3iKYqbNE8u5C5oSjYxbpVX7SGej8qK3QHjzBd4Bd9j--oQcpooNjDXTA-h1pqnOBvWPme5F2Yn586wDRr1QJGnh5UhF2tgOr6jhElMKpM6_YFZI5lHiWJS-q3CqWl3M0m6yjo1S7ZH-vU4VpnEsaHkXQUfGsqry2qE3KI0mb6c5mZOXuxRUDB-LUfg9Sy1H9Kq_B3kvycuZrCBECLiPLi0WRsdSpToSkZFjuUGf3Hiko1nMZk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsr_r_fiuY6yhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoEqgJP0IlK13duhlWl0Wl0pi2a7CvmJ4a1dTaMRJgbdVv5AR8LRwbTuwBAmPhF8JREoCMaxofpVavS0nexBnUCjwplThCV5mIRKiyeLCI26jm7rO7amWi1Cbbdw9HkO1_8kKo1Lm5k83tndWxQFFjWR_cGqaFAEmANxs505fHzK4dwyg7PfB3R9tL7TohOHnUXMa9_eOfiByvi9-GSu2WF0O-su5X-0JkCyKkgMfyQAdbzgoTTtgknJq4YWf_lXz-Lj35TiH2wFbBR18aKyIU_ubHWX5yWIz9Y2xyRcK_dYhY0ij2pmaM03sYYXoj2KtxBhS6kuDtRdQv5-pXk5uLxGT8JHKPCRRnvbqRD5aT_QcEZ96a3gnT1oTGZW8E7HZClaF_FDmvF2iR7y5n04AQBgAa79cz7k7PVmQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0L6LiiEJxoPkuxly2dY4HBwdVrAg%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: ABA05D0AF393D54275DFE86FC87449A8
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3502F246BAA73EFD14597D2BF1E9D640
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://offtherecordpgh.com/ Page URL
http://offtherecordpgh.com/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf33KV0ERPTb9elBfpp4qdihE3kcnRR7sfb1qPU... Page URL
https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0 Page URL

Page Statistics

299
Requests

75 %
HTTPS

39 %
IPv6

70
Domains

102
Subdomains

84
IPs

5
Countries

2983 kB
Transfer

7391 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://offtherecordpgh.com/ Page URL
http://offtherecordpgh.com/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf33KV0ERPTb9elBfpp4qdihE3kcnRR7sfb1qPUUa%2FzoVHPi5Ph72Zk9tXfPmmCGiPVq5YBC%2BL0n%2BkNT3lXMoKq1DMV7DAHdLNRFmvejDy9cgLVnm5uZQ1muYEbrVp2sejjSTJJGcvSK8%2Fh5XlBfxEvEyASHsn1SPwdyOS6b5VB9ae5dFrwZP2g2drLJrxVSrRPFdPNVa8J6Ta7PH68lBoDZJX8oAzOEY%2Fp5MlxPjYIBQIz4V9DkmUYxv469%2BirHugm3%2BIec0R0ULqoudvDxQTm4ob2HZkWDQOjrmK4CZKWKU8xv4ym%2FiOdZaHbPFWQO615B%2B%2FQrcdJMnjHqqxGVe%2FQkKOlR9FYXjTr1vHV2G3thSrwWGWqI0BvYGUY6HlgvXkWw%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
https://embedcdn.sendtonews.com/easy-stn-player/7.12.2/embed.js

Request Chain 136

https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&b=1&g=RnMxlFiKWD2fSJi0PKl%2Fl%2Fc2Dezh3xKJaQE6aOPKNkw%3D

Request Chain 137

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=PSPKwXxXaEttTTZHNldXMXVzQU5DNXdtbUwxUmhVMWcxbUh2SGFPOVBFb2hzLzRoYTE4dzNERUwzY2lUUCtmTHEvaXh1ZTZhdGYxUXhGMXBWakM0TjFOSmpHNS9YNW9iSzVLVTZaTkVvOUlNZ3ZnS3NkOHV5WXVaa0hEdkQ0aC9mMlFDUE5MSGVwM05aRTlrMklKYVpVVS8wNDhDQzIrd0RzMWJlbXUydEFXUEVvVE5hNDNDeUxqSTBZTUdxK2ZZdUlPRTl4Slg5cEJYTkRlcWpWeGxDczR4QkdJR0pnaElIcFJnaFBkWDlZL3hBaUVFPXw&cppv=2

Request Chain 150

https://tra.neodatagroup.com/pv?sid=2033&rnd=1535143870196&id=11980&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&re=http%253A%252F%252Fofftherecordpgh.com%252F&co=24&ids=9ccf283e-62d6-4a0c-89c4-c8ddf501db54;_pubcid;PublisherCommonId&pbs=true HTTP 302
https://tra.neodatagroup.com/pv?sid=2033&rnd=1535143870196&id=11980&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&re=http%253A%252F%252Fofftherecordpgh.com%252F&co=24&ids=9ccf283e-62d6-4a0c-89c4-c8ddf501db54;_pubcid;PublisherCommonId&pbs=true&neoid=30ac6f9453405b1

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1535143870196 HTTP 302
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1535143870196&google_gid=CAESEKMyOPgh4tv_HSRpoZQ8AK4&google_cver=1

Request Chain 226

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHV5aK0etLiCYYhksjuQrp8&google_cver=1&google_push=AavPq0Muenz5DK32s0JV2qaq7RAzwSd4o_UPv_L5qZfeiPQHLmarE83yi2CIMtxKe7-rlXkRohtigcfQDrCe8CktPf5OWG6x3atKrQmsAbRWlWt425Ofkyb5Ejh9ayxX-mXZ6kyer1ZrY_uC HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=26d0a298a6c414c8&is_secure=true&networkId=14000&version=1&google_gid=CAESEHV5aK0etLiCYYhksjuQrp8&google_cver=1&google_push=AavPq0Muenz5DK32s0JV2qaq7RAzwSd4o_UPv_L5qZfeiPQHLmarE83yi2CIMtxKe7-rlXkRohtigcfQDrCe8CktPf5OWG6x3atKrQmsAbRWlWt425Ofkyb5Ejh9ayxX-mXZ6kyer1ZrY_uC

Request Chain 227

https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGf2B9nnLbIWopiko7n0KJQ&google_cver=1&google_push=AavPq0PkTR-OXOr5pTUamzbawq7FUSoXLbNSWBPzhDim5NaqdHMquMtG6xwTt9H5TBGCmmJscQ8f86lzIwJjYCVdOTevZye6cyT7_-i0GMOiGQPqPCMA0PiHamgZuIjhUqLQwo1BS2U2Wy-l HTTP 302
https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGf2B9nnLbIWopiko7n0KJQ&google_cver=1&google_push=AavPq0PkTR-OXOr5pTUamzbawq7FUSoXLbNSWBPzhDim5NaqdHMquMtG6xwTt9H5TBGCmmJscQ8f86lzIwJjYCVdOTevZye6cyT7_-i0GMOiGQPqPCMA0PiHamgZuIjhUqLQwo1BS2U2Wy-l&prevuid=06030001_63aef901e83d8&knw=

Request Chain 228

https://s.uuidksinc.net/match/47/?remote_uid=CAESEFQK-6brWgLyGqettsFcenY&c_param1=AavPq0NixwTZm2_sdVa-sDRhhaAxGLj8lTc0vZrpFSlSkD-ZpXACS_PNfzNDSyp0M8aY7Fj2dcuhQhAR-9RoEUGpVtZP_6eSjJ5pBKYJCdbb0f5_Ro3pKDSaDIZZ5q_DxXfltOu6JUngmRA&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0NixwTZm2_sdVa-sDRhhaAxGLj8lTc0vZrpFSlSkD-ZpXACS_PNfzNDSyp0M8aY7Fj2dcuhQhAR-9RoEUGpVtZP_6eSjJ5pBKYJCdbb0f5_Ro3pKDSaDIZZ5q_DxXfltOu6JUngmRA

Request Chain 229

https://match.360yield.com/match/ebda?google_gid=CAESEAUYVS1M6Ch8AIqxuVhiK6o&google_cver=1&google_push=AavPq0NkpqOuZFBB8DDUFh5QVJbUIp3wWseVcgYXSz2YbXFyI8-olreG7nk46WDZW84FCRvai7WISH5uYjRW6FzNeaT-DaPb_Q6qxImqyrVMCrlOx8mEucF02OcB1IMMarE5aqwmGraFeivS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=R7dur808Ri2eFfs9CQkctw&google_push=AavPq0NkpqOuZFBB8DDUFh5QVJbUIp3wWseVcgYXSz2YbXFyI8-olreG7nk46WDZW84FCRvai7WISH5uYjRW6FzNeaT-DaPb_Q6qxImqyrVMCrlOx8mEucF02OcB1IMMarE5aqwmGraFeivS

Request Chain 230

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJowQC9iThLXfBkykyOxE70&google_cver=1&google_push=AavPq0MiGdLL8AXEEP6aNLK1x2o266snCVA6ztY9Bd6T9FtPkmynXyM3sw9vDlKj6JRLKBc5O-kuqudP8ZgitDbmf0fVQLRhOqg7pU75VAP3SWGIeLTjYSEnIRe7ws97MI7bmC4THCqrYqox HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MiGdLL8AXEEP6aNLK1x2o266snCVA6ztY9Bd6T9FtPkmynXyM3sw9vDlKj6JRLKBc5O-kuqudP8ZgitDbmf0fVQLRhOqg7pU75VAP3SWGIeLTjYSEnIRe7ws97MI7bmC4THCqrYqox&google_gid=CAESEJowQC9iThLXfBkykyOxE70

Request Chain 231

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEAWRdLk0_slQQ07-06Td5b8&google_cver=1&google_push=AavPq0MFiPu5yeb_6Y_cFDTD2xOA_IuYnL9y_L3b0DGfPOfSAqhf0BP3ndD4Hw7wE2Tp5HVeuf-gwxzmn9zJ1n6I2O9bJH5ooCc9YFE9_iO76LJzH24dD8y3bmMNkmu6A3ushDzTZ60eoyfUyg HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAWRdLk0_slQQ07-06Td5b8&google_cver=1&google_push=AavPq0MFiPu5yeb_6Y_cFDTD2xOA_IuYnL9y_L3b0DGfPOfSAqhf0BP3ndD4Hw7wE2Tp5HVeuf-gwxzmn9zJ1n6I2O9bJH5ooCc9YFE9_iO76LJzH24dD8y3bmMNkmu6A3ushDzTZ60eoyfUyg

Request Chain 232

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAVLjeNSk9mDYr0ONs5_tc4&google_cver=1&google_push=AavPq0NWUst4fc981AH9zkK2hbRLi3BiM-YTADayYpAkCHyWLXTg5VjWhpZNs0C6SMEH-wb1itbpjweeoVPS04q2X-Hzrz-pwaxsG5sq2j1TigbpFG-4amfjjAKbSE1rtb_gN0ip4g6NqUN- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGM5ZTdhZGUtNDgxMS00ODYzLTlmNTctOGI5ZTIwMjBhMThh&google_push=AavPq0NWUst4fc981AH9zkK2hbRLi3BiM-YTADayYpAkCHyWLXTg5VjWhpZNs0C6SMEH-wb1itbpjweeoVPS04q2X-Hzrz-pwaxsG5sq2j1TigbpFG-4amfjjAKbSE1rtb_gN0ip4g6NqUN-

Request Chain 234

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMQbIHUm7ELjmK0aybLmWyw&google_cver=1&google_push=AavPq0Pg0TytV7F9CIw1-T9-vEQzd67mEOtrhvKM4SyuQGXDwzeRtJn-vU759NWINcjXu5POatUb4iWxSwuGJqZK2yVMTuILeqMqbs-aULf9G5bzeSX0TjYc_hh2njtPYY3nKMSekRjK213LRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1ODA1MTU5NDE1NTM4NTU4MQ==&gdpr=&gdpr_consent=

Request Chain 236

https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEDmOFdKZT_H4m5R9lGfhb2Y&google_cver=1&google_push=AavPq0NSZkX8fjWy2-N7x4eI__Xph_eMqfds_iV5Tp1cxxY3KkJFX5-_uqglmYTI1N-zo7N4M6g6w1i6Zq19IjDB8hLAwdXaX3m_5XI36RogHPjJPhTA6XjPsYCeNIt9kiJnfcV73jHmSlCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AavPq0NSZkX8fjWy2-N7x4eI__Xph_eMqfds_iV5Tp1cxxY3KkJFX5-_uqglmYTI1N-zo7N4M6g6w1i6Zq19IjDB8hLAwdXaX3m_5XI36RogHPjJPhTA6XjPsYCeNIt9kiJnfcV73jHmSlCA

Request Chain 238

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDj6aH92LTEAzuulK8jMSlA&google_cver=1&google_push=AavPq0PB0Xyafx1ALGFZNFtfqFMqNzV275ZRkoXrZ3WYp6SUV27GpR9B-YO-rCT1tHdC-87OM8exr-0eLiYGw6bham4PtVmMJnNrgYhoggogOcXTRy2fg5g8fGtCzVf9WU4I0O7khG4KeyMBxg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDj6aH92LTEAzuulK8jMSlA&google_cver=1&google_push=AavPq0PB0Xyafx1ALGFZNFtfqFMqNzV275ZRkoXrZ3WYp6SUV27GpR9B-YO-rCT1tHdC-87OM8exr-0eLiYGw6bham4PtVmMJnNrgYhoggogOcXTRy2fg5g8fGtCzVf9WU4I0O7khG4KeyMBxg&rdf=1

Request Chain 239

https://sync.inmobi.com/gob?google_gid=CAESEFDHv303fVgzWSQXhutWQPQ&google_cver=1&google_push=AavPq0NKVTJGkUPnzB4zugFdJ90Bu0b2Oim0YZ6JwrnJShddhQFO5CUsJUzpBE5tdJfsyPnB8dmuYpqigKPKG_2_bDom-ppRa_Z8tIfZ1yU3KEAlmdDos3__pbGX6DgpteW7XxK5pNfPIlyaag HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAavPq0NKVTJGkUPnzB4zugFdJ90Bu0b2Oim0YZ6JwrnJShddhQFO5CUsJUzpBE5tdJfsyPnB8dmuYpqigKPKG_2_bDom-ppRa_Z8tIfZ1yU3KEAlmdDos3__pbGX6DgpteW7XxK5pNfPIlyaag

Request Chain 240

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAGULHa5EyDPTvNh73fuX9o&google_cver=1&google_push=AavPq0PInU__S08FETerIrAdK2arESUR3OIEPbTzOoB2TQYG6gxmxIUPN_CZd_ZrBV4Vm96vG4SadZBZKA7iwVjCuh54kKgvyr8H3Q8VvfO80B90ir2h5uAHQxa1P4YDbn9maLUDlOwqQ0OivsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PInU__S08FETerIrAdK2arESUR3OIEPbTzOoB2TQYG6gxmxIUPN_CZd_ZrBV4Vm96vG4SadZBZKA7iwVjCuh54kKgvyr8H3Q8VvfO80B90ir2h5uAHQxa1P4YDbn9maLUDlOwqQ0OivsQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

299 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
offtherecordpgh.com/ 2 KB
2 KB 174ms
83ms Document
text/html 50.28.32.8
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://offtherecordpgh.com/
Protocol: HTTP/1.1
Server: 50.28.32.8 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: peacock.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 30 Dec 2022 14:42:57 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1 200
OK bouncy.php
offtherecordpgh.com/page/ 715 B
999 B 131ms
63ms Document
text/html 50.28.32.8
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://offtherecordpgh.com/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf33KV0ERPTb9elBfpp4qdihE3kcnRR7sfb1qPUUa%2FzoVHPi5Ph72Zk9tXfPmmCGiPVq5YBC%2BL0n%2BkNT3lXMoKq1DMV7DAHdLNRFmvejDy9cgLVnm5uZQ1muYEbrVp2sejjSTJJGcvSK8%2Fh5XlBfxEvEyASHsn1SPwdyOS6b5VB9ae5dFrwZP2g2drLJrxVSrRPFdPNVa8J6Ta7PH68lBoDZJX8oAzOEY%2Fp5MlxPjYIBQIz4V9DkmUYxv469%2BirHugm3%2BIec0R0ULqoudvDxQTm4ob2HZkWDQOjrmK4CZKWKU8xv4ym%2FiOdZaHbPFWQO615B%2B%2FQrcdJMnjHqqxGVe%2FQkKOlR9FYXjTr1vHV2G3thSrwWGWqI0BvYGUY6HlgvXkWw%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/
Protocol: HTTP/1.1
Server: 50.28.32.8 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: peacock.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://offtherecordpgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 30 Dec 2022 14:42:57 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1 200
OK Primary Request / Show response
simcast.com/ 38 KB
8 KB 406ms
263ms Document
text/html 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf33KV0ERPTb9elBfpp4qdihE3kcnRR7sfb1qPUUa%2FzoVHPi5Ph72Zk9tXfPmmCGiPVq5YBC%2BL0n%2BkNT3lXMoKq1DMV7DAHdLNRFmvejDy9cgLVnm5uZQ1muYEbrVp2sejjSTJJGcvSK8%2Fh5XlBfxEvEyASHsn1SPwdyOS6b5VB9ae5dFrwZP2g2drLJrxVSrRPFdPNVa8J6Ta7PH68lBoDZJX8oAzOEY%2Fp5MlxPjYIBQIz4V9DkmUYxv469%2BirHugm3%2BIec0R0ULqoudvDxQTm4ob2HZkWDQOjrmK4CZKWKU8xv4ym%2FiOdZaHbPFWQO615B%2B%2FQrcdJMnjHqqxGVe%2FQkKOlR9FYXjTr1vHV2G3thSrwWGWqI0BvYGUY6HlgvXkWw%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a0fd73976f18daa148b2506376f2e19111a509b4aee05bb08ad1fc0f08e693ff

