urlscan.io logo urlscan.io
SecurityTrails logo

simcredits.net Open in urlscan Pro
2a07:7800::208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://simcredits.net/
Effective URL: https://simcredits.net/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On February 23 via api from IT — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 29 HTTP transactions. The main IP is 2a07:7800::208, located in United Kingdom and belongs to TWENTYI, GB. The main domain is simcredits.net.
TLS certificate: Issued by R3 on February 21st 2024. Valid for: 3 months.
This is the only time simcredits.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a07:7800::208 48254 (TWENTYI)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::60 8075 (MICROSOFT...)
5 89.116.64.168 46475 (LIMESTONE...)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.152.143.207 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
29 11
3    2a07:7800::208 (United Kingdom)

ASN48254 (TWENTYI, GB)
simcredits.net
3    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    89.116.64.168 (North Bergen, United States)

ASN46475 (LIMESTONENETWORKS, US)
afe.pw
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
228 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 777
o.clarity.ms — Cisco Umbrella Rank: 7429
c.clarity.ms — Cisco Umbrella Rank: 1351
28 KB
5 afe.pw
afe.pw
120 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 316
50 KB
3 simcredits.net
simcredits.net
6 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 242
764 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 775
24 KB
29 9
Domain Requested by
6 pagead2.googlesyndication.com simcredits.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 afe.pw simcredits.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 o.clarity.ms www.clarity.ms
3 cdn.jsdelivr.net simcredits.net
3 simcredits.net 1 redirects simcredits.net
2 c.clarity.ms 1 redirects
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.clarity.ms simcredits.net
www.clarity.ms
1 www.google.com tpc.googlesyndication.com
1 c.bing.com 1 redirects
1 code.jquery.com simcredits.net
29 12

This site contains links to these domains. Also see Links.

Domain
www.afe.pw
afe.pw
Subject Issuer Validity Valid
*.simcredits.net
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
afe.pw
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://simcredits.net/
Frame ID: D77DAF883599C8CB22C59B2E1EAC7280
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: 1E8D5761F5CBC381EBFB05D73CECB236
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2207596415306425&output=html&adk=1812271804&adf=3025194257&lmt=1708652192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fsimcredits.net%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708652192452&bpp=2&bdt=324&idt=240&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=238285188496&frm=20&pv=2&ga_vid=659436768.1708652193&ga_sid=1708652193&ga_hid=1586331891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C31081316%2C95324580%2C95325068%2C31081331%2C95320377%2C95320870%2C95324154%2C95324161&oid=2&pvsid=1439532606214737&tmod=1381821549&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: B1DFDE7A9D37F0E46952A3047C0E165B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AD87D457E39FADBF0D4486D0B7D23EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 692B98B6D25BB96E9AF79873E28BA29A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Mobile Top Up for Afghanistan Networks With Google pay or Mastercard and Visa - Afe.Pw

Page URL History Show full URLs

  1. http://simcredits.net/ HTTP 301
    https://simcredits.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

29
Requests

97 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

460 kB
Transfer

1175 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://simcredits.net/ HTTP 301
    https://simcredits.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=055ECA5846664F4A8E373D15EA5F5343&RedC=c.clarity.ms&MXFR=1A55B4E59DB46D151AF6A0CB99B463C7 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=055ECA5846664F4A8E373D15EA5F5343&MUID=1ECA2957FFAF66B62DA73D79FEBA679D

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
simcredits.net/
Redirect Chain
  • http://simcredits.net/
  • https://simcredits.net/
23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcredits.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::208 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache / PHP/7.4.33
Resource Hash
ba57917264aae29691ae38382c49aadf7a9ba0d904e2e71c24b9036410df3de8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 23 Feb 2024 01:36:29 GMT
server
Apache
vary
Accept-Encoding Accept-Encoding
x-cdn-cache-status
MISS
x-origin-cache-status
MISS
x-powered-by
PHP/7.4.33
x-provided-by
StackCDN
x-via
CDG1

