urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://financeinvest.xyz/
Effective URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Submission Tags: suspect
Submission: On May 26 via api from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 74 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 988435.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 9th 2023. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.178.23 32244 (LIQUIDWEB)
10 45.79.244.12 63949 (AKAMAI-LI...)
1 2a04:4e42::649 54113 (FASTLY)
1 104.21.234.176 13335 (CLOUDFLAR...)
2 2600:3c02:1::... 63949 (AKAMAI-LI...)
3 104.17.24.14 13335 (CLOUDFLAR...)
25 2a02:26f0:280... 20940 (AKAMAI-ASN1)
1 23.201.124.64 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.16.133.229 13335 (CLOUDFLAR...)
3 172.217.18.2 15169 (GOOGLE)
1 2a04:4e42::485 54113 (FASTLY)
1 3.211.151.65 14618 (AMAZON-AES)
2 2620:116:800d... 16509 (AMAZON-02)
6 34.107.217.107 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 142.250.185.232 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 34.117.250.57 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
74 23
2    72.52.178.23 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
financeinvest.xyz
10    45.79.244.12 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-244-12.ip.linodeusercontent.com
simcast.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.21.234.176 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
2    2600:3c02:1::2d4f:f4d1 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
parking3.parklogic.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
25    2a02:26f0:280:6::213:7ac9 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    23.201.124.64 (Curitiba, Brazil)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-124-64.deploy.static.akamaitechnologies.com
img.s-msn.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.16.133.229 (None, )

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
3    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    3.211.151.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-151-65.compute-1.amazonaws.com
p2.gcprivacy.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
6    34.107.217.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.217.107.34.bc.googleusercontent.com
static.anonymised.io
aegis.anonymised.io
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2600:9000:223c:5400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    34.117.250.57 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 57.250.117.34.bc.googleusercontent.com
material.anonymised.io
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
25 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 259
332 KB
10 anonymised.io
static.anonymised.io — Cisco Umbrella Rank: 13847
material.anonymised.io — Cisco Umbrella Rank: 13259
aegis.anonymised.io — Cisco Umbrella Rank: 14023
37 KB
10 simcast.com
simcast.com — Cisco Umbrella Rank: 988435
103 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
329 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
cloudflare.com — Cisco Umbrella Rank: 96
7 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
171 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1387
pixel.quantserve.com — Cisco Umbrella Rank: 1107
10 KB
2 parklogic.com
parking3.parklogic.com — Cisco Umbrella Rank: 200094
2 KB
2 financeinvest.xyz
financeinvest.xyz
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1410
633 B
1 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
10 KB
1 gcprivacy.com
p2.gcprivacy.com — Cisco Umbrella Rank: 18185
285 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
1 KB
1 s-msn.com
img.s-msn.com — Cisco Umbrella Rank: 9609
1016 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 24875
142 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
30 KB
0 hbwrapper.com Failed
cat3.hbwrapper.com Failed
74 19
Domain Requested by
25 img-s-msn-com.akamaized.net simcast.com
10 simcast.com financeinvest.xyz
simcast.com
code.jquery.com
4 material.anonymised.io static.anonymised.io
4 static.anonymised.io www.googletagmanager.com
static.anonymised.io
4 www.googletagmanager.com simcast.com
cdn.adapex.io
www.googletagmanager.com
3 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
3 cdnjs.cloudflare.com simcast.com
static.anonymised.io
2 aegis.anonymised.io static.anonymised.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 parking3.parklogic.com simcast.com
parking3.parklogic.com
2 financeinvest.xyz financeinvest.xyz
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.quantserve.com simcast.com
1 fonts.googleapis.com client
1 rules.quantcount.com secure.quantserve.com
1 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
1 secure.quantserve.com www.googletagmanager.com
1 p2.gcprivacy.com cdn.adapex.io
1 cdn.jsdelivr.net cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 img.s-msn.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 cat3.hbwrapper.com Failed cdn.adapex.io
74 24

This site contains no links.

Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-09 -
2024-08-29		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
adapex.io
E1		 2024-04-21 -
2024-07-20		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-20 -
2025-02-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
*.img.s-msn.com
Microsoft Azure ECC TLS Issuing CA 02		 2023-08-17 -
2024-06-27		 10 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2024-01-30 -
2024-12-31		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.gcprivacy.com
Amazon RSA 2048 M03		 2023-11-03 -
2024-12-01		 a year crt.sh
quantserve.com
R3		 2024-04-25 -
2024-07-24		 3 months crt.sh
anonymised.io
GTS CA 1D4		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Frame ID: 19E934D8C717022775C42BD22A32AE9B
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://financeinvest.xyz/ HTTP 307
    https://financeinvest.xyz/ HTTP 307
    http://financeinvest.xyz/ Page URL
  2. http://financeinvest.xyz/page/bouncy.php?&bpae=GbhOdycGokx7j2%2FtWlp6iX0RPTb9elBfpp46lqkwImpf9Wckwf0j... Page URL
  3. https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

74
Requests

96 %
HTTPS

50 %
IPv6

19
Domains

24
Subdomains

23
IPs

4
Countries

1202 kB
Transfer

2870 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://financeinvest.xyz/ HTTP 307
    https://financeinvest.xyz/ HTTP 307
    http://financeinvest.xyz/ Page URL
  2. http://financeinvest.xyz/page/bouncy.php?&bpae=GbhOdycGokx7j2%2FtWlp6iX0RPTb9elBfpp46lqkwImpf9Wckwf0j8kVOenwLHRdDRCFnzOMf72k0vqfviR7tvHgCZS1wGjblg3CnAy9COVRiAh9xfz0TkFEBNV6CCOl2026V8vn81DYAlAFZH1sl3JR65QSEbZy7FIXnk4OQ8rmH6jn2uKWtQLNYW592seOwgS3hEySseUL5h8%2Bn9LeMydJSNlEGlHVM%2BmwaIu%2FJf%2F6Kb6qcWVCVDwJEA8zfA32jTtqM4NH70IJkAKeK2VXikyYUCpPok2LzAET652YsIPwe0KjBKrqlc0gYaXJUAyv1ZWwO2PbeBdHlXUISLpFFfVuePkpMjMz5v%2FYu3SvblkE1qOXf7ie6CZBKHXTQjOMbFdfxYauRD4GCkIIyy8uUGQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://financeinvest.xyz/ HTTP 307
  • https://financeinvest.xyz/ HTTP 307
  • http://financeinvest.xyz/

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
financeinvest.xyz/
Redirect Chain
  • http://financeinvest.xyz/
  • https://financeinvest.xyz/
  • http://financeinvest.xyz/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://financeinvest.xyz/
Protocol
HTTP/1.1
Server
72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1918
Content-Type
text/html; charset=UTF-8
Date
Sun, 26 May 2024 19:30:44 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16