Request headers

Referer: http://offtherecordpgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
connection: Upgrade
content-encoding: gzip
content-length: 7302
content-type: text/html; charset=UTF-8
date: Fri, 30 Dec 2022 14:42:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.38 (Debian)
upgrade: h2
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 908ms
124ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:42:58 GMT
content-encoding: gzip
x-sp-metadata: HS256.CIKOvJ0GEo0BCiQ1MDI1MmYwNC0zYzc2LTQ2NWEtODI0ZC0wZmIyYThjZTUyN2MQ+OiCoKvU+wIaBgjy8budBiISMjYwMjpmZmM4OjI6MTA0Ojo3KLDWAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMmFlZmI5NWUtZmE5Zi00MzU0LWFlZTYtZDQ0MDFjYjE4ZmNmGK7vASIYCAISFGNkczI5Ni5hbTUuaHdjZG4ubmV0.eHv89snqBEPt+zC3bg1veGeOl3Mvk9FX6JCcCGJNLDo=
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15851"
vary: Accept-Encoding
x-hw: 1672411378.dop239.am5.t,1672411378.cds285.am5.hn,1672411378.cds296.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 20 KB
4 KB 891ms
366ms Stylesheet
text/css 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: d3b6f8dcf913c675c2e9fbde3d82acc3720a5a3c4ee2d817ee167a38f7cb4393

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:42:58 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 00:43:21 GMT
server: Apache/2.4.38 (Debian)
etag: "50fe-5df52a923a88b-gzip"
vary: Accept-Encoding
upgrade: h2
content-type: text/css
connection: Upgrade
accept-ranges: bytes
content-length: 4282

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 939ms
430ms Stylesheet
text/css 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:42:58 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 21:31:18 GMT
server: Apache/2.4.38 (Debian)
etag: "daa3-5d2a935d4d580-gzip"
vary: Accept-Encoding
upgrade: h2
content-type: text/css
connection: Upgrade
accept-ranges: bytes
content-length: 12209

GET
H/1.1 200
OK lib.js Show response
simcast.com/templates/simcast/js/ 856 B
787 B 714ms
205ms Script
application/javascript 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/js/lib.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:42:58 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 03:31:19 GMT
server: Apache/2.4.38 (Debian)
etag: "358-5d39fa3726fc0-gzip"
vary: Accept-Encoding
upgrade: h2
content-type: application/javascript
connection: Upgrade
accept-ranges: bytes
content-length: 459

GET
H2 200 aaw.smc.js Show response
cdn.adapex.io/hb/ 563 KB
159 KB 851ms
103ms Script
application/javascript 2606:4700:3034::ac43:9aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.smc.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d9ef0f970d1a036c4c5a423dc464babeeb0a0fab9a0943e4f0e4344d04dbca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:42:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Dec 2022 01:53:12 GMT
server: cloudflare
etag: W/"63acf308-8cba2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVvjBST8c0yTtlTdNAs5HFiV5U3HbyfkCUCMzv9PLlD%2Fqol5c0qlGUOHspnIlm6nvmw4wH6AghWxeoFte8tzw9Z9TklRO1BXkM05YJo%2Bf2f1jAHPacpQlfzquV%2FORXW2BPIlDCNvCqCCWzB5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 781b8b8d9b7ec337-EWR
expires: Sat, 31 Dec 2022 01:53:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 2037ms
141ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a563e21ef848805cd0e5a4abdee69e22196b947c459ae5c20ba6267fb08fa412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49475
x-xss-protection: 0
server: cafe
etag: 6157404195276908231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 14:43:01 GMT

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 451ms
46ms Image
image/png 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:00 GMT
last-modified: Thu, 09 Dec 2021 00:46:50 GMT
server: Apache/2.4.38 (Debian)
etag: "527-5d2abf11cf280"
upgrade: h2
content-type: image/png
connection: Upgrade
accept-ranges: bytes
content-length: 1319

GET
H/1.1 200
OK enhance.js Show response
parking2.parklogic.com/page/ 0
278 B 2401ms
87ms Script
text/javascript 2600:3c02::f03c:92ff:fe2d:3e71
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=offtherecordpgh.com
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02::f03c:92ff:fe2d:3e71 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 30 Dec 2022 14:43:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: Keep-Alive
X-Powered-By: PHP/5.5.38
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 2471ms
57ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3871759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1399
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vikg2gaDTywZN2QJzFtp3rZ4py3%2F8UHsog11nOxirkXsYZrthJKksnpTrbCTQ%2BsnO%2BKdgf2TttGexcP6I8j3XGUWanMEmbbgD7q8hZAwMsebIG80VyCE%2FsxLmbgB%2F6H3yJqtUJiPU2Cb3hQlcZGvPhic"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 781b8b9f9993d163-BUF
expires: Wed, 20 Dec 2023 14:43:01 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 1930ms
32ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1979365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1541
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrnKyVRJSgqWwt2ecF7VOpene7HG9qfBfo44XUNkPn62Dd4aak0s66zp028ot4KfpQOIli7L%2BhF99DS8bIX2Avfb1E3Vwwzk9WGv0o0yhSrho4zCfo3XT2iq6e7V%2BFfR%2FK5J0php8IDiNYWFX8TfEpdw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 781b8b9f9994d163-BUF
expires: Wed, 20 Dec 2023 14:43:01 GMT

GET
H/1.1 200
OK modal.css
simcast.com/widgets/modal/ 992 B
666 B 184ms
48ms Stylesheet
text/css 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/modal/modal.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:42:59 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:52:56 GMT
server: Apache/2.4.38 (Debian)
etag: "3e0-5d2ab305a0600-gzip"
vary: Accept-Encoding
upgrade: h2
content-type: text/css
connection: Upgrade
accept-ranges: bytes
content-length: 352

GET
H2

200

embed.js Show response
embedcdn.sendtonews.com/easy-stn-player/7.12.2/
Redirect Chain

https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
https://embedcdn.sendtonews.com/easy-stn-player/7.12.2/embed.js

7 KB
3 KB

258ms
113ms

Script
application/javascript

108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedcdn.sendtonews.com/easy-stn-player/7.12.2/embed.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66d88ad1713514529e299b7208c2d6750c142e080e28aad4b3d21e1c2b57525

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:02 GMT
x-amz-version-id: AjkJoJv3SbIBvaDT0J0m08ThGjZSvzi2
content-encoding: br
last-modified: Thu, 22 Dec 2022 20:28:48 GMT
server: AmazonS3
via: 1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/"b2969b9e0593f36355cdac4e8a424da7"
age: 1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dcrLBugVK6_HhWkgAsxIJ28j4P-FIEjfdxcoPqLfnOnu4TXXWgRKVw==

Redirect headers

date: Fri, 30 Dec 2022 14:43:01 GMT
via: 1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: FunctionGeneratedResponse from cloudfront
location: https://embedcdn.sendtonews.com/easy-stn-player/7.12.2/embed.js
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: f4rIJCFCPB4s4aA4SlOJ4VXpNs7jmEJRVm-2QBVZNRgcaveCZ4HrLA==

GET
H2 200 AA15NdPz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 1929ms
61ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15NdPz.img?h=100&w=100&x=480&y=270&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6465540ffafe33cc6040856fd44539634ce50318b46826a7f5012ec9e2c5814e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 00:08:50 GMT
x-resizerversion: 1.0
x-source-length: 29253
x-datacenter: eastus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=379567
x-activityid: 99b91fb4-bf97-434e-9f80-a430011eebcf
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15NdPz?h=100&w=100&x=480&y=270&m=5
timing-allow-origin: *
content-length: 2402
expires: Wed, 04 Jan 2023 00:09:08 GMT

GET
H2 200 AAywGC0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 18 KB
19 KB 1935ms
68ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAywGC0
date: Fri, 30 Dec 2022 14:43:01 GMT
x-source-length: 18737
x-activityid: 6eb1ecfc-641a-4fcb-b262-3b5e061fe554
x-deployment: 48814558152342d6a910966088fd07b2
content-length: 18737
last-modified: Mon, 03 Oct 2022 14:02:12 GMT
x-resizerversion: 1.0
x-datacenter: eastus
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=215984
timing-allow-origin: *
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0
expires: Mon, 02 Jan 2023 02:42:45 GMT

GET
H2 200 AA15MWaC.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 1781ms
70ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15MWaC.img?h=100&w=100&x=484&y=204&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9a93e41550478bf5493599ec7c80e3ad0657e53d6db4c8a2bb72793a907e37e9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Thu, 29 Dec 2022 23:21:35 GMT
x-resizerversion: 1.0
x-source-length: 219191
x-datacenter: eastus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=376724
x-activityid: 7f1d320d-4738-48f4-a1fd-6188e4587dd2
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15MWaC?h=100&w=100&x=484&y=204&m=5
timing-allow-origin: *
content-length: 3077
expires: Tue, 03 Jan 2023 23:21:45 GMT

GET
H2 200 AAREDQH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
5 KB 1782ms
70ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAREDQH.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2d5284d99fcf72269cb879d0f3cd5b555d2bd790ba69b00a3afc8b2e16955d8c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Sat, 17 Dec 2022 17:44:32 GMT
x-resizerversion: 1.0
x-source-length: 4356
x-datacenter: eastus
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=97409
x-activityid: abcc93c8-fde7-40a0-88f4-c439c92bb39b
content-location: https://img.s-msn.com/tenant/amp/entityid/AAREDQH
timing-allow-origin: *
content-length: 4356
expires: Sat, 31 Dec 2022 17:46:30 GMT

GET
H2 200 AA15Nelt.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 1784ms
73ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Nelt.img?h=100&w=100&x=718&y=110&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aa86dab4502a12565ead4511383711c534bdc3be6e97f0961e869e31862dc553

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 05:28:35 GMT
x-resizerversion: 1.0
x-source-length: 126328
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=398715
x-activityid: 5f528145-b86d-49dc-8005-193555c06cef
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Nelt?h=100&w=100&x=718&y=110&m=5
timing-allow-origin: *
content-length: 4030
expires: Wed, 04 Jan 2023 05:28:16 GMT

GET
H2 200 AArGKHW.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 19 KB
19 KB 1746ms
94ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AArGKHW.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

df3de558b2b4714d06cd4e21fe2faceb757baca6dadfcc199ecaf8d83e7f2111

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Mon, 19 Dec 2022 17:34:41 GMT
x-resizerversion: 1.0
x-datacenter: eastap
x-source-length: 19017
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=269787
x-activityid: ede7b3d5-5770-4d67-96fd-64255d56d586
timing-allow-origin: *
content-location: https://img.s-msn.com/tenant/amp/entityid/AArGKHW
content-length: 19017
expires: Mon, 02 Jan 2023 17:39:28 GMT

GET
H2 200 AA15Oyxm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 5 KB
5 KB 162ms
14ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Oyxm.img?h=100&w=100&x=960&y=540&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

619a69207457a5bfc5c710559eceddd80148937f3ce909bbef67e1028c1b7c23

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 13:32:42 GMT
x-resizerversion: 1.0
x-source-length: 184686
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427765
x-activityid: 02221c6f-bcc3-4a77-ac33-30b029ce92bc
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Oyxm?h=100&w=100&x=960&y=540&m=5
timing-allow-origin: *
content-length: 4843
expires: Wed, 04 Jan 2023 13:32:26 GMT

GET
H2 200 BBph6Sm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 19 KB
19 KB 213ms
47ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0079c384191e45b4ef383ff55baa1ed4d82d1a612b148096068ff737d1cf9574

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Sun, 18 Dec 2022 15:00:05 GMT
x-resizerversion: 1.0
x-datacenter: eastus
x-source-length: 19025
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=173883
x-activityid: 5f0b7afe-214e-47d7-8484-03a03a75ae2c
timing-allow-origin: *
content-location: https://img.s-msn.com/tenant/amp/entityid/BBph6Sm
content-length: 19025
expires: Sun, 01 Jan 2023 15:01:04 GMT

GET
H2 200 AA15MINm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 215ms
48ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15MINm.img?h=100&w=100&x=500&y=300&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

126f2eac9d5f84c0fd0d188b8b58bab75456f25dcd0189fc4b0627407a2a5097

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Thu, 29 Dec 2022 18:37:55 GMT
x-resizerversion: 1.0
x-datacenter: westus
x-source-length: 76002
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=359693
x-activityid: a8dd6bf8-c5f4-4cd2-b06c-5863dfb21012
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15MINm?h=100&w=100&x=500&y=300&m=5
timing-allow-origin: *
content-length: 2692
expires: Tue, 03 Jan 2023 18:37:54 GMT

GET
H2 200 AAgymO6.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 19 KB
19 KB 356ms
189ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgymO6.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ffbe717adfaf0509471ad9c4ec08e6e3896af5381bea7c0fd7e0ac75ba88ebdf

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Mon, 19 Dec 2022 17:37:05 GMT
x-resizerversion: 1.0
x-source-length: 18952
x-datacenter: eastap
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=269817
x-activityid: f108c43a-0abe-4a0e-8a83-80137fb4e907
content-location: https://img.s-msn.com/tenant/amp/entityid/AAgymO6
timing-allow-origin: *
content-length: 18952
expires: Mon, 02 Jan 2023 17:39:58 GMT

GET
H2 200 AA15Nzjx.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 103 KB
104 KB 357ms
190ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Nzjx.img?h=500&w=1000&x=776.5&y=517.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8ef1922acc47066eb9e9e9467c90f7e2bf47581e756090908730ec5f29d669f3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 12:14:38 GMT
x-resizerversion: 1.0
x-source-length: 1269733
x-datacenter: northeu
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=423038
x-activityid: f88f17e4-bff6-440c-9ad7-f35ffc13cc6f
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Nzjx?h=500&w=1000&x=776.5&y=517.5&m=2
timing-allow-origin: *
content-length: 105842
expires: Wed, 04 Jan 2023 12:13:39 GMT

GET
H2 200 AA15Oh9E.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 358ms
191ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Oh9E.img?h=70&w=95&x=412&y=407&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f7fd963d6bffd1e06fcbc0ecc37e749d08394d5db9e5af7ad450d202abf747c6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 14:21:04 GMT
x-resizerversion: 1.0
x-source-length: 134326
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430692
x-activityid: fe0f979a-0a86-46b0-94a1-088219bcd349
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Oh9E?h=70&w=95&x=412&y=407&m=5
timing-allow-origin: *
content-length: 3383
expires: Wed, 04 Jan 2023 14:21:13 GMT

GET
H2 200 AAywOab.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 18 KB
19 KB 358ms
192ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d5d6df229ac67cde4b39d275955e4a279bbd7f922855d10b44f5701e6aa3cc64

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 08:31:21 GMT
x-resizerversion: 1.0
x-datacenter: northeu
x-source-length: 18737
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=409700
x-activityid: 46b7db05-b32f-467a-a8ed-1fada13081ca
timing-allow-origin: *
content-location: https://img.s-msn.com/tenant/amp/entityid/AAywOab
content-length: 18737
expires: Wed, 04 Jan 2023 08:31:21 GMT

GET
H2 200 AA15Nelt.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 639ms
472ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Nelt.img?h=70&w=95&x=718&y=110&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8f5f15c94a411a259a9c7ac5a39bd62286a12670ddd45003d7b89d634611501a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 05:28:41 GMT
x-resizerversion: 1.0
x-source-length: 126328
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=398807
x-activityid: 46f9ae72-f1fc-4503-9f34-e30e9ba7efb1
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Nelt?h=70&w=95&x=718&y=110&m=5
timing-allow-origin: *
content-length: 3239
expires: Wed, 04 Jan 2023 05:29:48 GMT

GET
H2 200 AA15MTBf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 15 KB
15 KB 645ms
478ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15MTBf.img?h=70&w=95&x=457.5&y=194.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6d207dfe56fe42f00e2755de219d57b425c45e9dd6f0b593d466cef66ea64714

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Thu, 29 Dec 2022 21:32:51 GMT
x-resizerversion: 1.0
x-source-length: 610141
x-datacenter: westus
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=370114
x-activityid: 2cbb2d46-e4fc-4082-93fd-91d4c85088a7
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15MTBf?h=70&w=95&x=457.5&y=194.5&m=5
timing-allow-origin: *
content-length: 15194
expires: Tue, 03 Jan 2023 21:31:35 GMT

GET
H2 200 BBERG9W.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 645ms
479ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBERG9W.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a73d67096ccf12f95814a2d275d992a00da57a4a5406a76ba09a453a8b42338e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Tue, 20 Dec 2022 10:16:22 GMT
x-resizerversion: 1.0
x-source-length: 1622
x-datacenter: northeu
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=329781
x-activityid: 72562a20-e486-4562-8967-ada77eb20129
content-location: https://img.s-msn.com/tenant/amp/entityid/BBERG9W
timing-allow-origin: *
content-length: 1622
expires: Tue, 03 Jan 2023 10:19:22 GMT

GET
H2 200 AA15Nr3I.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 658ms
491ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Nr3I.img?h=70&w=95&x=1554.5&y=1166&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

05a3fd3f8d058cdd65e27b9bacd858b0f334fd81524a5a98fe0fd3500660d663

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 02:19:08 GMT
x-resizerversion: 1.0
x-source-length: 1179103
x-datacenter: eastap
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=387374
x-activityid: 6b3b076f-0a3f-4f95-bdb4-7d50c7ad350c
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Nr3I?h=70&w=95&x=1554.5&y=1166&m=5
timing-allow-origin: *
content-length: 3044
expires: Wed, 04 Jan 2023 02:19:15 GMT

GET
H2 200 AAQk7ql.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 668ms
501ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAQk7ql.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

adac6c0ecd79ff0ecbfcb5026a3cd70f37a6361638b8b92804ab745492de27eb

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 16 Dec 2022 14:52:48 GMT
x-resizerversion: 1.0
x-source-length: 2906
x-datacenter: eastap
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=389429
x-activityid: f779a528-ece8-4423-842b-15d6cbb2c064
content-location: https://img.s-msn.com/tenant/amp/entityid/AAQk7ql
timing-allow-origin: *
content-length: 2906
expires: Wed, 04 Jan 2023 02:53:30 GMT

GET
H2 200 AA15Nr8K.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 698ms
532ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Nr8K.img?h=70&w=95&x=1450.5&y=221.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a026d78a64f76a0fe08a62eda1ea1ee0747935a8261c520988ea2512c775a99c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 03:07:12 GMT
x-resizerversion: 1.0
x-source-length: 299651
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=390193
x-activityid: 4892069d-6b8d-43ee-b412-8876f5708a58
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Nr8K?h=70&w=95&x=1450.5&y=221.5&m=5
timing-allow-origin: *
content-length: 3299
expires: Wed, 04 Jan 2023 03:06:14 GMT

GET
H2 200 AA13O52I.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 507 B
815 B 702ms
535ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13O52I.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0330e5dad71b8c72da6a3f473fc343a12be67c598cc082651d2fa331c407988d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 03:05:14 GMT
x-resizerversion: 1.0
x-datacenter: eastap
x-source-length: 507
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=390107
x-activityid: cda36d11-df51-439d-a771-cec6006e9f51
timing-allow-origin: *
content-location: https://img.s-msn.com/tenant/amp/entityid/AA13O52I
content-length: 507
expires: Wed, 04 Jan 2023 03:04:48 GMT