Redirect headers

content-length
0
date
Fri, 23 Feb 2024 01:36:29 GMT
location
https://simcredits.net/
x-cdn-cache-status
MISS
x-via
CDG1
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://simcredits.net/
Origin
https://simcredits.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8892147
x-jsd-version
5.2.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230090-FRA, cache-lcy-eglc8600039-LCY
x-jsd-version-type
version
server
cloudflare
etag
W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBe04J%2BMGQMTSnXVwNqCOMTVDIspg%2B1VAQfI%2BrGYlYXRYlQp%2B8X9Wqo9kp7c79ShRR9giiYjb1XyXDQrpBDk3nneC6orAIW3RdinCBAwik8uqN3YasH8diDXIpJ7FLDF6dzuXwHXNdSJFDmlRI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
859bbd093d53491c-LHR
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://simcredits.net/
Origin
https://simcredits.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
13748391
x-cache
HIT, HIT
content-length
23856
x-served-by
cache-lga21963-LGA, cache-lhr7373-LHR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1708652192.211418,VS0,VE1
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
7, 55459
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/popper.min.js
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://simcredits.net/
Origin
https://simcredits.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7234963
x-jsd-version
1.12.9
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230041-FRA, cache-lcy-eglc8600030-LCY
x-jsd-version-type
version
server
cloudflare
etag
W/"4af4-w7l3qkuN+2nWUeBwFQMdOF3tlks"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sueToLiGy8oHI3TWfD3nYGHeRqBqtwCeNMWwrR18pKta66MMJXD3slDL8rhG%2FVyIs9Xo2qzUtbxRcuyiRUV1pgKVPhHxrEqu4TUdytI53cAE4SuvwwetMNb7qwkryfNHzy1WPvHadicMhzly1Yw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
859bbd093d54491c-LHR
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/bootstrap.min.js
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://simcredits.net/
Origin
https://simcredits.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8972137
x-jsd-version
4.0.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230045-FRA, cache-lcy-eglc8600059-LCY
x-jsd-version-type
version
server
cloudflare
etag
W/"bf30-qVRYMYA7E1nP7tR+O01rrmjkDpk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBDjX%2FemigFZMd8sh69fa0zZMDycwqojPmxgfXasCtNWylGNlS396brBlfMvFeyhAPPBEZMfJgvxOfKGgPWxQh8xecm5sXqlnwC3Hg74iG5GFWuzVkSv0o%2BKIgCiB7T8SWRmolVp3e8FRyjKO0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
859bbd093d55491c-LHR
font-awesome.min.css
simcredits.net/fonts/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcredits.net/fonts/css/font-awesome.min.css
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::208 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:29 GMT
content-encoding
gzip
server
Apache
x-cdn-cache-status
MISS
vary
Accept-Encoding
x-via
CDG1
content-type
text/html; charset=iso-8859-1
x-origin-cache-status
EXPIRED
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2207596415306425
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
787895013574952b8388ed9f1d243b64018d673c8c9c3661ab739f122b13356f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcredits.net/
Origin
https://simcredits.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51173
x-xss-protection
0
server
cafe
etag
13331198953750251187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 23 Feb 2024 01:36:32 GMT
k57pjy7izt
www.clarity.ms/tag/ 		650 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/k57pjy7izt
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1644af2f4738b800e650b72bf7ffcfcffafaf9f8ee4281b4ea4848256eb55652

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires
-1
date
Fri, 23 Feb 2024 01:36:32 GMT
x-azure-ref
20240223T013632Z-suc5dw3t754gf28a5d4hbsqywg00000003gg000000008bek
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
awcc.png
afe.pw/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afe.pw/img/awcc.png
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.116.64.168 North Bergen, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
668dfd0f0c48ec34e0e4373351174480a5ede54c4acce5c75b8adc9626773dc9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 01:36:32 GMT
Last-Modified
Mon, 15 Aug 2022 09:44:40 GMT
Server
nginx/1.24.0
ETag
"62fa1588-5e89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24201
etesalat.png
afe.pw/img/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afe.pw/img/etesalat.png
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.116.64.168 North Bergen, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e982836026199ac68d5cba5dc4de9a72ce1dde9d22c23852486f6fc99c037b08