GET
H2 200 AA15MRmN.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 721ms
555ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15MRmN.img?h=70&w=95&x=330&y=191&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

69d0c5220bcc0d99812a82904bd8d8541f4052617cb82dba63ec1849a7262a7a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Thu, 29 Dec 2022 20:44:25 GMT
x-resizerversion: 1.0
x-source-length: 106709
x-datacenter: eastus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=367262
x-activityid: 316d92e5-1c0d-4183-889f-40101a135048
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15MRmN?h=70&w=95&x=330&y=191&m=5
timing-allow-origin: *
content-length: 2249
expires: Tue, 03 Jan 2023 20:44:03 GMT

GET
H2 200 AAsvT3F.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 782 B
1 KB 725ms
558ms Image
image/png 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAsvT3F.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d6fd425bfa06418f87594f7fb1486734777ef6655442296eab3b768287bf745d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 16 Dec 2022 07:06:06 GMT
x-resizerversion: 1.0
x-source-length: 782
x-datacenter: eastus
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=361471
x-activityid: 9f6d850e-cb26-4ad0-a8d3-a4a97ad8443a
content-location: https://img.s-msn.com/tenant/amp/entityid/AAsvT3F
timing-allow-origin: *
content-length: 782
expires: Tue, 03 Jan 2023 19:07:32 GMT

GET
H2 200 AA15KwCq.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 731ms
565ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15KwCq.img?h=70&w=95&x=1982.5&y=1487&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7e7cda72d5d77c1f2a057aaf6ef3e209cb2a61328ad5f2a4020e086996671739

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 10:57:25 GMT
x-resizerversion: 1.0
x-source-length: 1516804
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=418446
x-activityid: 3a675112-80d9-41c8-a8e6-db9d054bd80d
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15KwCq?h=70&w=95&x=1982.5&y=1487&m=5
timing-allow-origin: *
content-length: 2991
expires: Wed, 04 Jan 2023 10:57:07 GMT

GET
H2 200 AA15MINm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 747ms
580ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15MINm.img?h=70&w=95&x=500&y=300&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

abe96a5c1249982c69abac519b725c90015189f74c66e0a9d7cf7bed368dd46b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Thu, 29 Dec 2022 18:37:55 GMT
x-resizerversion: 1.0
x-source-length: 76002
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=359718
x-activityid: c9792651-96eb-4d8d-9f69-115bd07aeecd
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15MINm?h=70&w=95&x=500&y=300&m=5
timing-allow-origin: *
content-length: 2060
expires: Tue, 03 Jan 2023 18:38:19 GMT

GET
H2 200 AA15Oyxm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 772ms
606ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Oyxm.img?h=70&w=95&x=960&y=540&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36f98074c3c03c79dacc53ee0b8b0d9a465486c0ce011cea37c28bb47067e0aa

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 13:36:34 GMT
x-resizerversion: 1.0
x-source-length: 184686
x-datacenter: eastap
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=428037
x-activityid: c6b9b0ed-542e-435b-b6ba-075d62c945bd
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Oyxm?h=70&w=95&x=960&y=540&m=5
timing-allow-origin: *
content-length: 3620
expires: Wed, 04 Jan 2023 13:36:58 GMT

GET
H2 200 AA15Ot83.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 15 KB
15 KB 820ms
654ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Ot83.img?h=300&w=400&x=464&y=476&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d7db15d19132707628d97c9fdfa8d266623d4a4eb4fe5d0ff38245f868d3e7f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Fri, 30 Dec 2022 13:45:44 GMT
x-resizerversion: 1.0
x-datacenter: eastus
x-source-length: 669928
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=428502
x-activityid: 1ec3f41f-34ec-48f6-9adf-b48c477bd193
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15Ot83?h=300&w=400&x=464&y=476&m=2
timing-allow-origin: *
content-length: 15382
expires: Wed, 04 Jan 2023 13:44:43 GMT

GET
H2 200 AA15NeYQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 17 KB
18 KB 821ms
655ms Image
image/jpeg 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15NeYQ.img?h=300&w=400&x=317.5&y=219.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1be644063e7501d3e8fd3b756b8bef3ce86ea5cce27fcb10500477ccdf3a40b9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
last-modified: Thu, 29 Dec 2022 22:15:41 GMT
x-resizerversion: 1.0
x-datacenter: northeu
x-source-length: 22844
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=372765
x-activityid: 396867ca-ce51-475f-b538-6f7321dcd78d
content-location: https://img.s-msn.com/tenant/amp/entityid/AA15NeYQ?h=300&w=400&x=317.5&y=219.5&m=2
timing-allow-origin: *
content-length: 17740
expires: Tue, 03 Jan 2023 22:15:46 GMT

GET
H/1.1 200
OK gdpr.css
simcast.com/widgets/gdpr/ 799 B
665 B 229ms
53ms Stylesheet
text/css 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/gdpr/gdpr.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:42:59 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:52:06 GMT
server: Apache/2.4.38 (Debian)
etag: "31f-5d2ab2d5f1580-gzip"
vary: Accept-Encoding
upgrade: h2
content-type: text/css
connection: Upgrade
accept-ranges: bytes
content-length: 351

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 502ms
260ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0be4c7120a12a5db2aef4ee1e24aef0744989131ac9fcf6ba60a8723698b37dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43579
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Dec 2022 14:43:02 GMT

POST
H/1.1 200
OK / Show response
cat.hbwrapper.com/ 15 B
256 B 2150ms
75ms XHR
text/html 192.241.157.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:01 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 304 B
449 B 2368ms
18ms XHR
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9396b67f98c4eb5a1c8c6bf45ae1cbdf950dda84395afae7cfb888b13e0dcc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 781b8b9f798dd163-BUF
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 2481ms
128ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e81efc856f66a33ff45c199b47b90901d3257c7fad177816870c892e7acc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27536
x-xss-protection: 0
server: sffe
etag: "1436 / 193 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Dec 2022 14:43:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
41 KB 381ms
285ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e0ca81ca7bb37f31dbeb67e429ff8cfd963b5675a96839fd0adc909fd0354a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42047
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Dec 2022 14:43:02 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 2185ms
27ms XHR
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a46e89e7d29cfda66c551f121a219b17e00e7cb48a29ba291c29d6ea9779408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Dec 2022 14:43:01 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 38530
x-jsd-version: 1.0.1571
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 924
x-served-by: cache-fra-eddf8230021-FRA, cache-ewr18132-EWR
x-jsd-version-type: version
etag: W/"66a-HE3Uuko0vbarPTaoqU4jwW4OFOA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 74 KB
74 KB 756ms
204ms Font
font/woff2 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin: https://simcast.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:02 GMT
last-modified: Wed, 08 Dec 2021 21:32:06 GMT
server: Apache/2.4.38 (Debian)
etag: "126b0-5d2a938b14180"
upgrade: h2
content-type: font/woff2
connection: Upgrade
accept-ranges: bytes
content-length: 75440

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 66ms
50ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Dec 2023 07:34:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 113 B
99 B 152ms
41ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
expires: Fri, 30 Dec 2022 14:43:03 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ 355 KB
117 KB 195ms
87ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a25c76228e3ee7a52e592745b21f449550f677c1251a96402e9da9b848f60a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119714
x-xss-protection: 0
server: cafe
etag: 16390136998079306390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 14:43:03 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame EB03 10 KB
5 KB 518ms
32ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 4804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 13:23:00 GMT
etag: 10353107486223812946
expires: Fri, 13 Jan 2023 13:23:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 easy-stn-player.js Show response
embed.sendtonews.com/easy-stn-player/7.12.2/ 671 KB
181 KB 181ms
39ms Script
application/javascript 108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3425a69da31a00fcc921897fcbef0d88a16525409aa013cd3fe81590d5cad8a7

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:42:40 GMT
x-amz-version-id: l0qmWACx1EN8NtVTebYnOcyCIEi1mniZ
content-encoding: br
last-modified: Thu, 22 Dec 2022 20:28:47 GMT
server: AmazonS3
age: 25
x-amz-cf-pop: JFK50-P3
etag: W/"6d7018b6dd386066226fb5badab944d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IvjQhWqNxxdIWJw3g4WeTnUaDNICa88OB0n3SJo8s9sB7FwaqtkTjA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 125ms
58ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205158314-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34b5c0368658afa33398ded0dfe789ddd294dd854dbe40de6b3cf80ff2fde30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43597
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Dec 2022 14:43:04 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 723ms
23ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 13:11:08 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5517
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 30 Dec 2022 15:11:08 GMT

GET
H2 200 adapex.js
c.neodatagroup.com/ 27 KB
9 KB 1008ms
87ms Script
text/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://c.neodatagroup.com/adapex.js
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/1C44) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Dec 2022 14:43:05 GMT
content-encoding: gzip
content-md5: HYtLcCupeOjSKO98mEjIAA==
age: 3597
x-cache: HIT
content-length: 9142
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 27 Dec 2022 09:25:25 GMT
server: ECAcc (nya/1C44)
etag: "0x8DAE7EC4928692F+gzip"
vary: Accept-Encoding
content-type: text/javascript
x-ms-request-id: efccf582-e01e-0019-5954-1c7ca6000000
cache-control: max-age=7200
x-ms-version: 2014-02-14
expires: Fri, 30 Dec 2022 16:43:05 GMT

GET
H/1.1 200
OK ajaxjs.php
simcast.com/widgets/ms/ 4 B
363 B 180ms
73ms XHR
text/html 45.79.244.12
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:04 GMT
content-encoding: gzip
server: Apache/2.4.38 (Debian)
vary: Accept-Encoding
upgrade: h2
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
connection: Upgrade
content-length: 24
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cookie.js
partner.googleadservices.com/gampad/ 389 B
466 B 235ms
167ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ 107 B
549 B 890ms
135ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 225ms
188ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=gdpr-block&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 229ms
188ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 338B 603 B
68 B 419ms
170ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1672411384&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672411383332&bpp=77&bdt=5290&idt=1388&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1325951197830&frm=20&pv=2&ga_vid=1904202345.1672411385&ga_sid=1672411385&ga_hid=1691519251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31071277%2C44779793&oid=2&pvsid=774823005204104&tmod=961705477&uas=0&nvt=1&ref=http%3A%2F%2Fofftherecordpgh.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1535

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:05 GMT
expires: Fri, 30 Dec 2022 14:43:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 187621-164323601241456.js
js-sec.indexww.com/ht/p/ 39 KB
13 KB 418ms
23ms Script
text/javascript 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 30 Dec 2022 14:21:17 GMT
server: cloudflare
age: 494
etag: W/"76172b-9a4f-5f10c509213fc"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 781b8bb98c95d153-BUF
expires: Fri, 30 Dec 2022 18:43:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 197ms
32ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Dec 2022 14:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 12:58:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Dec 2022 14:43:05 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
440 B 195ms
34ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Dec 2022 14:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 14:43:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Dec 2022 14:43:05 GMT

GET
H3 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
5 KB 109ms
91ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1977885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4023
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-4e34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EYkarmRxr9kTMauSMmbS0eKPOVmZl63EVgcVQitZpJEONeKpKGn7luPShyhveSQ%2BYs9CFtku%2FgFdUXT21%2BMCOEffWqcJhvxzefMWGXJp3B5foxGYbcYTRtb51KHbnZGcHdV950jEJdxxvPgpS91bKzN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 781b8bb9bff9d15b-BUF
expires: Wed, 20 Dec 2023 14:43:05 GMT

GET
H3 200 OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 098E 53 KB
21 KB 83ms
77ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5518091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20502
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGVYupDnzL3Md7f%2FuUCDxvjxpKEvUteK6GKe7jWQ51J7KEZLBpPge1kIYWlfbIK23o%2BzjPplNP5YTHu%2BeH6QZtbPEx2EOJOKDkgTFf1BTzSkvjRRscHIxjESPSqc2%2FO8cNeW5vLWCmoYdwG1rS1xH2lb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 781b8bb9dffdd15b-BUF
expires: Wed, 20 Dec 2023 14:43:05 GMT

GET
H2 200 prebid7.17.0.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/ Frame 098E 317 KB
100 KB 544ms
269ms Script
application/javascript 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 16:08:25 GMT
content-encoding: gzip
via: 1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 18:40:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 81282
etag: W/"a19a813f32186fcd556eb018968e7f37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: x7J05cG_eW4JXS-jI15eJYKdZxt3D4Bv8rECVw1dbQY2atau-9sqgQ==

GET
H2 200 comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 098E 335 KB
335 KB 1363ms
1088ms Script
application/javascript 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:16:22 GMT
via: 1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 13:58:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 84405
etag: "4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 342796
x-amz-cf-id: FqJZ_lqMtNmGioUdki1SqLLGMJWWUXP0mFu8UnZt2haNKWvA8IaNnQ==

GET
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 372 KB
125 KB 1659ms
166ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126857
x-xss-protection: 0
expires: Fri, 30 Dec 2022 14:43:07 GMT

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 1754ms
1480ms Image
image/png 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:24:45 GMT
via: 1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 51502
etag: "cb93bb50e5d021cc38de445a672c18a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: 9mD_FDTXIODg0mOVCMJBobXsmHngD8bnrsMOnN1KjEeXPeiCsnZEYw==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
638 B 1757ms
1484ms Image
image/png 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 06:08:38 GMT
via: 1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 30869
etag: "311cf2edc46e82f2a6911332b7db54e1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 322
x-amz-cf-id: p41pcEFa52tQTrmvhSdlVQnvN7mFPAP3k0UeHMr5J7AkGAKyNbrvDQ==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 1760ms
1487ms Image
image/png 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 23:54:03 GMT
via: 1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 53344
etag: "8be584e844dabfe22970a0cb943c047e"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 832
x-amz-cf-id: asoNU0VegsF_DYEWMMhbrDIJvng_K3zXMb1xacCuWJlF6bmBTz95CA==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 1764ms
1491ms Image
image/png 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:16:07 GMT
via: 1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 84420
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 773
x-amz-cf-id: r5K7YoerDw9m2mT_eNWpbuIkFwdIO9oe_OqE0WDPV-MeWZtFNSOx2A==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 526ms
300ms Ping
image/gif 18.213.132.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=ue2_sqKbvmzDlYDg&instance=946970&version=7.12.2&age=221230&cmd=PRE_INIT&key=eKVKXbhX&seq=1&order=1&absoluteTime=8276.5&relativeTime=0.3&canonical=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.132.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-132-77.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:06 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 data_read.php
embed.sendtonews.com/player4/ 35 KB
7 KB 139ms
109ms Fetch
text/html 108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=ue2_sqKbvmzDlYDg&instance=946970&version=7.12.2&age=221230&ESG_key=eKVKXbhX&type=FULL&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:06 GMT
content-encoding: gzip
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 92WDliAZiaIe3aLkLxxmwYOQkcOYvsV2OJzupTwPdMKOvob-dbSHVQ==
content-length: 6820
expires: Fri, 30 Dec 2022 14:43:06 GMT

GET
H2 200 apstag.js
c.amazon-adsystem.com/aax2/ Frame 098E 178 KB
45 KB 1465ms
31ms Script
application/javascript 13.35.101.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.101.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-101-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:12:37 GMT
content-encoding: gzip
via: 1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront), 1.1 da882a3066261fe68bc0e26348bba540.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 18:13:57 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2, JFK50-P8
age: 1831
x-amz-server-side-encryption: AES256
etag: W/"b2496fcafcf1daf6223aefe99a0cf048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: zR6Deon4cpW-u4msuaRfNQIdLTRKAU5QAFWfoc05769wq6uIVbWaxA==

GET
H2 200 gcid_s.min.js
p.gcprivacy.com/t/ 9 KB
9 KB 1535ms
119ms Script
application/javascript 18.164.96.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.gcprivacy.com/t/gcid_s.min.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-56.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:06:59 GMT
x-amz-version-id: nlnnb8fPc2RdwqywLg5_G693D_JSnFM_
via: 1.1 e80aeefdda01afc3c41fc332ff42e7ac.cloudfront.net (CloudFront)
last-modified: Thu, 29 Dec 2022 21:06:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 63369
etag: "7c6886fc16e0a62d4b852a39a3e23069"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9098
x-amz-cf-id: szVHzQkQMv4IoosSLxvqtC3CBKSwqrobQuCe0X8Lb6xQHwB5hZbIFw==

POST
H2 204 25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
145 B 1530ms
115ms XHR
text/plain 2606:ae80:1451:19::1460
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1451:19::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
pragma: no-cache
date: Fri, 30 Dec 2022 14:43:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H2 204 cdb
bidder.criteo.com/ 0
213 B 1513ms
111ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.26.0&cb=360819773&lsavail=1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Dec 2022 14:43:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 c
prebid.a-mo.net/a/ 0
166 B 1519ms
122ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Fri, 30 Dec 2022 14:43:07 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://simcast.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

POST
H/1.1 200
OK hbjson
grid.bidswitch.net/ 24 B
362 B 1765ms
472ms XHR
application/json 35.211.165.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 199.165.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Dec 2022 14:43:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 pbjs
htlb.casalemedia.com/openrtb/ 37 B
562 B 1518ms
171ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=754850
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW%2BW6bGs2gIagD5l4%2FLOQBINyX9LnKKxEwRRwSmp6yMOU8eSgcZbsUjdly3PQg1Iv9h8nVtqkbcYpoAvN3yxCO6rCgmLU000l2%2BnRypQsjbSFtSMwR%2F5a6i2iabF4MS1OU7k9OGi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 781b8bc32f27d15f-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 bid-request
a.teads.tv/hb/ 16 B
501 B 2784ms
0ms XHR
application/json 23.41.169.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.169.52 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-169-52.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 30 Dec 2022 14:43:08 GMT

POST
H2 204 pb
ad.360yield.com/ 0
367 B 3467ms
410ms XHR
text/plain 44.197.142.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.142.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-142-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Fri, 30 Dec 2022 14:43:09 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 prebid-request
onetag-sys.com/ 15 B
359 B 1887ms
52ms XHR
application/json 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://simcast.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
817 B 3068ms
153ms XHR
application/json 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 30 Dec 2022 14:43:09 GMT
AN-X-Request-Uuid: fcbc0803-9507-4a6d-82d2-f56a042b7d6a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://simcast.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.249.45; 96.9.249.45; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid
prebid.media.net/rtb/ 1 KB
1 KB 3374ms
415ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:09 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 30 Dec 2022 14:43:09 GMT

POST
H/1.1 204
No Content v1
btlr.sharethrough.com/universal/ 0
253 B 2836ms
171ms XHR
text/plain 54.175.108.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.108.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-108-164.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:09 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1
btlr.sharethrough.com/universal/ 0
253 B 2832ms
174ms XHR
text/plain 54.175.108.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.108.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-108-164.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:09 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1
btlr.sharethrough.com/universal/ 0
253 B 2759ms
166ms XHR
text/plain 54.175.108.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.108.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-108-164.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:09 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1
btlr.sharethrough.com/universal/ 0
253 B 2711ms
178ms XHR
text/plain 54.175.108.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.108.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-108-164.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:09 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1
btlr.sharethrough.com/universal/ 0
253 B 2708ms
184ms XHR
text/plain 54.175.108.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.108.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-108-164.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:09 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1
btlr.sharethrough.com/universal/ 0
253 B 2595ms
71ms XHR
text/plain 54.175.108.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.108.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-108-164.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:09 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1
btlr.sharethrough.com/universal/ 0
253 B 3128ms
105ms XHR
text/plain 54.175.108.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.108.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-108-164.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:09 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1
btlr.sharethrough.com/universal/ 0
253 B 3060ms
38ms XHR
text/plain 54.175.108.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.108.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-108-164.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Fri, 30 Dec 2022 14:43:09 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 200
OK /
ghb.adtelligent.com/v2/auction/ 7 KB
2 KB 2826ms
480ms XHR
application/json 2a06:8640:764::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Dec 2022 14:43:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://simcast.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1377

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
263 B 794ms
140ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
263 B 807ms
149ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
264 B 794ms
135ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
264 B 850ms
200ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
265 B 802ms
147ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
461 B 789ms
133ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
263 B 797ms
145ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
264 B 809ms
156ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
264 B 788ms
137ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
265 B 810ms
162ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
264 B 792ms
144ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ 66 B
265 B 799ms
151ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Referer: https://simcast.com/
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 66

POST
H3 200 collect
www.google-analytics.com/j/ 1 B
21 B 274ms
77ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1691519251&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Fofftherecordpgh.com%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=2007404020&gjid=2104219501&cid=1904202345.1672411385&tid=UA-205158314-1&_gid=1020670733.1672411387&_r=1&gtm=2oubu0&z=840500823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 38ms
36ms Ping
image/gif 18.213.132.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=ue2_sqKbvmzDlYDg&instance=214946970&version=7.12.2&age=221230&cmd=GET&key=eKVKXbhX&c_id=12018&seq=1&order=2&absoluteTime=10192.3&relativeTime=1916.1&canonical=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.132.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-132-77.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:07 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
142 B 1738ms
404ms Ping
text/html 44.206.165.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=WXdoWYLkSJ&USR_ID=214946970&ST_usrKey=ue2_sqKbvmzDlYDg&SM_ID=2452064&C_ID=12018&C_companyName=Adapex&version=70120020&sC_ID=6161&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-165-148.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Dec 2022 14:43:09 GMT
cache-control: max-age=1
content-type: text/html; charset=UTF-8
server: Apache
content-length: 0
expires: Fri, 30 Dec 2022 14:43:10 GMT

GET
H2 200 0.js
player.sendtonews.com/bidderFiles/ 4 KB
2 KB 1742ms
411ms Script
application/javascript 108.138.106.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-16.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: R1seq2Z_z8JGW4oF8VGqO4_69qZCLOzx
content-encoding: gzip
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront), 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
date: Thu, 29 Dec 2022 21:50:41 GMT
x-amz-cf-pop: IAD55-P5, JFK50-P3
age: 73744
x-cache: Hit from cloudfront
last-modified: Thu, 15 Dec 2022 19:57:28 GMT
server: AmazonS3
etag: W/"7cf0333618ae77b3dfe7d27466506fa8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id: Lizbgnae1GTeFWtNragdnowaMsTk_ejqM6voYPZq8IgQJXeUd4CtTw==

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 1910ms
631ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simcast.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 18:43:59 GMT
x-content-type-options: nosniff
age: 503950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16756
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:16:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 18:43:59 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 1557ms
284ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simcast.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 02:39:22 GMT
x-content-type-options: nosniff
age: 129827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 02:39:22 GMT

GET
H2 200 n824p9304222r5n3q2p11017qosq585r.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 4 KB
4 KB 171ms
50ms Image
image/jpeg 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/n824p9304222r5n3q2p11017qosq585r.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 04:13:46 GMT
via: 1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 37763
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 3794
last-modified: Fri, 30 Dec 2022 04:06:10 GMT
server: AmazonS3
etag: "670a6d4d324c0d4ab199b9e11e64f0e8"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: T7rfA3S78GFOsSCU_kPRHwvehoZHkgH9BUYqwg-dJbJ2aBhlcwH47Q==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 77ms
42ms Ping
image/gif 18.213.132.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=ue2_sqKbvmzDlYDg&instance=214946970&version=7.12.2&age=221230&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&absoluteTime=10327.7&relativeTime=2051.5&sC_ID=6161&sm_id=2452064&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.132.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-132-77.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:07 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
143 B 1606ms
403ms Ping
text/html 44.206.165.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=WXdoWYLkSJ&USR_ID=214946970&ST_usrKey=ue2_sqKbvmzDlYDg&SM_ID=2452064&C_ID=12018&C_companyName=Adapex&version=70120020&sC_ID=6161&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-165-148.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Dec 2022 14:43:09 GMT
cache-control: max-age=1
content-type: text/html; charset=UTF-8
server: Apache
content-length: 0
expires: Fri, 30 Dec 2022 14:40:35 GMT

GET
H2 200 analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 098E 185 KB
47 KB 1529ms
381ms Script
application/javascript 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:09 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 44141546
etag: W/"551756787971b257da9f419bdc840bdf3a84e9696"
surrogate-control: max-age=63072000
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
cf-ray: 781b8bce5dd3e73c-EWR
x-application-context: services-js-tag:default,prod:8089

GET
H2 200 /
id.sv.rkdms.com/identity/ 550 B
765 B 1324ms
344ms XHR
application/json 52.54.240.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.240.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-240-100.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://simcast.com
date: Fri, 30 Dec 2022 14:43:09 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.22.0
vary: Accept-Encoding, Origin
content-type: application/json

GET
H2 204 identity
api.rlcdn.com/api/ 0
275 B 1311ms
332ms XHR
text/plain 34.120.155.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 30 Dec 2022 14:43:09 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid
match.adsrvr.org/track/ 109 B
540 B 1154ms
242ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 30 Dec 2022 14:43:09 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 29 Jan 2023 14:43:09 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2747ms
356ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2531ms
353ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2502ms
352ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2453ms
358ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2448ms
355ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2445ms
354ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2411ms
356ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2408ms
356ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2409ms
357ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2409ms
358ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2398ms
359ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 2397ms
360ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 30 Dec 2022 14:43:09 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 1095ms
340ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 30 Dec 2022 14:43:08 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 231213
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3

200

envelope
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&b=1&g=RnMxlFiKWD2fSJi0PKl%2Fl%2Fc2Dezh3xKJaQE6aOPKNkw%3D

42 B
58 B

561ms
64ms

XHR
application/json

2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&b=1&g=RnMxlFiKWD2fSJi0PKl%2Fl%2Fc2Dezh3xKJaQE6aOPKNkw%3D
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H3
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:09 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 30 Dec 2022 14:43:08 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://simcast.com
location: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&b=1&g=RnMxlFiKWD2fSJi0PKl%2Fl%2Fc2Dezh3xKJaQE6aOPKNkw%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=PSPKwXxXaEttTTZHNldXMXVzQU5DNXdtbUwxUmhVMWcxbUh2SGFPOVBFb2hzLzRoYTE4dzNERUwzY2lUUCtmTHEvaXh1ZTZhdGYxUXhGMXBWakM0TjFOSmpHNS9YNW9iSzVLVTZaTkVvOUlNZ3ZnS3NkOHV5WXVaa0hEdk...

354 B
660 B

221ms
60ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PSPKwXxXaEttTTZHNldXMXVzQU5DNXdtbUwxUmhVMWcxbUh2SGFPOVBFb2hzLzRoYTE4dzNERUwzY2lUUCtmTHEvaXh1ZTZhdGYxUXhGMXBWakM0TjFOSmpHNS9YNW9iSzVLVTZaTkVvOUlNZ3ZnS3NkOHV5WXVaa0hEdkQ0aC9mMlFDUE5MSGVwM05aRTlrMklKYVpVVS8wNDhDQzIrd0RzMWJlbXUydEFXUEVvVE5hNDNDeUxqSTBZTUdxK2ZZdUlPRTl4Slg5cEJYTkRlcWpWeGxDczR4QkdJR0pnaElIcFJnaFBkWDlZL3hBaUVFPXw&cppv=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1178717
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=PSPKwXxXaEttTTZHNldXMXVzQU5DNXdtbUwxUmhVMWcxbUh2SGFPOVBFb2hzLzRoYTE4dzNERUwzY2lUUCtmTHEvaXh1ZTZhdGYxUXhGMXBWakM0TjFOSmpHNS9YNW9iSzVLVTZaTkVvOUlNZ3ZnS3NkOHV5WXVaa0hEdkQ0aC9mMlFDUE5MSGVwM05aRTlrMklKYVpVVS8wNDhDQzIrd0RzMWJlbXUydEFXUEVvVE5hNDNDeUxqSTBZTUdxK2ZZdUlPRTl4Slg5cEJYTkRlcWpWeGxDczR4QkdJR0pnaElIcFJnaFBkWDlZL3hBaUVFPXw&cppv=2
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 338203
content-length: 0
expires: 0

POST
H/1.1 200 prebid
id5-sync.com/api/config/ 135 B
540 B 1163ms
412ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Fri, 30 Dec 2022 14:43:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 any
idx.liadm.com/idex/prebid/ 50 B
424 B 1450ms
0ms XHR
application/json 54.221.158.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?resolve=nonId

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.158.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-158-171.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Dec 2022 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 3
content-type: application/json
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
trace-id: 452a8d47dbd659f1
content-length: 50
expires: Sat, 31 Dec 2022 14:43:09 GMT

GET
H2 200 id
id.crwdcntrl.net/ 77 B
826 B 1733ms
0ms XHR
application/json 52.204.114.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.114.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-114-10.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://simcast.com
cache-control: no-cache
x-server: 10.40.13.162
access-control-allow-credentials: true
content-length: 77
expires: 0

GET
H/1.1 200
OK fpc
at.teads.tv/ 56 B
391 B 1277ms
48ms XHR
text/plain 23.64.61.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.61.36 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-61-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 30 Dec 2022 14:43:09 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://simcast.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 56
Expires: Fri, 30 Dec 2022 14:43:09 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
296 B 1261ms
35ms Image
image/gif 104.117.182.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=6fccdde1-ffcf-437c-a132-8f0ac2155a46&cid=8CUQWX43D&crid=938687138|938687138|938687138|938687138|938687138|938687138|938687138|938687138&adunit_count=8&dn=simcast.com&requrl=https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0&istop=true&event=client_timeout&value=8&rd=2000
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Dec 2022 14:43:09 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 30 Dec 2022 14:43:09 GMT

GET
H3 200 integrator.js
adservice.google.com/adsid/ 107 B
122 B 1100ms
549ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 109 KB
22 KB 1003ms
743ms XHR
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=774823005204104&correlator=2005200014173752&eid=31071093%2C31071144%2C31071150%2C31069595&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&ifi=2&adks=3163396028%2C3766475862%2C2892277172%2C1146638676&sfv=1-0-40&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D5200%26wrap_l%3D1700%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D5300%26padpr%3D20%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26teadsIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D6700%26wabt%3Dteads%252Cimprovedigital%252Conetag%252Cappnexus%252Cmedianet%252Csharethrough%252Cadtelligent%252Cyahoossp%26waae%3D2500%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D9s%26wabtr%3Dteads%252Cimprovedigital%252Conetag%252Cappnexus%252Cmedianet%252Csharethrough%252Cadtelligent%252Cyahoossp&sc=1&cookie=ID%3D7a4cd321ef37fc22-2229e78807da0007%3AT%3D1672411384%3ART%3D1672411384%3AS%3DALNI_MbYDEldrcE18-6H47Knvr3rAMntOg&gpic=UID%3D000008eaa8245b6b%3AT%3D1672411384%3ART%3D1672411384%3AS%3DALNI_MY61QVKlIUF2wQHuyvSe1Z54yva_w&abxe=1&dt=1672411388692&lmt=1672411388&dlt=1672411378042&idt=6326&adxs=315%2C791%2C1230%2C0&adys=150%2C1024%2C245%2C1896&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Fofftherecordpgh.com%2F&frm=20&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1826&msz=1600x0%7C417x0%7C339x0%7C728x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=1904202345.1672411385&ga_sid=1672411385&ga_hid=1691519251&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 303412
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22475
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: 739958
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64E3 6 KB
3 KB 1258ms
1ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:09 GMT
expires: Sat, 30 Dec 2023 14:43:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.132.js
static.criteo.net/js/ld/ 89 KB
29 KB 1126ms
0ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 31 Dec 2022 14:43:09 GMT

GET
H2 200 aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 098E 6 KB
3 KB 991ms
0ms XHR
application/javascript 13.35.101.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.101.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-101-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
date: Fri, 30 Dec 2022 13:31:58 GMT
x-amz-cf-pop: JFK50-P8
age: 4272
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: BrUVV5m646U4-xdnXvX_JuuMLElHN_LljOrgyvefDgAY3q9XGNY1wQ==

GET
H2 200 config
c.amazon-adsystem.com/cdn/prod/ Frame 098E 248 B
591 B 547ms
363ms XHR
application/json 13.35.101.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsimcast.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.101.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-101-24.jfk50.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 13:16:07 GMT
via: 1.1 da882a3066261fe68bc0e26348bba540.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P8
age: 5222
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 248
x-amz-cf-id: N9fc9nW90A15_ksaKUMxLxiMin8J4I4TparkVbtJwtkIs5Lz94NTaw==

GET
H/1.1

200

pv
tra.neodatagroup.com/
Redirect Chain

https://tra.neodatagroup.com/pv?sid=2033&rnd=1535143870196&id=11980&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&r...
https://tra.neodatagroup.com/pv?sid=2033&rnd=1535143870196&id=11980&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&r...

232 B
1 KB

233ms
188ms

Script
application/javascript

20.73.234.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.neodatagroup.com/pv?sid=2033&rnd=1535143870196&id=11980&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&re=http%253A%252F%252Fofftherecordpgh.com%252F&co=24&ids=9ccf283e-62d6-4a0c-89c4-c8ddf501db54;_pubcid;PublisherCommonId&pbs=true&neoid=30ac6f9453405b1
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Server: 20.73.234.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 30 Dec 2022 14:43:11 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
vary: accept-encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive

Redirect headers

Access-Control-Allow-Origin: *
Location: /pv?sid=2033&rnd=1535143870196&id=11980&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&re=http%253A%252F%252Fofftherecordpgh.com%252F&co=24&ids=9ccf283e-62d6-4a0c-89c4-c8ddf501db54;_pubcid;PublisherCommonId&pbs=true&neoid=30ac6f9453405b1
Date: Fri, 30 Dec 2022 14:43:10 GMT
Content-Type: text/richtext;charset=UTF-8
Connection: keep-alive
Content-Length: 0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

GET
H/1.1

200

cm
tracker.neodatagroup.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1535143870196
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1535143870196&google_gid=CAESEKMyOPgh4tv_HSRpoZQ8AK4&google_cver=1

1 B
1 KB

934ms
143ms

Image
image/gif

20.73.234.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1535143870196&google_gid=CAESEKMyOPgh4tv_HSRpoZQ8AK4&google_cver=1
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Server: 20.73.234.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Dec 2022 14:43:11 GMT
Content-Type: image/gif;charset=UTF-8
Connection: keep-alive
Content-Length: 1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1535143870196&google_gid=CAESEKMyOPgh4tv_HSRpoZQ8AK4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
p2.gcprivacy.com/v2/ 20 B
285 B 961ms
0ms XHR
application/json 34.197.197.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=9ccf283e-62d6-4a0c-89c4-c8ddf501db54&s=home&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&h=simcast.com&ref=http%3A%2F%2Fofftherecordpgh.com%2F
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.197.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-197-106.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length: 20

GET
H3 200 bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 8739 693 KB
222 KB 641ms
121ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 102298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 10:18:12 GMT
expires: Fri, 29 Dec 2023 10:18:12 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js
s0.2mdn.net/instream/video/ 44 KB
17 KB 863ms
1ms Script
text/javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Dec 2022 14:43:10 GMT

GET
H2 200 bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 098E 23 B
459 B 1622ms
38ms XHR
text/javascript 18.164.94.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&pr=http%3A%2F%2Fofftherecordpgh.com%2F&pid=41YvFzdZOa5k3&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.94.225 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-94-225.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:11 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 52143757d25f4b31ebf04bc09765f6c0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: 59RXEVQRNF2AZ1VF2B86
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: VNa_yAXEspfaNnmSS9JQIzTrqOIkL0ZFA2dpv_MHu1UcGKC0ci3wew==

GET
H2 200 pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 098E 53 KB
17 KB 1419ms
18ms Script
application/javascript 23.57.131.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.131.233 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-131-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:11 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
server: Apache
etag: "d4ed-5eaee7c12df48-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17131
expires: Fri, 30 Dec 2022 14:58:11 GMT

GET
H/1.1 200 v1
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 1460ms
121ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Fri, 30 Dec 2022 14:43:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 200 headerstats
as-sec.casalemedia.com/ 0
499 B 920ms
61ms XHR
text/plain 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hF8%2BjqBtEam3zCQjAyDRS1UVVDzOfwaD%2BFBd5ptBLx%2FDurdBClU6RxU0YomMa4QuEBHU6TWCv2cKtWa129IUbtVtZFB0RSJhhxe9PAYCbVYRiwfcXcuOH1HCpuP%2B0mfXrFRD7idf7Yo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://simcast.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 781b8bd8786b8c89-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 1109ms
31ms Preflight
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://simcast.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 30 Dec 2022 14:43:11 GMT