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 01:36:32 GMT
Last-Modified
Mon, 15 Aug 2022 11:14:18 GMT
Server
nginx/1.24.0
ETag
"62fa2a8a-eda8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60840
roshan.png
afe.pw/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afe.pw/img/roshan.png
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.116.64.168 North Bergen, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
34b67748274a5e5b08b4fe9eebaad0f425f4ada1b50783d5fe3c57fa629dbbbd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 01:36:32 GMT
Last-Modified
Mon, 15 Aug 2022 09:53:44 GMT
Server
nginx/1.24.0
ETag
"62fa17a8-2b63"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11107
mtn.png
afe.pw/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afe.pw/img/mtn.png
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.116.64.168 North Bergen, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
734488390595444d4ec3b04f64f9a755b9fc33cb5c91264d5fc3fa1216164fba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 01:36:32 GMT
Last-Modified
Mon, 15 Aug 2022 10:11:00 GMT
Server
nginx/1.24.0
ETag
"62fa1bb4-13d8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5080
salaam.png
afe.pw/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afe.pw/img/salaam.png
Requested by
Host: simcredits.net
URL: https://simcredits.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.116.64.168 North Bergen, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
d17faf9b5cfe66a50ace353a45f3a68bcd57e5aabda6e75f5958cdc5a7cac50e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 01:36:32 GMT
Last-Modified
Mon, 15 Aug 2022 10:11:12 GMT
Server
nginx/1.24.0
ETag
"62fa1bc0-4f2d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20269
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/k57pjy7izt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:32 GMT
content-encoding
br
last-modified
Wed, 24 Jan 2024 14:33:55 GMT
etag
W/"0x8DC1CE97EB406F9"
vary
Accept-Encoding
x-azure-ref
20240223T013632Z-suc5dw3t754gf28a5d4hbsqywg00000003gg000000008ber
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5f5277e1-c01e-002b-21f2-63ae17000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2207596415306425&plah=simcredits.net&aplac=true&bust=31081331
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2207596415306425
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8caecb15e1ea1609a8691c291b5232c593fa5c5fd9d5873e4975e72078b277e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141470
x-xss-protection
0
server
cafe
etag
16276890806912692575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 23 Feb 2024 01:36:32 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 1E8D 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2207596415306425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcredits.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
6985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Feb 2024 23:40:07 GMT
etag
3890843268177463596
expires
Thu, 07 Mar 2024 23:40:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
o.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://simcredits.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://simcredits.net
Date
Fri, 23 Feb 2024 01:36:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
ads
googleads.g.doubleclick.net/pagead/ Frame B1DF 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2207596415306425&output=html&adk=1812271804&adf=3025194257&lmt=1708652192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fsimcredits.net%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708652192452&bpp=2&bdt=324&idt=240&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=238285188496&frm=20&pv=2&ga_vid=659436768.1708652193&ga_sid=1708652193&ga_hid=1586331891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C31081316%2C95324580%2C95325068%2C31081331%2C95320377%2C95320870%2C95324154%2C95324161&oid=2&pvsid=1439532606214737&tmod=1381821549&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2207596415306425&plah=simcredits.net&aplac=true&bust=31081331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcredits.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Feb 2024 01:36:32 GMT
expires
Fri, 23 Feb 2024 01:36:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=055ECA5846664F4A8E373D15EA5F5343&RedC=c.clarity.ms&MXFR=1A55B4E59DB46D151AF6A0CB99B463C7
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=055ECA5846664F4A8E373D15EA5F5343&MUID=1ECA2957FFAF66B62DA73D79FEBA679D
42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=055ECA5846664F4A8E373D15EA5F5343&MUID=1ECA2957FFAF66B62DA73D79FEBA679D
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 01:36:32 GMT
last-modified
Fri, 09 Feb 2024 19:55:32 GMT
server
Microsoft-IIS/10.0
etag
"2155d7f0915bda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 23 Feb 2024 01:36:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C428AD44723843B0BC7C43924C9ACBA1 Ref B: LTSEDGE2121 Ref C: 2024-02-23T01:36:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=055ECA5846664F4A8E373D15EA5F5343&MUID=1ECA2957FFAF66B62DA73D79FEBA679D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2207596415306425&plah=simcredits.net&aplac=true&bust=31081331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af6612519a78d8e0d64274e31ed48b532a59f31d1585d17fa48453d06474629c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12411
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2207596415306425&plah=simcredits.net&aplac=true&bust=31081331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Feb 2024 01:36:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AD8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcredits.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
35890
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Feb 2024 15:38:23 GMT
expires
Fri, 21 Feb 2025 15:38:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 692B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
53b671b93ee23ab9197b8a5d18056ed9cb51ea818c0d98cc4a43b20a14ec683d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5uZanIvVJLxeQwSRa7lM0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcredits.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5uZanIvVJLxeQwSRa7lM0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Feb 2024 01:36:33 GMT
expires
Fri, 23 Feb 2024 01:36:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame 4AD8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
36493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15302
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Feb 2025 15:28:20 GMT
generate_204
tpc.googlesyndication.com/ Frame 4AD8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3fZNtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:36:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 692B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=1439532606214737&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers
collect
o.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://simcredits.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://simcredits.net
Date
Fri, 23 Feb 2024 01:36:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=1439532606214737&bg=!WFulWxTNAAZ3BdUuVwU7ADQBe5WfOIzQDGyFizRAQzcWLjLOWkWU5zJXsokTMTV2rLlvLmegulGXnNB1v-TyyDUSt0eXAgAAADNSAAAAAWgBB5kC85fxdKAY4Lopm52CUf-CMoFQ_NTQGvl27mFNtlmqJqc6R9ouxWoD8BHofLzd8Ndh9334agqjrgzcLrcNInPrN1yTSO-ddQKWNHt9pMothpfIRnaljsDQG6JH0BAE2DlJOKh5tMZhZxz4y3H_RO3FENnyaY9DkTvVSSeYUkGnuv3I1xVDbgvtbbzPqnCIfyKNk6G7PIq3CwdgRQH6aj1xo2jjHiihvjGJf84MvB8xPsqwoYRxjhJWk6stg3vms7YvlROd7dlsoWWDO0sx9HVbokZ4MamTsElRT5bK7lEcCczxzPjQ9nOV3i-u0_ZQW8W59qLAeeFve0HFts6XAgoIkXXxy74qvZLjroAs9SkZBJ67TM3upU4Ths6r--wKkJiSIylpVJNsNrZGqFXuPcpoPoNn6uhlEhSVlIJ1ZKaTnrRU7EwxjxPgRrZiCRM4yPPJTRVmyIKqzGBEA5EtLs7kBsqGTX256ClkT8ARZVgWCETCc8csL-HyxslHIcd3p_fR6YYLGNJo-DT4nmtdaZwjwvR325zmR90hBNfRXhHNcJIz0TnMbeTsMRxCSFoAJVDU-nXQ07SNyr1F2y3FDypkc2QHuF8-Ol2BhUB3_oMINPmUjEdzlnniofAZL_1mV_6pK_k4fNlZzkPOIYwCnuZUW80LtqHBwuDppF3RDPP-S74sGESKIf0zGGSlTEOyj5a6RxE3AM6gckbCrlsZp5h1ejMgjJrY2-7y6l4fYzNdoL0RVSE5VDrWzGzn9oec1N6p6SCrftg1RxeOsxPAsUakGMogrVMcpbxfQI1S1IxK2yjrurokHTLqWeP20N5STH_AqulXNE_ocLdegmD8F4xMoySiLW_Qk1dSAcdOjQZjV5uKoXMtCdxR2AmKx04q9RZAgtfpXfJW3e--MAAXyINvtZNx6UIHmu5LqxKBd89wv-MKokUiHi8wa2opl1Z4965L9RN7Fha6ZZOif59g4pMa47IICr4rXC8I8FApTrsWLaABz97I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://simcredits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers
collect
o.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://simcredits.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://simcredits.net
Date
Fri, 23 Feb 2024 01:36:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| Popper object| bootstrap function| clarity function| showInput object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 52a2d9609fad4adaa8b0292bb8fd057c.20240223.20250222
.simcredits.net/ Name: _clck
Value: v7pnxp%7C2%7Cfji%7C0%7C1514
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.simcredits.net/ Name: _clsk
Value: xx23gx%7C1708652192948%7C1%7C1%7Co.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 1ECA2957FFAF66B62DA73D79FEBA679D
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1ECA2957FFAF66B62DA73D79FEBA679D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1ECA2957FFAF66B62DA73D79FEBA679D
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