POST
H2 204 hb
hb.undertone.com/ Frame 098E 0
793 B 1327ms
232ms XHR
text/plain 108.138.128.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3590&domain=simcast.com
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-39.jfk50.r.cloudfront.net
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:11 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
server: istio-envoy
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://simcast.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 196
x-amz-cf-id: ajIbLBpS9pl_b3fMEaeShSifl2y-GfMmp8T7GkAN2Q798ze8Wlsn3g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 098E 0
158 B 227ms
63ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://simcast.com
pragma: no-cache
date: Fri, 30 Dec 2022 14:43:11 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 translator
hbopenbid.pubmatic.com/ Frame 098E 0
112 B 1256ms
197ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Fri, 30 Dec 2022 14:43:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 098E 0
948 B 1128ms
69ms XHR
application/json 192.35.249.142
SPOTX-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Dec 2022 14:43:11 GMT
x-spotx-timing-spotmarket-primary: 0.019433
x-spotx-timing-transform: 0.000290
x-spotx-timing-spotmarket: 0.019433
x-spotx-timing-page-require: 0.000458
x-fe: 299
x-spotx-timing-page-misc: 0.002836
x-spotx-timing-page-cookie: 0.000030
x-spotx-timing-page: 0.024343
pragma: no-cache
x-spotx-timing-page-context: 0.000342
last-modified: Fri, 30 Dec 2022 14:43:11 GMT
access-control-allow-methods: POST, GET, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://simcast.com
x-spotx-timing-page-exception: 0.000000
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
x-spotx-timing-page-uri: 0.000013
x-spotx-timing-spotmarket-secondary: 0.000000
x-spotx-timing-page-mux: 0.000940
access-control-allow-headers
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction
tlx.3lift.com/header/ Frame 098E 19 B
519 B 1068ms
32ms XHR
application/json 3.215.47.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&tmax=3000

Requested by

Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.47.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-47-31.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:11 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 pbjs
htlb.casalemedia.com/openrtb/ Frame 098E 37 B
537 B 377ms
152ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22118b7ffdd604fbf%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fofftherecordpgh.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22domain%22%3A%22simcast.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simcast.com%22%7D%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22lcamk74f.QH88wK%22%2C%22adunitcode%22%3A%22lcamk74f.QH88wK%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22127923e91fce321%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%2C%22tid%22%3A%22ef5e43f4-3892-46e0-aaec-0523b6598ea1%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A761%2C%22h%22%3A428%2C%22sizes%22%3A%5B%5B761%2C428%5D%5D%2C%22playerSize%22%3A%5B%5B761%2C428%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22VRAfdwVZOg7jMyH8bxgoOA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHfgOk1rx8KcY5lIyhXmHWoQyUqA2sZtBwYpJPbRBbRi05Veu6X4NptKSgp%2FiRd4TLFbn7IeN3%2B0Ew6wZQHO9eDALPrvmSgH7dosAsSdynqiCnZknUWHAHlNqRL%2Fx%2ByPCNL1TH6F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 781b8bd6dc33d153-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ Frame 098E 19 B
817 B 193ms
165ms XHR
application/json 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 30 Dec 2022 14:43:10 GMT
AN-X-Request-Uuid: 55791fdc-72ab-42f0-84ac-a307e8fd8883
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://simcast.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.249.45; 96.9.249.45; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction
prebid-server.rubiconproject.com/openrtb2/ Frame 098E 185 B
406 B 1086ms
72ms XHR
application/json 54.83.180.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.180.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-180-210.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:11 GMT
content-encoding: gzip
x-prebid: pbs-java/1.106.0
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 752ms
4ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Dec 2022 14:43:11 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 36888
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230064-FRA, cache-ewr18136-EWR
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 816ms
27ms Script
text/javascript 2606:4700:10::6816:3556

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: BNT4QCE5WBV500Y8
age: 1409
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 781b8bdbcfd7197c-EWR
x-amz-id-2: KOp0PPIIpiuY5s/9w575/S4sbJMfddLyz0rQCyQjK3+oHHAb+GPvVrjRAZt3sfep/MhW5gXiMrZ6uiwgEO1/0A==

GET
H2 200 publishertag.ids.js
static.criteo.net/js/ld/ 39 KB
13 KB 230ms
19ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 31 Dec 2022 14:43:10 GMT

GET
H2 200 sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 32 KB
32 KB 806ms
18ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 20:04:46 GMT
via: 1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:55:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 67106
x-amz-server-side-encryption: AES256
etag: "2c5f4a319c3d99310927955777b5abe3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
accept-ranges: bytes
content-length: 32517
x-amz-cf-id: ek-WNJ2pK7TVdzqn2TUUrzXBrdNoZPkuSEEyIDe0mZiCmzpyt2Hm_w==

GET
H/1.1 200
OK uid2SecureSignal.js
cdn.prod.uidapi.com/ 2 KB
2 KB 685ms
27ms Script
text/javascript 2600:9000:2511:e400:a:e047:752:5701

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:e400:a:e047:752:5701 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 30 Dec 2022 00:57:23 GMT
Via: 1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Dec 2022 00:57:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
Age: 49549
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: vsrUKsroM2KLqS3lcxPDSW8zx96Z5DMSjnEcMwoH9pX5H5fAEbLwhQ==

GET
H3 200 container.html
6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9084 6 KB
3 KB 347ms
41ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:09 GMT
expires: Sat, 30 Dec 2023 14:43:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html
6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAF4 6 KB
3 KB 350ms
45ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:09 GMT
expires: Sat, 30 Dec 2023 14:43:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html
6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9A6E 6 KB
3 KB 226ms
54ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:09 GMT
expires: Sat, 30 Dec 2023 14:43:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html
6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC61 6 KB
3 KB 228ms
56ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:09 GMT
expires: Sat, 30 Dec 2023 14:43:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 370ms
36ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 30 Dec 2022 14:43:10 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 469863
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 t
ds.reson8.com/v1/ Frame 098E 18 B
346 B 581ms
113ms XHR
application/json 104.18.8.110

General

Check archive.org

Show headers Download Go to

Full URL

https://ds.reson8.com/v1/t

Requested by

Host: cdn.resonate.com
URL: https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.110 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:11 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://simcast.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 781b8bdf0e688cae-EWR
content-length: 18

GET
H2 200 publishertag.prebid.js
static.criteo.net/js/ld/ 89 KB
29 KB 372ms
42ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 31 Dec 2022 14:43:12 GMT

POST
H/1.1 200 579.json
id5-sync.com/g/v2/ 461 B
1 KB 337ms
118ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://simcast.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 ads
pubads.g.doubleclick.net/gampad/ 16 KB
2 KB 460ms
0ms Fetch
text/xml 2607:f8b0:4006:821::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/92056281,22632072816/simcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2452064&us_privacy=false&cust_params=sessionKey=214946970-ue2_sqKbvmzDlYDg%26schain=stnvideo.com,VRAfdwVZOg7jMyH8bxgoOA%26content=6161%26placementType=Premium%26embed=eKVKXbhX%26domain=simcast.com%26player_size=large%26player_width=761%26player_height=428%26player_type=float%26version=7.12.2%26player_status=LVFNLNIY%26play_code=2008%26view100=1%26excl_cat=stl_id00073%26rand=10%26iris_id=iris_58e1f2d03204169f%26iris_context=ic_5619313%26us_privacy=false

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1132
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3475s39rn992rr45nr0p0r247n75p9p3playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 291 B
831 B 59ms
46ms XHR
application/x-mpegurl 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/3475s39rn992rr45nr0p0r247n75p9p3playlist.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 04:14:38 GMT
via: 1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 37715
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Fri, 30 Dec 2022 04:03:11 GMT
server: AmazonS3
etag: "7afc98b56103ce4f2ea384ec26085330"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Adiug3vHYoGKfwjJM1j_OajAQT6D4RLPiTd-Bgv0dHSgPysn4BIxXA==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 43ms
39ms Ping
image/gif 18.213.132.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=ue2_sqKbvmzDlYDg&instance=214946970&version=7.12.2&age=221230&cmd=IMA&key=eKVKXbhX&c_id=12018&seq=1&order=4&absoluteTime=14698.6&relativeTime=6422.4&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.549.0&blocked=false&recovered=false&hasAdParams=true
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.132.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-132-77.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 47ms
46ms Ping
image/gif 18.213.132.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=ue2_sqKbvmzDlYDg&instance=214946970&version=7.12.2&age=221230&ldt=BIDS&key=eKVKXbhX&c_id=12018&seq=1&order=5&absoluteTime=14719.2&relativeTime=6443&sm_id=2452064&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=6161&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.undertone.time=1781.5&prebid.bidders.unruly.time=2032.6&prebid.bidders.pubmatic.time=1746.3&prebid.bidders.spotx.time=1729.9&prebid.bidders.triplelift.time=1720.7&prebid.bidders.ix.time=1463.8&prebid.bidders.appnexus.time=1448&prebid.bidders.rubicon.time=1687.4&prebid.start=12592&prebid.time=2045.9&prebid.timeout=3000
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.132.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-132-77.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9084 0
0 171ms
81ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Chw_U_fiuY6qhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoEpAJP0KNvwZcel_DVXmZ1l6e8a57qUxzNT9Ra2bb-Y6lcxdK6--NTeyjWj1cj6wye5ZwnqOA_4Rb1O5yFKCYJbMlElGEKI1dWuBaJwMx78sUB9-2RhwmpR6I_vGLuutxTeSMXVWN46uYZpAzgEIR3ae1KfdDl_m0Vqv1uN602ZjpMsNtDp-C84yClpxklWV6DfYxzjUSK-yXq3uXr_n6ZbXMpqhyVBOYe2hzPTDkkdToX5CTMFTKvCu-CrLVhOPfGN2Bq_Eea2RdDW8AZJaC7f8sbqf7teYGosO579o3yMVJ81dc322w1cMnaRzKDjJmlXE8qnBG-gwPjgXr7iCZl33zoJ5FdUUuLjixWWeF0e7EuOAZYdluqpXF65wikeuLOnmOLtR_L4AQBgAaAw4D6y5vOzFigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=FYLkv65lAcM&uach_m=[UACH]&cid=CAQSOwDq26N9ax0rRxJLJF5bxDdj2fK_BSYvtU2Bvz6BwrwLOSCkmiLS9oaRm-PwCClPCD3xqv29CK40ucnjGAEgEw
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 9084 0
0 747ms
0ms Fetch 2620:100:a001::3

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k8KYDOL6CsoH-gHiIp0XAgAAANzcIsRkPmti74hzPgk5jtsQ_fiuY4K_skelDH8StxceABIAAA&wp=Y674_QADkKoIaA9mAAGjD6plJQXYhEpkxPJdSw

Requested by

Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 187322
content-length: 0

GET
H2 200 afr.php
ads.us.criteo.com/delivery/r/ Frame 4BCB 149 KB
50 KB 945ms
0ms Document
text/html 2620:100:a005::2b

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y674_QADkKoIaA9mAAGjD6plJQXYhEpkxPJdSw&u=%7CyWPliGUAZesR3nxl1BpO2jHuPQMty%2Bz%2FwfiIASCpnQw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPncnRevasRBj59v3HV1q5jS-2OjRKCLS1pVeUgdaJe8I4tmKKZtQigIXbDXEXvHZkFmfICw1sIxnuo-BLyzzXbdCUDYfZU-BS0iiBa3RKhBKJRGtHUwAp3-M4qsgN27hl5-Om6Zn-Y2-QnrFmUW1e0rT21o-255Y6elqCGPXHPR6tEgnScHsIj33HPiHSkS1AsSBEdyls4z--GmVTNdbwuRmMzWo1ACRO1S3LvKEgNb6H0yYsY_t6Y5i9C1shtozQE8Xs_0MS4JO2aPCDHZWxhjeBumLYaTM3Ec835Jqt3Jsmg8RMzQlLCvL6VuYaqnJ-dmUSjAFdSYNYvlMY0TMplVPIhSs2WBK5ZFd4prl2568MtByBmU9WHHTUstaYppZ1FvZRFP1MB73qXEAdOgi1-BIRLNXMotpRCc8wPDpwomoEVPiB45tZZrv_NeZWrNz9ByKpRqgdC9EsxFhn_t4bW9_M7cM7OOrGd48IevxDED_vJjuCjVk8-t8Qr7QuZGdzWq8D2Wm_nn47q8M-EgtO3RePvLDEiKhMM1JlpUUZQ--xI-v_LpA4RKplh7vQAbNM9ROLnQy1kzZ-nbp3m9K_Se5b15TUyfIWZF&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNyM7_fiuY6qhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoEpwJP0KNvwZcel_DVXmZ1l6e8a57qUxzNT9Ra2bb-Y6lcxdK6--NTeyjWj1cj6wye5ZwnqOA_4Rb1O5yFKCYJbMlElGEKI1dWuBaJwMx78sUB9-2RhwmpR6I_vGLuutxTeSMXVWN46uYZpAzgEIR3ae1KfdDl_m0Vqv1uN602ZjpMsNtDp-C84yClpxklWV6DfYxzjUSK-yXq3uXr_n6ZbXMpqhyVBOYe2hzPTDkkdToX5CTMFTKvCu-CrLVhOPfGN2Bq_Eea2RdDW8AZJaC7f8sbqf7teYGosO579o3yMVJ81dc322w1cMnaRzKDjJmlXE8qnBG-gwPjgXr7iCZl33yqJbHP-rkCju_fNG2fATjtjzpwf3WyYeqJnYFtxPzihspdJB8IEgu_4AQBgAaAw4D6y5vOzFigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2SDK5hxm1jXc590Y16r17McNRKZQ%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::2b -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=uGS5fUa_XggwLs2hWjVXqvPiyGjZcq8gw9LUwbZbvpa-7rM4R5fwJN06_e3IrwemyDMtoSAuv180ZMtABsefffDjw1CyoNPr6ga1LU9Vaw7P8-rscHWQM4aan4NrpDqyJNw7cOhJqc7jzW3WOyp8K4UyqAb4SJQIpJO7XXHY3N2sf_bsArL5GntUu52mN_Eh6rCGQmHRAQ5F1_y0qZYnY73dzfPjDRdTAXESoqYxLH7D2ufS-Bx5sEh9RLp4FCOs0zvwDo1Ryz7VChDS"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67373733
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9084 3 KB
1 KB 951ms
22ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 21:41:04 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6F29 1 KB
643 B 388ms
284ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 07:56:20 GMT
etag: 48472445140208031
expires: Sat, 31 Dec 2022 07:56:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9084 18 KB
8 KB 691ms
0ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 21:41:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9084 0
0 790ms
1ms Image
text/html 2607:f8b0:4006:80f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQThF2oBVOSaKq5NCoB1I5G1b6mq61_L4p_iSgSHde4lhy6h8dkV3wYlALAoOagALRwPoZNyhvF3LRZhu7mkZ6KtFF0Tg
Requested by: Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9084 24 KB
7 KB 938ms
16ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Dec 2023 21:04:33 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9084 153 KB
47 KB 985ms
122ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Dec 2022 14:43:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DAF4 0
0 375ms
320ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrAm8_fiuY6uhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoEqgJP0CNqCFS9eDw8ZBiKDwzPLA9b9_YVxOyF6yjRq5HtbYMUJz7dNwgkMGh-5dC2kUqS62JnMfms_9Rt19Bm4YKpVSOyWuqeZK-G8ogi7MBO91BU05sKzGJZFfmq0khfolvio5U2W8k5NphKlTUn6MhOkjmISYJe3qJiO97af6h6lfwuM7agzlAh4WLGaY-hWtHbgN2t-DHLYumXI_4Ti2vh1A9RTzSL5GSE2MOtd_W9DqIIScUxGP-9yRThm5OhE9icVSdm3jz82Vw3um6oQRzIc_eekF9ov8JZBM8kQTah0_lZAUEvvdHg0mfK2PQTRM671uQJxoIjoaLz88k5Fjk958cewKLxOcEPyriwRXI7Zqar-j5pJloH3cXEsMQo7TS4hjSUzmfUyxuS4AQBgAa79cz7k7PVmQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=etREpJj5ux4&uach_m=[UACH]&cid=CAQSOwDq26N9ax0rRxJLJF5bxDdj2fK_BSYvtU2Bvz6BwrwLOSCkmiLS9oaRm-PwCClPCD3xqv29CK40ucnjGAEgEw
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame DAF4 0
0 728ms
0ms Fetch 2620:100:a001::3

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k-rQE4WwB9ACmALiIp0XAgAAANzcIsRkPmti74hzPgk5jtsQ_fiuY0els5RNH3_eHklTABIAAA&wp=Y674_QADkKsIaA9mAAGjD7w0eK1GVkMYRvMVJA

Requested by

Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 362618
content-length: 0

GET
H2 200 afr.php
ads.us.criteo.com/delivery/r/ Frame C9B5 140 KB
47 KB 944ms
59ms Document
text/html 2620:100:a005::2b

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y674_QADkKsIaA9mAAGjD7w0eK1GVkMYRvMVJA&u=%7CyWPliGUAZeuWsJ0ALB1vETGDr52M%2FeTp9DDz45MZ3ho%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxYIRKBNvkiUF6CwtTAnLJp9MR8arCmr2RA2pbQCgDLNLmsNxUyvc1qTJ8njkQVGULQTKUPjIAvMGByLWsn0UXDWC68-WyQeOTKEPdjsXCA2lymR1cWM-2aI6zbSPzGYStFm-_dnzHfDXCftgdcMiadeIMpf3HTcGPu7s-uZpL6tQ-nz3Aw7fjlpWQuAdjE9pKnbPaf9Lrx2s54vJz2QcPJ4RrePJHMhIADoEw6Kt3-yreqVozLcJpS9zwBlFBys6PpGh9opljDQA8cz1iOprLOQerHVRKQIpvYG_n5U-XAIBxoGFz1UgLAZKfkSA7eQCtRGAOXOiewm6gUcpd8ens2XsjgwzWhD4kBFq3pUmlkIhu3UA7ddCtI5ARpK8QRLHtwh6lgAkUZoIn5kHr3VOJTklRs_KSQvna2mHWttSZ2k-mQvJzzkq7AEjWG6yWXg9VFORZ0LZUz_51APWXqHYqnoqZdRKmrXOKbUKok11ismLQPt_xX5Kk5wSU9HY28c9-UwcxHhxAg8R6YO_NTMUg19rpv6ZaF3i9y_0xPP7J82eKc3VZyo1FkxM0MMwnM8Tkg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8yc7_fiuY6uhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoErQJP0CNqCFS9eDw8ZBiKDwzPLA9b9_YVxOyF6yjRq5HtbYMUJz7dNwgkMGh-5dC2kUqS62JnMfms_9Rt19Bm4YKpVSOyWuqeZK-G8ogi7MBO91BU05sKzGJZFfmq0khfolvio5U2W8k5NphKlTUn6MhOkjmISYJe3qJiO97af6h6lfwuM7agzlAh4WLGaY-hWtHbgN2t-DHLYumXI_4Ti2vh1A9RTzSL5GSE2MOtd_W9DqIIScUxGP-9yRThm5OhE9icVSdm3jz82Vw3um6oQRzIc_eekF9ov8JZBM8kQTah0_lZAUEvvdHg0mfK2PQTRM671uQJxoIjoaLz88k5Fjk958cewKKzO-GdYUo5RbGyCypAgLeqkWYv1OvcdF_bl71xOCq41s4CWhtRdzGe4AQBgAa79cz7k7PVmQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31_ErP26W-z0V57H1czsc-TPB-sA%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::2b -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=JQOrAEa_XggwLs2huYKNf_4YOIE8EbOORxZVvm6MuGp2W0WoI5IsKeLGXjEB-9d3vTQaq82m6188JCrBe3Lixl9TLuK379qrFSEOtMZsDBvIFOd6iXTaUC5Ju_DWYRR9XxnDrdUDhrxO6HDBhWsxfpV0XhJN0Hu84XgJLpQqj7ONKrGUFeN_92zftTpyiML2uHdBbM9o1pce8Gf3fKYC-DPnCj0yeJGkqbBQESwx0BWg-kt3aczFUd_3EfrSkM-j1oAzWqn2HbZmy93y"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 71766925
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DAF4 3 KB
1 KB 922ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 21:41:04 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D9E2 1 KB
643 B 341ms
60ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 07:56:20 GMT
etag: 48472445140208031
expires: Sat, 31 Dec 2022 07:56:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DAF4 18 KB
7 KB 913ms
18ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 21:41:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DAF4 0
0 809ms
21ms Image
text/html 2607:f8b0:4006:80f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSjHVDUCBf83r30lzJmb9jyeb7Zhx2DBzJXh8ouBHEsa_HiMJXWpDaKwXOICjOd-V4Lh-4QKsDGPFNGTfc8yWUQRKYww
Requested by: Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DAF4 24 KB
6 KB 915ms
20ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Dec 2023 21:04:33 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DAF4 153 KB
47 KB 831ms
0ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Dec 2022 14:43:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9A6E 0
0 310ms
302ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-h7O_fiuY6yhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoEpwJP0IlK13duhlWl0Wl0pi2a7CvmJ4a1dTaMRJgbdVv5AR8LRwbTuwBAmPhF8JREoCMaxofpVavS0nexBnUCjwplThCV5mIRKiyeLCI26jm7rO7amWi1Cbbdw9HkO1_8kKo1Lm5k83tndWxQFFjWR_cGqaFAEmANxs505fHzK4dwyg7PfB3R9tL7TohOHnUXMa9_eOfiByvi9-GSu2WF0O-su5X-0JkCyKkgMfyQAdbzgoTTtgknJq4YWf_lXz-Lj35TiH2wFbBR18aKyIU_ubHWX5yWIz9Y2xyRcK_dYhY0ij2pmaM03sYYXoj2KtxBhS6kuDtRdQv5-pXk5uLxGT8JHKOARzl9xVbK5Wd2LE3yjS90NUjdqB-Bn1rIZxls1kHpFsITSyS44AQBgAa79cz7k7PVmQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=Pu4V2zCDxHc&uach_m=[UACH]&cid=CAQSOwDq26N9ax0rRxJLJF5bxDdj2fK_BSYvtU2Bvz6BwrwLOSCkmiLS9oaRm-PwCClPCD3xqv29CK40ucnjGAEgEw
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 9A6E 0
0 715ms
0ms Fetch 2620:100:a001::3

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k-rQE4GwB6wC-gHiIp0XAgAAANzcIsRkPmti74hzPgk5jtsQ_fiuY_RVdVkOvRw-7rTIABIAAA&wp=Y674_QADkKwIaA9mAAGjD8is31gUNcpjlks5Lw

Requested by

Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 154390
content-length: 0

GET
H2 200 afr.php
ads.us.criteo.com/delivery/r/ Frame ABA0 127 KB
44 KB 731ms
103ms Document
text/html 2620:100:a005::2b

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y674_QADkKwIaA9mAAGjD8is31gUNcpjlks5Lw&u=%7CyWPliGUAZeuRA3ziNgCJ217onkA4yKOsVB12sLFGLXo%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxbf7GV_ocqf_hoNwZ99SBsWIQ8htYHGDjHKSeDrKzQAoix1EN715e52K7URbaLqF9eyiWHctlJJZj3TSuqi_VmPOyknO0mDAoTuDAYRBC0TGmbZOWpYUpV4NZ7lvaXRUiipOgoHc9M7TwvvRbS-1s33u-9T7YlOzaiYqEJ-41y8JqmxG0HWBEwTaBvfyZeohJjsc9u-k6WWBishS-TiLYb0sLYeT6YSjf3zCd600Odm3L2YlsbI138i0IwuZHQmzK62wezxuEu3-E8mnp9bx-YDpLkTv7PeQJVlbdqekTmqXJDKbsU45nAamG2BcfLxWrHp7ZO3iKYqbNE8u5C5oSjYxbpVX7SGej8qK3QHjzBd4Bd9j--oQcpooNjDXTA-h1pqnOBvWPme5F2Yn586wDRr1QJGnh5UhF2tgOr6jhElMKpM6_YFZI5lHiWJS-q3CqWl3M0m6yjo1S7ZH-vU4VpnEsaHkXQUfGsqry2qE3KI0mb6c5mZOXuxRUDB-LUfg9Sy1H9Kq_B3kvycuZrCBECLiPLi0WRsdSpToSkZFjuUGf3Hiko1nMZk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsr_r_fiuY6yhDuaeoPMPj8aG8A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoEqgJP0IlK13duhlWl0Wl0pi2a7CvmJ4a1dTaMRJgbdVv5AR8LRwbTuwBAmPhF8JREoCMaxofpVavS0nexBnUCjwplThCV5mIRKiyeLCI26jm7rO7amWi1Cbbdw9HkO1_8kKo1Lm5k83tndWxQFFjWR_cGqaFAEmANxs505fHzK4dwyg7PfB3R9tL7TohOHnUXMa9_eOfiByvi9-GSu2WF0O-su5X-0JkCyKkgMfyQAdbzgoTTtgknJq4YWf_lXz-Lj35TiH2wFbBR18aKyIU_ubHWX5yWIz9Y2xyRcK_dYhY0ij2pmaM03sYYXoj2KtxBhS6kuDtRdQv5-pXk5uLxGT8JHKPCRRnvbqRD5aT_QcEZ96a3gnT1oTGZW8E7HZClaF_FDmvF2iR7y5n04AQBgAa79cz7k7PVmQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0L6LiiEJxoPkuxly2dY4HBwdVrAg%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::2b -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:43:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=2W7bkEa_XggwLs2h6vBu-0yDCdaNX3CXfOBFPywh1QofSBhwwuyzCrohUXVQGAtSPrsJaMVTN_zEMrmisc2kRP-7_0Z3aqvjSwmwxpuKO37iyT_u372MpVDKXKZljBOgqSIHvGao8AFrj5c8uKr6BK1WSnK0mKQ7ZzpiBLSgx7aAp9uyGJbu4uabZD8php5r9KyL74d0ouKVvXuVuIMqpLkBOR_wYdEk2tSRL3qys47qFFQv0iQRPwYlWCSaq14dL9vP5-VuglthUS7a"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 88086417
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9A6E 3 KB
1 KB 914ms
14ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 21:41:04 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3502 1 KB
643 B 548ms
398ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 07:56:20 GMT
etag: 48472445140208031
expires: Sat, 31 Dec 2022 07:56:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9A6E 18 KB
7 KB 854ms
0ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 21:41:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9A6E 0
0 718ms
0ms Image
text/html 2607:f8b0:4006:80f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtMiBHT3mjEZA-p5GyhZCq2azw0gAWpiFXyvp29tavJGqOOj-wBzJQLnCAr4d92keZZX8n8DVkz3pyOaiPEFZVR67fnw
Requested by: Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9A6E 24 KB
6 KB 891ms
0ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Dec 2023 21:04:33 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A6E 153 KB
47 KB 515ms
0ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Dec 2022 14:43:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC61 0
0 585ms
423ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-YCX_fiuY62hDuaeoPMPj8aG8A7ukrWTXL-ihcfkBcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBK8CT9D_sztGGl_vhwX-K7Lf5lEHrTS3MCUxWWPRFnbwTHGe-JiNTbsWm-6tZX5tpYkHSmsewACB7yJflWq1figKYf5QJUEadmvEoPQAfRqJD1EcbpSRrgv3yEfaSh2XjqaV-gu5c2t1W7Sazi8H644xq93R4881NlqAF_BegWa7n7z3SU_1dO0r7n7H3QAYLt3bOk31VV6iwhHcHjCBNHp2PwQMbuC4yFj_w88_jo_FQAxl_i0sbjQeYln9gofpim8xAvl0CbYiKxC5qOm6vbaoac5AC6FLQ7pID9xbjOJv8SueOyKHOpjmLAd2szb0ld_TIZWy140d2zLjkT3jRojlyIqoprl_8mIWdbIV-veEBrp3tU9Ad-Ym5KiS_O2z2FnUZSp6_wDUm6IIkfWZeeLK4AQBgAbc9cWip6ydyvYBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=w6huLiUQ_o0&uach_m=[UACH]&cid=CAQSOwDq26N9ax0rRxJLJF5bxDdj2fK_BSYvtU2Bvz6BwrwLOSCkmiLS9oaRm-PwCClPCD3xqv29CK40ucnjGAEgEw
Requested by: Host: offtherecordpgh.com
URL: http://offtherecordpgh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 ttj
ib.3lift.com/ Frame AC61 15 KB
5 KB 1240ms
28ms Script
application/javascript 13.225.63.3

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=Adapex_RON_HDX_OB&tid=206228
Requested by: Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.3 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:33:19 GMT
content-encoding: gzip
via: 1.1 c9fc8eca0b2b3a083a77fd1cf662c1a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
age: 645
etag: "83d031a33809b7b4e820a0034ea6452d15aca173"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
content-length: 4824
x-amz-cf-id: Okou8K08l5P74ffH1X254i9eiMQQ66_aJT5NjB3dNF5OWLRMYNQxJg==

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AC61 3 KB
1 KB 729ms
12ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 21:41:04 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AC61 18 KB
7 KB 663ms
0ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 21:41:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AC61 0
0 511ms
0ms Image
text/html 2607:f8b0:4006:80f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuTzv3lt6XH6-txAS7gDFb3xcowVyjS46r_F_3FT1rngHH7wM1ppxDKf7ugx_vk8H-zCIUvEYj92Ydv2xW-ycjMQP4uw
Requested by: Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AC61 24 KB
6 KB 659ms
0ms Script
text/javascript 2607:f8b0:4006:81d::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Dec 2023 21:04:33 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC61 153 KB
47 KB 554ms
0ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Dec 2022 14:43:13 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame AC61 37 B
183 B 241ms
0ms Image
image/gif 3.215.47.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=Y674_QADkK0IaA9mAAGjD9tL9I3F2w5_cZ60cQ&ts=1672411389&aid=15390211486264171814510&ec=5563_66529_OADD2.7490448276087_1NUXOSMQ212FNWC6RY&n=GroCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD0zZmRmMTRhNS01N2Q5LTQ3ZjUtOGMxNy01MjFhOGJlN2IxMDAmb0FkVW5pdD0xMTczMDM3NCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPTNmZGYxNGE1LTU3ZDktNDdmNS04YzE3LTUyMWE4YmU3YjEwMCZydHlwZT1udXJsJnNtcGxJZD1lY2NjYSZ0YWdJZD0zNjc4NTUmdHJhZmZpY0dyb3VwPWdldmN5cnl2c2dfcGN6JnRyYWZmaWNTdWJHcm91cD15dmlyX3ZhZ3JhZyZhaWQ9MTUzOTAyMTE0ODYyNjQxNzE4MTQ1MTAmd3A9MC4wNTHyAt8BCAASFzE1MzkwMjExNDg2MjY0MTcxODE0NTEwGAAgASi7KzDhhwRAAUgAUAFgEmgKcKC6EZABAJgBAKgB%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAbgBCsABJsgBM%2FABlMsM%2BAEzgAImkQIAAAAAAADwP5kCAAAAAAAA0D%2BoAgCwAgDIAgLYAgDxAmZmZmZmZuY%2F%2BALkOpADAJgDAKADALgD59CrAcgDANIDJk9BREQyLjc0OTA0NDgyNzYwODdfMU5VWE9TTVEyMTJGTldDNlJZ4AOglWXpAwAAAAAAAAAA8AMz%2BQMAAAAAAAAAAPgCBYgDAZIDBDk4OTWYAwCgA%2B%2B5FqgDAA%3D%3D
Requested by: Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.47.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-47-31.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Dec 2022 14:43:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame AC61 37 B
139 B 1053ms
86ms Image
image/gif 52.223.22.214

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=15390211486264171814510
Requested by: Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.22.214 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 n824p9304222r5n3q2p11017qosq585rbase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 2 KB
3 KB 217ms
0ms TextTrack
text/vtt 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/n824p9304222r5n3q2p11017qosq585rbase.en.vtt
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 04:13:48 GMT
via: 1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 37765
x-cache: Hit from cloudfront
content-length: 2292
last-modified: Fri, 30 Dec 2022 04:04:53 GMT
server: AmazonS3
etag: "ca3fdd3519cbe862418cd1c3e5243bf3"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: yQIXzKvx6krlE2vQVJ1IzXNPBgDrSKPbugIFRcWtj4wFtXGLtZazjQ==

GET
H/1.1 200
OK /
www.youronlinechoices.com/wp-content/plugins/optout/callback/ 0
0 1232ms
101ms Image
text/html 40.85.112.191

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=usUdkIiuCAm427255CaITZbwlvw
Requested by: Host: simcast.com
URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.85.112.191 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 3475s39rn992rr45nr0p0r247n75p9p3.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 1 KB
795 B 588ms
44ms XHR
application/x-mpegurl 18.164.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/3475s39rn992rr45nr0p0r247n75p9p3.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 04:14:06 GMT
content-encoding: gzip
via: 1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 37748
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
last-modified: Fri, 30 Dec 2022 04:04:08 GMT
server: AmazonS3
etag: W/"c553667dad189e418b3b99702b6db608"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-id: 0p_A28hpi1kqUj8rOXfXH32-7meObmR66dvKnq92LtmHJQUlTOBHig==

GET
H/1.1 204 increment
id5-sync.com/api/esp/ 0
320 B 462ms
128ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://simcast.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Fri, 30 Dec 2022 14:43:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET integrator.js
adservice.google.com/adsid/ 0
0

GET

current
dclk-match.dotomi.com/match/bounce/ Frame 6F29
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHV5aK0etLiCYYhksjuQrp8&google_cver=1&google_push=AavPq0Muenz5DK32s0JV2qaq7RAzwSd4o_UPv_L5qZfeiPQHLmarE83...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=26d0a298a6c414c8&is_secure=true&networkId=14000&version=1&google_gid=CAESEHV5aK0etLiCYYhksjuQrp8&google_cver=1&google_push=AavPq0Muenz5...

0
0

GET

us.php
c.us1.dyntrk.com/adx/ga/ Frame 6F29
Redirect Chain

https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGf2B9nnLbIWopiko7n0KJQ&google_cver=1&google_push=AavPq0PkTR-OXOr5pTUamzbawq7FUSoXLbNSWBPzhDim5Naqd...
https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGf2B9nnLbIWopiko7n0KJQ&google_cver=1&google_push=AavPq0PkTR-OXOr5pTUamzbawq7FUSoXLbNSWBPzhDim5Naqd...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 6F29
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEFQK-6brWgLyGqettsFcenY&c_param1=AavPq0NixwTZm2_sdVa-sDRhhaAxGLj8lTc0vZrpFSlSkD-ZpXACS_PNfzNDSyp0M8aY7Fj2dcuhQhAR-9RoEUGpVtZP_6eSjJ5pBKYJCdbb0f5_Ro3...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0NixwTZm2_sdVa-sDRhhaAxGLj8lTc0vZrpFSlSkD-ZpXACS_PNfzNDSyp0M8aY7Fj2dcuhQhAR-9RoEUGpVtZP_6eSjJ5pBKYJCdbb0f5_Ro3pKDSaDIZZ5q_DxXflt...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F29
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEAUYVS1M6Ch8AIqxuVhiK6o&google_cver=1&google_push=AavPq0NkpqOuZFBB8DDUFh5QVJbUIp3wWseVcgYXSz2YbXFyI8-olreG7nk46WDZW84FCRvai7WISH5uYjRW6FzNeaT-Da...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=R7dur808Ri2eFfs9CQkctw&google_push=AavPq0NkpqOuZFBB8DDUFh5QVJbUIp3wWseVcgYXSz2YbXFyI8-olreG7nk46WDZW84FCRvai7WISH5uYjRW6Fz...

170 B
188 B

90ms
46ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=R7dur808Ri2eFfs9CQkctw&google_push=AavPq0NkpqOuZFBB8DDUFh5QVJbUIp3wWseVcgYXSz2YbXFyI8-olreG7nk46WDZW84FCRvai7WISH5uYjRW6FzNeaT-DaPb_Q6qxImqyrVMCrlOx8mEucF02OcB1IMMarE5aqwmGraFeivS

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=R7dur808Ri2eFfs9CQkctw&google_push=AavPq0NkpqOuZFBB8DDUFh5QVJbUIp3wWseVcgYXSz2YbXFyI8-olreG7nk46WDZW84FCRvai7WISH5uYjRW6FzNeaT-DaPb_Q6qxImqyrVMCrlOx8mEucF02OcB1IMMarE5aqwmGraFeivS
access-control-allow-origin: *
date: Fri, 30 Dec 2022 14:43:13 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

supply
eb2.3lift.com/sync/google/ Frame 6F29
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJowQC9iThLXfBkykyOxE70&google_cver=1&google_push=AavPq0MiGdLL8AXEEP6aNLK1x2o266snCVA6ztY9Bd6T9FtPkmynXyM3sw9vDlKj6JRLKBc5O-kuqudP8ZgitDbmf0fVQLRhOq...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MiGdLL8AXEEP6aNLK1x2o266snCVA6ztY9Bd6T9FtPkmynXyM3sw9vDlKj6JRLKBc5O-kuqudP8ZgitDbmf0fVQLRhOqg...