17 Console Messages

Source Level URL
Text
network error URL: https://simcredits.net/fonts/css/font-awesome.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://simcredits.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afe.pw
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
code.jquery.com
googleads.g.doubleclick.net
o.clarity.ms
pagead2.googlesyndication.com
simcredits.net
tpc.googlesyndication.com
www.clarity.ms
www.google.com
2606:4700::6810:5914
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:831::2001
2a04:4e42::649
2a07:7800::208
52.152.143.207
68.219.88.97
89.116.64.168
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
1644af2f4738b800e650b72bf7ffcfcffafaf9f8ee4281b4ea4848256eb55652
34b67748274a5e5b08b4fe9eebaad0f425f4ada1b50783d5fe3c57fa629dbbbd
53b671b93ee23ab9197b8a5d18056ed9cb51ea818c0d98cc4a43b20a14ec683d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668dfd0f0c48ec34e0e4373351174480a5ede54c4acce5c75b8adc9626773dc9
734488390595444d4ec3b04f64f9a755b9fc33cb5c91264d5fc3fa1216164fba
787895013574952b8388ed9f1d243b64018d673c8c9c3661ab739f122b13356f
8caecb15e1ea1609a8691c291b5232c593fa5c5fd9d5873e4975e72078b277e2
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
af6612519a78d8e0d64274e31ed48b532a59f31d1585d17fa48453d06474629c
ba57917264aae29691ae38382c49aadf7a9ba0d904e2e71c24b9036410df3de8
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d17faf9b5cfe66a50ace353a45f3a68bcd57e5aabda6e75f5958cdc5a7cac50e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e982836026199ac68d5cba5dc4de9a72ce1dde9d22c23852486f6fc99c037b08
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8