0
0

GET

sync
rtb.mfadsrvr.com/ul_cb/ Frame 6F29
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEAWRdLk0_slQQ07-06Td5b8&google_cver=1&google_push=AavPq0MFiPu5yeb_6Y_cFDTD2xOA_IuYnL9y_L3b0DGfPOfSAqhf0BP3ndD4Hw7wE2Tp5HVeuf-g...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAWRdLk0_slQQ07-06Td5b8&google_cver=1&google_push=AavPq0MFiPu5yeb_6Y_cFDTD2xOA_IuYnL9y_L3b0DGfPOfSAqhf0BP3ndD4Hw7wE2Tp5H...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 6F29
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAVLjeNSk9mDYr0ONs5_tc4&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGM5ZTdhZGUtNDgxMS00ODYzLTlmNTctOGI5ZTIwMjBhMThh&google_push=AavPq0NWUst4fc981AH9zkK2hbRLi3BiM-YTADayYpAkCHyWLXTg5VjWhpZNs0C6SMEH-...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6F29 0
12 B 322ms
67ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDIl-Ga30AxTl0eQnkV5vpejv7rxarwG1v2vxjSy2vF5yMVudz5pXfwpenxwcAJvMDhQn0mUE

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET

pixel
cm.g.doubleclick.net/ Frame D9E2
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMQbIHUm7ELjmK0aybLmWyw&google_cver=1&google_push=AavPq0Pg0TytV7F9CIw1-T9-vEQzd67mEOtrhvKM4SyuQGXDwzeRtJn-vU759NWINcjXu5POatUb4iWxSwuGJqZK2yVMTuILeqMqb...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1ODA1MTU5NDE1NTM4NTU4MQ==&gdpr=&gdpr_consent=

0
0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D9E2 0
173 B 622ms
39ms Image
text/plain 34.96.105.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFmV6DadEvzfRz7TdzVl_PU&google_cver=1&google_push=AavPq0Meq4AGsf2bCv2cymhRpFbs5MZPCO3hMOjzlomzieTgcKNEoNmgfQ48Esw0Mc_0iwl7uwGMoXP0_QzOSpMOFuBysrk6DTcywbHBqZeOfY_1gTDqLEmZ95XyeTtyMiCsy7bmle1eLhlrbg
Requested by: Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET

pixel
cm.g.doubleclick.net/ Frame D9E2
Redirect Chain

https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEDmOFdKZT_H4m5R9lGfhb2Y&google_cver=1&google_push=AavPq0NSZkX8fjWy2-N7x4eI__Xph_eMqfds_iV5Tp1cxxY3KkJFX5-_uqglmYTI1N-zo7N4M6g6w1i6Zq19...
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AavPq0NSZkX8fjWy2-N7x4eI__Xph_eMqfds_iV5Tp1cxxY3KkJFX5-_uqglmYTI1N-zo7N4M6g6w1i6Zq19IjDB8hLAwdXaX3m_5XI36RogHPjJPhTA6XjPsYCeNIt9ki...

0
0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame D9E2 43 B
641 B 852ms
215ms Image
image/gif 202.233.84.1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEAhRxF2-VX13W9aaqojxfvI&google_cver=1&google_push=AavPq0OpoATi9gQQILHMfRSGyFbxZIdErQlYpmQ976-Q7znXp1O3mmBUXml2ZyU5zCLC8XVhpjk9vcwnzqXFziswwojQS9Ku80DSRO_-5BO_W0XXC-lCis7jNsMoqspSeD54bncm_fzWXDVRkQ

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 30 Dec 2022 14:43:14 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D9E2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...

0
0

GET

0.gif
id5-sync.com/i/495/ Frame D9E2
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEFDHv303fVgzWSQXhutWQPQ&google_cver=1&google_push=AavPq0NKVTJGkUPnzB4zugFdJ90Bu0b2Oim0YZ6JwrnJShddhQFO5CUsJUzpBE5tdJfsyPnB8dmuYpqigKPKG_2_bDom-ppRa_Z8tIfZ...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAavPq0NKVTJGkUPnzB4zugFdJ90Bu0b2Oim0YZ6JwrnJShdd...

0
0

GET
H2

200

/
onetag-sys.com/match/ Frame D9E2
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAGULHa5EyDPTvNh73fuX9o&google_cver=1&google_push=AavPq0PInU__S08FETerIrAdK2arESUR3OIEPbTzOoB2TQYG6gxmxIUPN_CZd_ZrBV4Vm96vG4SadZBZKA7...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PInU__S08FETerIrAdK2arESUR3OIEPbTzOoB2TQYG6gxmxIUPN_CZd_ZrBV4Vm96vG4SadZBZKA7iwVjCuh54kKgvyr8H3Q8VvfO80B90ir2h5uAH...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

25ms
22ms

Image
text/plain

51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 30 Dec 2022 14:43:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D9E2 0
12 B 324ms
107ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8mWjZz2nPP4QTEzdRNBemK6Hc2fs-IVtKbkEisuavlt-Y28P-xq1DIiJEg9kA6qDjpA3V2ks

Requested by

Host: 6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 62ms
44ms Ping
image/gif 18.213.132.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=ue2_sqKbvmzDlYDg&instance=214946970&version=7.12.2&age=221230&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=6&absoluteTime=15919.6&relativeTime=7643.4&alt=0&sC_ID=6161&sm_id=2452064&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.132.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-132-77.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:43:13 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
142 B 121ms
103ms Ping
text/html 44.206.165.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=WXdoWYLkSJ&USR_ID=214946970&ST_usrKey=ue2_sqKbvmzDlYDg&SM_ID=2452064&C_ID=12018&C_companyName=Adapex&version=70120020&sC_ID=6161&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=offtherecordpgh.com%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.2/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-165-148.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Dec 2022 14:43:13 GMT
cache-control: max-age=1
content-type: text/html; charset=UTF-8
server: Apache
content-length: 0
expires: Fri, 30 Dec 2022 14:40:39 GMT

GET 3475s39rn992rr45nr0p0r247n75p9p3-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 0
0

GET
DATA 200
OK truncated
/ Frame DAF4 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9A6E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9084 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET privacy_small.svg
static.criteo.net/flash/icon/ Frame 4BCB 0
0

GET adchoices_en.svg
static.criteo.net/flash/icon/ Frame 4BCB 0
0

GET close_button.svg
static.criteo.net/flash/icon/ Frame 4BCB 0
0

GET back_button2.svg
static.criteo.net/flash/icon/ Frame 4BCB 0
0

GET lg.php
cat.da.us.criteo.com/delivery/ Frame 4BCB 0
0

GET i
adrta.com/ Frame 4BCB 0
0

GET privacy_small.svg
static.criteo.net/flash/icon/ Frame C9B5 0
0

GET adchoices_en.svg
static.criteo.net/flash/icon/ Frame C9B5 0
0

GET close_button.svg
static.criteo.net/flash/icon/ Frame C9B5 0
0

GET back_button2.svg
static.criteo.net/flash/icon/ Frame C9B5 0
0

GET lg.php
cat.da.us.criteo.com/delivery/ Frame C9B5 0
0

GET privacy_small.svg
static.criteo.net/flash/icon/ Frame ABA0 0
0

GET adchoices_en.svg
static.criteo.net/flash/icon/ Frame ABA0 0
0

GET close_button.svg
static.criteo.net/flash/icon/ Frame ABA0 0
0

GET back_button2.svg
static.criteo.net/flash/icon/ Frame ABA0 0
0

GET lg.php
cat.da.us.criteo.com/delivery/ Frame ABA0 0
0

GET ads
pubads.g.doubleclick.net/gampad/ Frame 8739 0
0

GET bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame AC61 0
0

GET dpixel
cms.quantserve.com/ Frame 3502 0
0

GET us.php
c.us1.dyntrk.com/adx/ga/ Frame 3502 0
0

GET /
s.uuidksinc.net/match/47/ Frame 3502 0
0

GET pixelmatch
ap.lijit.com/dsp/google/ Frame 3502 0
0

GET pub
cs.chocolateplatform.com/ Frame 3502 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 3502 0
0

GET sync
rtb2-useast.e-volution.ai/ Frame 3502 0
0

GET attr
cm.g.doubleclick.net/pixel/ Frame 3502 0
0

GET animejs.js
static.criteo.net/animejs/ Frame 4BCB 0
0

GET img
pix.us.criteo.net/img/ Frame 4BCB 0
0

POST all
csm.us.criteo.net/ Frame 4BCB 0
0

GET criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4BCB 0
0

GET privacy.svg
static.criteo.net/flash/icon/ Frame 4BCB 0
0

GET webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C9B5 0
0

GET animejs.js
static.criteo.net/animejs/ Frame C9B5 0
0

GET db12752f5f8f439ba506578276899e1f_brandon.woff
static.criteo.net/design/dt/ Frame C9B5 0
0

GET img
pix.us.criteo.net/img/ Frame C9B5 0
0

POST all
csm.us.criteo.net/ Frame C9B5 0
0

GET criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C9B5 0
0

GET privacy.svg
static.criteo.net/flash/icon/ Frame C9B5 0
0

GET webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame ABA0 0
0

GET animejs.js
static.criteo.net/animejs/ Frame ABA0 0
0

GET db12752f5f8f439ba506578276899e1f_brandon.woff
static.criteo.net/design/dt/ Frame ABA0 0
0

GET img
pix.us.criteo.net/img/ Frame ABA0 0
0

POST all
csm.us.criteo.net/ Frame ABA0 0
0

GET criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame ABA0 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: adservice.google.com
URL: https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Domain: dclk-match.dotomi.com
URL: https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=26d0a298a6c414c8&is_secure=true&networkId=14000&version=1&google_gid=CAESEHV5aK0etLiCYYhksjuQrp8&google_cver=1&google_push=AavPq0Muenz5DK32s0JV2qaq7RAzwSd4o_UPv_L5qZfeiPQHLmarE83yi2CIMtxKe7-rlXkRohtigcfQDrCe8CktPf5OWG6x3atKrQmsAbRWlWt425Ofkyb5Ejh9ayxX-mXZ6kyer1ZrY_uC

Domain: c.us1.dyntrk.com
URL: https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGf2B9nnLbIWopiko7n0KJQ&google_cver=1&google_push=AavPq0PkTR-OXOr5pTUamzbawq7FUSoXLbNSWBPzhDim5NaqdHMquMtG6xwTt9H5TBGCmmJscQ8f86lzIwJjYCVdOTevZye6cyT7_-i0GMOiGQPqPCMA0PiHamgZuIjhUqLQwo1BS2U2Wy-l&prevuid=06030001_63aef901e83d8&knw=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0NixwTZm2_sdVa-sDRhhaAxGLj8lTc0vZrpFSlSkD-ZpXACS_PNfzNDSyp0M8aY7Fj2dcuhQhAR-9RoEUGpVtZP_6eSjJ5pBKYJCdbb0f5_Ro3pKDSaDIZZ5q_DxXfltOu6JUngmRA

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MiGdLL8AXEEP6aNLK1x2o266snCVA6ztY9Bd6T9FtPkmynXyM3sw9vDlKj6JRLKBc5O-kuqudP8ZgitDbmf0fVQLRhOqg7pU75VAP3SWGIeLTjYSEnIRe7ws97MI7bmC4THCqrYqox&google_gid=CAESEJowQC9iThLXfBkykyOxE70

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAWRdLk0_slQQ07-06Td5b8&google_cver=1&google_push=AavPq0MFiPu5yeb_6Y_cFDTD2xOA_IuYnL9y_L3b0DGfPOfSAqhf0BP3ndD4Hw7wE2Tp5HVeuf-gwxzmn9zJ1n6I2O9bJH5ooCc9YFE9_iO76LJzH24dD8y3bmMNkmu6A3ushDzTZ60eoyfUyg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGM5ZTdhZGUtNDgxMS00ODYzLTlmNTctOGI5ZTIwMjBhMThh&google_push=AavPq0NWUst4fc981AH9zkK2hbRLi3BiM-YTADayYpAkCHyWLXTg5VjWhpZNs0C6SMEH-wb1itbpjweeoVPS04q2X-Hzrz-pwaxsG5sq2j1TigbpFG-4amfjjAKbSE1rtb_gN0ip4g6NqUN-

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1ODA1MTU5NDE1NTM4NTU4MQ==&gdpr=&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AavPq0NSZkX8fjWy2-N7x4eI__Xph_eMqfds_iV5Tp1cxxY3KkJFX5-_uqglmYTI1N-zo7N4M6g6w1i6Zq19IjDB8hLAwdXaX3m_5XI36RogHPjJPhTA6XjPsYCeNIt9kiJnfcV73jHmSlCA

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDj6aH92LTEAzuulK8jMSlA&google_cver=1&google_push=AavPq0PB0Xyafx1ALGFZNFtfqFMqNzV275ZRkoXrZ3WYp6SUV27GpR9B-YO-rCT1tHdC-87OM8exr-0eLiYGw6bham4PtVmMJnNrgYhoggogOcXTRy2fg5g8fGtCzVf9WU4I0O7khG4KeyMBxg&rdf=1

Domain: id5-sync.com
URL: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAavPq0NKVTJGkUPnzB4zugFdJ90Bu0b2Oim0YZ6JwrnJShddhQFO5CUsJUzpBE5tdJfsyPnB8dmuYpqigKPKG_2_bDom-ppRa_Z8tIfZ1yU3KEAlmdDos3__pbGX6DgpteW7XxK5pNfPIlyaag

Domain: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/3475s39rn992rr45nr0p0r247n75p9p3-00001.ts

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/privacy_small.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/adchoices_en.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/close_button.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/back_button2.svg

Domain: cat.da.us.criteo.com
URL: https://cat.da.us.criteo.com/delivery/lg.php?cppv=3&cpp=ll34YScO5ldBQVjXINOYkteJ0xFD_Cf4Qe4ml5QzXxuZkSfHdJlzUNzNdcWOz6wUvNvUVJkAHhlK6LSzo55wPIGmGuUn4GzIdSXfRvE3IZAusOqHUU3bTS69xHVS-7jzDUQv4yezHcOeQy3YHmNPOaNJDye6io2tFJp3QXbn1CA8ghHQi52iZ8sAOVHAVamHAkuGng3XH3VM1_86YbXuXJjp00x23EKymq9FxCm-3TcwXb_deltFVbS5wb7QkcdFMVhYHz4Dzim3J22a5oQoDp_1zhPx3hgwu09WGKwwbgP9SgfEF26IZDaElH_0qTcoDn2sElFLCfV2j0SsCU8R52HOl8Xrk9uq-qAme6G0wZXbm9vSWOR0zwKayfU_EIlvwygd8d4nIUG5U2PCbbTnRlPYxAAJG9BUA0gSJQvPKUm80w-C

Domain: adrta.com
URL: https://adrta.com/i?cb=63aef900c182768ef9b0905eb6ce702b&clid=co&paid=co&avid=58505&caid=199746&plid=10672519&publisherId=41614&kv1=970X250&kv2=https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/&kv3=608c263d-6253-469d-a68b-f58be76058cd&kv4=2602:ffc8:2::&kv7=327&kv11=63aef900c182768ef9b0905eb6ce702b&kv12=179554&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&kv24=Windows_Web

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/privacy_small.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/adchoices_en.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/close_button.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/back_button2.svg

Domain: cat.da.us.criteo.com
URL: https://cat.da.us.criteo.com/delivery/lg.php?cppv=3&cpp=DbiQK3IcxIPJH6C6G3J34NMsMcUFjnIm0dj8G71PPNCC6AR-x17psQP5VvIUpFwdiY7eZVOfoscj3gqwcpcAByiPStuYTrYAbyf8wYQqM7fAwNdgdeh7WA0007YwjQptQCtRJpljYUcplBLgnEdrFv0rKiqBXCKpxUzkiwWfmtNb97eQmZVIWVkZzSLUOGyPih0CmoV4JQaMVt-x4nXlXBLtwbnozhdRzEkMNK1C2azlgUWgxlDjNbfGFA5ZmKa8gP-vIhhfjx6lsR9mFFJ3y3aThI5wv8Knl74u127ghZi2NJXC2kSpHmIUBiAnfEAdZmnzx0SUNoBSfM1BLv6yTQArWMNX-r-gA6GY4LgyBp-8lzliTuTec9gFMCM784xDrtIMC-Y-oiYJueiJa3Hgou4RowF2mmy9SpwFH-yegW0oGZlP

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/privacy_small.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/adchoices_en.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/close_button.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/back_button2.svg

Domain: cat.da.us.criteo.com
URL: https://cat.da.us.criteo.com/delivery/lg.php?cppv=3&cpp=hKuNVi866zhUnMHA13aHEaW9OIvEvXWSnIPQMNQ-OO0TPGQBRUoo6-O9jKTMR8WnIk_IC6Iwhlc1iE4k8BBpQJSFgueHYimwNBCgU3X6mFnMd8zkwNpVqtnx_2xK5m0W8kCF7II6EbARniFH4mvIG7W7WKdHo7zGq6mV3WOOsugIsCIrnAFPpekUKqpymKvxLrKnWfqPJaTDD2dszR1meyqHMevjn3xzSse1WuzAZ9xYmuhtnNpaiQ43kAp0_UQWbqsM80H1ZprVxGIfCMxnjBRm0yHgKbLZzeSEvax9nNiX9XM2ceUNf48tnDAI4CHUw5cRoAJm92x6_PoF8SDv4jux80BvsI_iu_o6Lv28Q-Wx3-ePUMMxEWMSJLj7JGHtZ3mIOk2ioHuNCHjWksy9Ttl07oPP5sos6uO5TRQSwLbq8s59

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214946970-ue2_sqKbvmzDlYDg%26schain%3Dstnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D6161%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.12.2%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00073%26rand%3D10%26iris_id%3Diris_58e1f2d03204169f%26iris_context%3Dic_5619313%26us_privacy%3Dfalse&url=https%3A%2F%2Fsimcast.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&us_privacy=false&hl=en&cmsid=2460952&vconp=2&video_doc_id=2452064&vpa=auto&vpmute=1&cnc=22632072816&kfa=0&tfcd=0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=6C33E981-E34D-4227-A959-9578722A4E31&a3p=EhkKCnVpZGFwaS5jb20YxMTym9YwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjDxPKb1jBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjExPKb1jBIAFICCGQSOwoKcHViY2lkLm9yZxIkOWNjZjI4M2UtNjJkNi00YTBjLTg5YzQtYzhkZGY1MDFkYjU0GJHW8pvWMEgAEh0KDmVzcC5jcml0ZW8uY29tGMPE8pvWMEgAUgIIZA..&nel=0&eid=44748969%2C44750823%2C44765701%2C44777648&ref=http%3A%2F%2Fofftherecordpgh.com%2F&top=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&loc=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dofftherecordpgh.com%26pcid%3D802%26rid%3D152%26a%3D0&dlt=1672411378042&idt=13968&dt=1672411394235&cookie=ID%3D7a4cd321ef37fc22-2229e78807da0007%3AT%3D1672411384%3AS%3DALNI_MbYDEldrcE18-6H47Knvr3rAMntOg&gpic=UID%3D000008eaa8245b6b%3AT%3D1672411384%3ART%3D1672411384%3AS%3DALNI_MY61QVKlIUF2wQHuyvSe1Z54yva_w&correlator=3407357995985487&scor=23559073193074&ged=timeout

Domain: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEICLAh-5OO_utB26fJJhrs4&google_cver=1&google_push=AavPq0Pl06xuCfR86eVJNSkvuiTzL2IBkTmrSZarmCibovP439rQIYaS_7tGVJKUhsCH_HwqfN1_qgzdUj6SSlm_3W9g4vMDKfE

Domain: c.us1.dyntrk.com
URL: https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGf2B9nnLbIWopiko7n0KJQ&google_cver=1&google_push=AavPq0NagxL5GN-BRSMXhpjnhKyYbgzU3ukUtTmSJqUTl7g7VgHQYY_mh_tHsPb9Nz3JC7knO1kD9f3wWGAdD1FT2BfU6RkNAXE

Domain: s.uuidksinc.net
URL: https://s.uuidksinc.net/match/47/?remote_uid=CAESEFQK-6brWgLyGqettsFcenY&c_param1=AavPq0PYMF77scOmmF3P9qNmxP9wnXuln0_pQJMEGmzoT0efe-3lC64tVGjw_30U5hn7JqxdLmKNXHR_hW-ga5m6q6wI4nTWtZM&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1

Domain: ap.lijit.com
URL: https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBc5TseQ0slvMrqfFcQnllY&google_cver=1&google_push=AavPq0NM40DY3T7QAFL2MdlUYS2zowWPqTTNaU0NA5EwbgDMvIBHvHjp7j2hLuzaYFPEHCdAME21ZOLcWAgHPe7iHPpM5HXaJw4

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEEGRwhEc40FthTU13S-uuak&google_cver=1&google_push=AavPq0OqGnF_n4rlYceBtf-S-vcl9Is5gv3yzLF_Re3CSVoQvC8SPjdHz6KBOApz8Aefzvqo9Bm3D29dHw1G-bQBmuIaR93Hhl0

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFUuwPv8Ovmmu7K9UORZrok&google_cver=1&google_push=AavPq0P7IdWMMw0fq-iHLkweodZF7UQFv3rYgFZgme07QjS1EZfYrGe0XQiV4PVUjjY_Hw5_GN3EwXmhhM78BwhIPNbJHfAG6JA

Domain: rtb2-useast.e-volution.ai
URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENXBuR7VNdaUL2BcCJNsKcw&google_cver=1&google_push=AavPq0MQff18K2mfYteKpBtxB3vcXsgYyMkizRL80D5Wy8j-Xo009OijSuUNbSVqZc-WCqfviA9x2FY3XjHYi1hIU8MpEmLYpwxU

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTjU5xod3rZbPrKKhQT4TdcrBphD-Lrg9QOClOP1x3shkw5rYgASMaVg6b5cKg8DqavJ0clA

Domain: static.criteo.net
URL: https://static.criteo.net/animejs/animejs.js

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?h=496&m=0&partner=64028&q=80&r=0&u=http%3A%2F%2Fstatic.da.us.criteo.net%2Fdesign%2Fdt%2F64028%2F190919%2F262507d2dce94830b3828e59d9ce2bb1_br_gmc_1.png&v=3&w=356&s=aBI0tvuJJYPNAbmUzhL21cdT

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64028&q=80&r=0&u=https%3A%2F%2Fcdn.inventoryrsc.com%2F235330022_63993f1a0ee146293402d97e.jpg&v=3&w=800&s=4NVjGkIta6v_nAZIZHoYpH6N&b=400

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64028&q=80&r=0&u=https%3A%2F%2Fcdn.inventoryrsc.com%2F230046577_6374f794698c505bd1ba4f81.jpg&v=3&w=800&s=ZtYfL-e9-vMoKYLYG54wuVO5&b=400

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64028&q=80&r=0&u=https%3A%2F%2Fcdn.inventoryrsc.com%2F132222044_636c69c72af35a2a64512e00.jpg&v=3&w=800&s=eD_lTdEJCe6AQTU780cTHkdg&b=400

Domain: csm.us.criteo.net
URL: https://csm.us.criteo.net/all?cppv=3&cpp=uGS5fUa_XggwLs2hWjVXqvPiyGjZcq8gw9LUwbZbvpa-7rM4R5fwJN06_e3IrwemyDMtoSAuv180ZMtABsefffDjw1CyoNPr6ga1LU9Vaw7P8-rscHWQM4aan4NrpDqyJNw7cOhJqc7jzW3WOyp8K4UyqAb4SJQIpJO7XXHY3N2sf_bsArL5GntUu52mN_Eh6rCGQmHRAQ5F1_y0qZYnY73dzfPjDRdTAXESoqYxLH7D2ufS-Bx5sEh9RLp4FCOs0zvwDo1Ryz7VChDS&sds=2&rev=84145&sendBeacon=true

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/privacy.svg

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Domain: static.criteo.net
URL: https://static.criteo.net/animejs/animejs.js

Domain: static.criteo.net
URL: https://static.criteo.net/design/dt/db12752f5f8f439ba506578276899e1f_brandon.woff

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?h=92&m=0&partner=96892&q=80&r=0&u=http%3A%2F%2Fstatic.da.us.criteo.net%2Fdesign%2Fdt%2F96892%2F221102%2Fca42c9e15e1042bb99f3589c45777b24_new_logo.png&v=3&w=668&s=CXciK0kNuZ1Zl-VNegJyoXPp

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96892&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0079%2F1923%2F9266%2Fproducts%2FSunday-Citizen_Cosset-Relaxed-Sweatpant_Moon-Over-Malta-Grey_1.jpg%3Fv%3D1652274338&v=3&w=400&s=bkFrfIypgAGNWDu_L9KQ83G9&b=400

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96892&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0079%2F1923%2F9266%2Fproducts%2FSunday-Citizen_Cosset-Relaxed-Pullover_Denim_1_538b140e-1c3c-4560-8dd3-b56a8a3e1c34.jpg%3Fv%3D1671499431&v=3&w=400&s=x8rG8R1OonwuxwQM_V4SI5UN&b=400

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96892&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0079%2F1923%2F9266%2Fproducts%2FSnug-Basketweave-Comforter-White1.webp%3Fv%3D1670873239&v=3&w=400&s=lhL3uSLd0JnFFcDIkDnloY3t&b=400

Domain: csm.us.criteo.net
URL: https://csm.us.criteo.net/all?cppv=3&cpp=JQOrAEa_XggwLs2huYKNf_4YOIE8EbOORxZVvm6MuGp2W0WoI5IsKeLGXjEB-9d3vTQaq82m6188JCrBe3Lixl9TLuK379qrFSEOtMZsDBvIFOd6iXTaUC5Ju_DWYRR9XxnDrdUDhrxO6HDBhWsxfpV0XhJN0Hu84XgJLpQqj7ONKrGUFeN_92zftTpyiML2uHdBbM9o1pce8Gf3fKYC-DPnCj0yeJGkqbBQESwx0BWg-kt3aczFUd_3EfrSkM-j1oAzWqn2HbZmy93y&sds=2&rev=83933&sendBeacon=true

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/privacy.svg

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Domain: static.criteo.net
URL: https://static.criteo.net/animejs/animejs.js

Domain: static.criteo.net
URL: https://static.criteo.net/design/dt/db12752f5f8f439ba506578276899e1f_brandon.woff

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96892&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0079%2F1923%2F9266%2Fproducts%2FSunday-Citizen_Cosset-Relaxed-Sweatpant_Moon-Over-Malta-Grey_1.jpg%3Fv%3D1652274338&v=3&w=400&s=bkFrfIypgAGNWDu_L9KQ83G9&b=400

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96892&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0079%2F1923%2F9266%2Fproducts%2FSunday-Citizen_Cosset-Relaxed-Pullover_Denim_1_538b140e-1c3c-4560-8dd3-b56a8a3e1c34.jpg%3Fv%3D1671499431&v=3&w=400&s=x8rG8R1OonwuxwQM_V4SI5UN&b=400

Domain: pix.us.criteo.net
URL: https://pix.us.criteo.net/img/img?h=76&m=0&partner=96892&q=80&r=0&u=http%3A%2F%2Fstatic.da.us.criteo.net%2Fdesign%2Fdt%2F96892%2F221102%2Fca42c9e15e1042bb99f3589c45777b24_new_logo.png&v=3&w=596&s=7-_amAoEY_jJbqd4NLTft-9U

Domain: csm.us.criteo.net
URL: https://csm.us.criteo.net/all?cppv=3&cpp=2W7bkEa_XggwLs2h6vBu-0yDCdaNX3CXfOBFPywh1QofSBhwwuyzCrohUXVQGAtSPrsJaMVTN_zEMrmisc2kRP-7_0Z3aqvjSwmwxpuKO37iyT_u372MpVDKXKZljBOgqSIHvGao8AFrj5c8uKr6BK1WSnK0mKQ7ZzpiBLSgx7aAp9uyGJbu4uabZD8php5r9KyL74d0ouKVvXuVuIMqpLkBOR_wYdEk2tSRL3qys47qFFQv0iQRPwYlWCSaq14dL9vP5-VuglthUS7a&sds=2&rev=83933&sendBeacon=true

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://simcast.com/?d=offtherecordpgh.com&pcid=802&rid=152&a=0 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6bb0d7dfa427bd625ef39abad4062847.safeframe.googlesyndication.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
ad.360yield.com
adrta.com
ads.us.criteo.com
adservice.google.com
aid.send.microad.jp
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
at.teads.tv
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.neodatagroup.com
c.us1.dyntrk.com
c2shb.pubgw.yahoo.com
cat.da.us.criteo.com
cat.hbwrapper.com
cdn.adapex.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.resonate.com
cdnjs.cloudflare.com
cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cs.chocolateplatform.com
csm.us.criteo.net
d29xw9s9x32j3w.cloudfront.net
dclk-match.dotomi.com
ds.reson8.com
eb2.3lift.com
embed.sendtonews.com
embedcdn.sendtonews.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
id.crwdcntrl.net
id.sv.rkdms.com
id5-sync.com
idx.liadm.com
image6.pubmatic.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.360yield.com
match.adsrvr.org
mug.criteo.com
offtherecordpgh.com
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.googleadservices.com
pix.us.criteo.net
player.sendtonews.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
pubads.g.doubleclick.net
qsearch-a.akamaihd.net
rtb.mfadsrvr.com
rtb.va.us.criteo.com
rtb2-useast.e-volution.ai
s.uuidksinc.net
s0.2mdn.net
s2l.sendtonews.com
search.spotxchange.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simcast.com
ssbsync.smartadserver.com
static.criteo.net
tags.crwdcntrl.net
targeting.unrulymedia.com
timber.sendtonews.com
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
tra.neodatagroup.com
tracker.neodatagroup.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youronlinechoices.com
adrta.com
adservice.google.com
ap.lijit.com
api.rlcdn.com
c.us1.dyntrk.com
cat.da.us.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
cs.chocolateplatform.com
csm.us.criteo.net
d29xw9s9x32j3w.cloudfront.net
dclk-match.dotomi.com
eb2.3lift.com
ib.3lift.com
id5-sync.com
image6.pubmatic.com
pix.us.criteo.net
pubads.g.doubleclick.net
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
s.uuidksinc.net
ssbsync.smartadserver.com
static.criteo.net
104.117.182.27
104.18.12.242
104.18.33.19
104.18.8.110
104.36.115.111
108.138.106.16
108.138.106.50
108.138.128.34
108.138.128.39
13.225.63.3
13.35.101.24
141.95.98.64
141.95.98.65
142.250.80.98
145.40.89.200
172.64.151.162
172.64.154.237
18.164.124.102
18.164.94.225
18.164.96.56
18.213.132.77
192.241.157.60
192.35.249.142
199.127.204.163
20.73.234.141
2001:4de0:ac18::1:a:1a
202.233.84.1
23.41.169.52
23.57.131.233
23.64.61.36
2600:1400:d::6878:d2ab
2600:1901:0:8344::
2600:3c02::f03c:92ff:fe2d:3e71
2600:9000:2511:e400:a:e047:752:5701
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:3556
2606:4700:3034::ac43:9aed
2606:4700::6810:85e5
2606:4700::6811:180e
2606:ae80:1451:19::1460
2607:f8b0:4006:807::2006
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2001
2620:100:a001::18
2620:100:a001::3
2620:100:a001::4
2620:100:a001::c
2620:100:a005::2b
2a04:4e42:200::485
2a06:8640:764::2
3.215.47.31
3.230.217.116
3.33.220.150
34.107.148.139
34.120.155.137
34.197.197.106
34.96.105.8
35.211.165.199
40.85.112.191
44.197.142.189
44.206.165.148
45.79.244.12
50.28.32.8
51.222.239.230
52.204.114.10
52.223.22.214
52.54.240.100
54.175.108.164
54.221.158.171
54.83.180.210
68.67.160.75
74.119.119.139
0079c384191e45b4ef383ff55baa1ed4d82d1a612b148096068ff737d1cf9574
0330e5dad71b8c72da6a3f473fc343a12be67c598cc082651d2fa331c407988d
05a3fd3f8d058cdd65e27b9bacd858b0f334fd81524a5a98fe0fd3500660d663
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a46e89e7d29cfda66c551f121a219b17e00e7cb48a29ba291c29d6ea9779408
0be4c7120a12a5db2aef4ee1e24aef0744989131ac9fcf6ba60a8723698b37dd
126f2eac9d5f84c0fd0d188b8b58bab75456f25dcd0189fc4b0627407a2a5097
1be644063e7501d3e8fd3b756b8bef3ce86ea5cce27fcb10500477ccdf3a40b9
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
2d5284d99fcf72269cb879d0f3cd5b555d2bd790ba69b00a3afc8b2e16955d8c
33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd
3425a69da31a00fcc921897fcbef0d88a16525409aa013cd3fe81590d5cad8a7
34b5c0368658afa33398ded0dfe789ddd294dd854dbe40de6b3cf80ff2fde30b
36f98074c3c03c79dacc53ee0b8b0d9a465486c0ce011cea37c28bb47067e0aa
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
4d7db15d19132707628d97c9fdfa8d266623d4a4eb4fe5d0ff38245f868d3e7f
4e0ca81ca7bb37f31dbeb67e429ff8cfd963b5675a96839fd0adc909fd0354a7
619a69207457a5bfc5c710559eceddd80148937f3ce909bbef67e1028c1b7c23
6465540ffafe33cc6040856fd44539634ce50318b46826a7f5012ec9e2c5814e
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
69d0c5220bcc0d99812a82904bd8d8541f4052617cb82dba63ec1849a7262a7a
6d207dfe56fe42f00e2755de219d57b425c45e9dd6f0b593d466cef66ea64714
7e7cda72d5d77c1f2a057aaf6ef3e209cb2a61328ad5f2a4020e086996671739
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8ef1922acc47066eb9e9e9467c90f7e2bf47581e756090908730ec5f29d669f3
8f5f15c94a411a259a9c7ac5a39bd62286a12670ddd45003d7b89d634611501a
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9a93e41550478bf5493599ec7c80e3ad0657e53d6db4c8a2bb72793a907e37e9
a026d78a64f76a0fe08a62eda1ea1ee0747935a8261c520988ea2512c775a99c
a0fd73976f18daa148b2506376f2e19111a509b4aee05bb08ad1fc0f08e693ff
a25c76228e3ee7a52e592745b21f449550f677c1251a96402e9da9b848f60a78
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a563e21ef848805cd0e5a4abdee69e22196b947c459ae5c20ba6267fb08fa412
a73d67096ccf12f95814a2d275d992a00da57a4a5406a76ba09a453a8b42338e
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
aa86dab4502a12565ead4511383711c534bdc3be6e97f0961e869e31862dc553
abe96a5c1249982c69abac519b725c90015189f74c66e0a9d7cf7bed368dd46b
adac6c0ecd79ff0ecbfcb5026a3cd70f37a6361638b8b92804ab745492de27eb
b1d9ef0f970d1a036c4c5a423dc464babeeb0a0fab9a0943e4f0e4344d04dbca
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d3b6f8dcf913c675c2e9fbde3d82acc3720a5a3c4ee2d817ee167a38f7cb4393
d5d6df229ac67cde4b39d275955e4a279bbd7f922855d10b44f5701e6aa3cc64
d6fd425bfa06418f87594f7fb1486734777ef6655442296eab3b768287bf745d
d9396b67f98c4eb5a1c8c6bf45ae1cbdf950dda84395afae7cfb888b13e0dcc6
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
df3de558b2b4714d06cd4e21fe2faceb757baca6dadfcc199ecaf8d83e7f2111
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66d88ad1713514529e299b7208c2d6750c142e080e28aad4b3d21e1c2b57525
e9e81efc856f66a33ff45c199b47b90901d3257c7fad177816870c892e7acc1a
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
f7fd963d6bffd1e06fcbc0ecc37e749d08394d5db9e5af7ad450d202abf747c6
ffbe717adfaf0509471ad9c4ec08e6e3896af5381bea7c0fd7e0ac75ba88ebdf

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

299 Requests

75 %HTTPS

39 %IPv6

70 Domains

102 Subdomains

84 IPs

5 Countries

2983 kBTransfer

7391 kBSize

Cookies

0 Outgoing links

Page URL History

Redirected requests

299 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

299
Requests

75 %
HTTPS

39 %
IPv6

70
Domains

102
Subdomains

84
IPs

5
Countries

2983 kB
Transfer

7391 kB
Size

299 HTTP transactions
2 data transactions