Redirect headers

Location
http://financeinvest.xyz/
Non-Authoritative-Reason
HttpsUpgrades
bouncy.php
financeinvest.xyz/page/ 		706 B
983 B 		Document
General
Check archive.org
Download Go to
Full URL
http://financeinvest.xyz/page/bouncy.php?&bpae=GbhOdycGokx7j2%2FtWlp6iX0RPTb9elBfpp46lqkwImpf9Wckwf0j8kVOenwLHRdDRCFnzOMf72k0vqfviR7tvHgCZS1wGjblg3CnAy9COVRiAh9xfz0TkFEBNV6CCOl2026V8vn81DYAlAFZH1sl3JR65QSEbZy7FIXnk4OQ8rmH6jn2uKWtQLNYW592seOwgS3hEySseUL5h8%2Bn9LeMydJSNlEGlHVM%2BmwaIu%2FJf%2F6Kb6qcWVCVDwJEA8zfA32jTtqM4NH70IJkAKeK2VXikyYUCpPok2LzAET652YsIPwe0KjBKrqlc0gYaXJUAyv1ZWwO2PbeBdHlXUISLpFFfVuePkpMjMz5v%2FYu3SvblkE1qOXf7ie6CZBKHXTQjOMbFdfxYauRD4GCkIIyy8uUGQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: financeinvest.xyz
URL: http://financeinvest.xyz/
Protocol
HTTP/1.1
Server
72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://financeinvest.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
706
Content-Type
text/html; charset=UTF-8
Date
Sun, 26 May 2024 19:30:44 GMT
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Primary Request /
simcast.com/ 		37 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Requested by
Host: financeinvest.xyz
URL: http://financeinvest.xyz/page/bouncy.php?&bpae=GbhOdycGokx7j2%2FtWlp6iX0RPTb9elBfpp46lqkwImpf9Wckwf0j8kVOenwLHRdDRCFnzOMf72k0vqfviR7tvHgCZS1wGjblg3CnAy9COVRiAh9xfz0TkFEBNV6CCOl2026V8vn81DYAlAFZH1sl3JR65QSEbZy7FIXnk4OQ8rmH6jn2uKWtQLNYW592seOwgS3hEySseUL5h8%2Bn9LeMydJSNlEGlHVM%2BmwaIu%2FJf%2F6Kb6qcWVCVDwJEA8zfA32jTtqM4NH70IJkAKeK2VXikyYUCpPok2LzAET652YsIPwe0KjBKrqlc0gYaXJUAyv1ZWwO2PbeBdHlXUISLpFFfVuePkpMjMz5v%2FYu3SvblkE1qOXf7ie6CZBKHXTQjOMbFdfxYauRD4GCkIIyy8uUGQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
dc4cbc496d683bd310ded5b601e2cc4c0bd0ed81bafb5522c7c35d591a3886ee

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://financeinvest.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
7253
content-type
text/html; charset=UTF-8
date
Sun, 26 May 2024 19:30:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://www.google.com
Origin
https://simcast.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
8670343
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-fra-etou8220117-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1716751847.682623,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
45, 238910
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:46 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 00:43:56 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5d2abe6bdeb00-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
4273
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:46 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:31:18 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-5d2a935d4d580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
12209
lib.js
simcast.com/templates/simcast/js/ 		856 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:46 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 03:31:19 GMT
server
Apache/2.4.38 (Debian)
etag
"358-5d39fa3726fc0-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
application/javascript
connection
Upgrade
accept-ranges
bytes
content-length
459
aaw.simcast.js
cdn.adapex.io/hb/ 		440 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.simcast.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b64869b5ee8b1cbc4a4a40b40afb6b15634cb34dd197e2121df54b4b5fb3ef0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33456
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 21 May 2024 10:07:32 GMT
server
cloudflare
etag
W/"664c7264-6de3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CB5nETcIe0m3jOQYJkPjB5Qs1tpo00ljxTK2BcSvfN6dr4pJMzqBgpaBkN%2Fs66QbrnA8nGPVkv77VoryqwzHK2Qq%2F3Tgs3IwHNQoomSiSWbHM9BIk6Pg6uah1c5Wk0qm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
88a02e83f9104db0-FRA
expires
Sun, 26 May 2024 11:41:07 GMT
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:46 GMT
last-modified
Thu, 09 Dec 2021 00:46:50 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5d2abf11cf280"
upgrade
h2
content-type
image/png
connection
Upgrade
accept-ranges
bytes
content-length
1319
enhance.js
parking3.parklogic.com/page/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parking3.parklogic.com/page/enhance.js?pcId=56&domain=financeinvest.xyz
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c02:1::2d4f:f4d1 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
23468b573ea36e13efaa55df94be8fc0afa632d1e3171bdbd6fa3df599a4852f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:46 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
connection
close
x-powered-by
PHP/5.5.38
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
67844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1399
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxNahvppZ8GYtJwAht7uCCQaGubTYsFBvMPVZpiFeRGcIfLbCKvBjOgYgWmylmGIjxkf9%2FVKdWu2z9Ahx%2Bmt8GOcrUKXaFnvRuV2BYbo%2B9NgXMv2AzzTmohGQ03Ueylc7vjRfOpv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88a02e83fd342c63-FRA
expires
Fri, 16 May 2025 19:30:47 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
56300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1541
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JToGlbnXyLu%2FHWzRx8ZarW74tR0voaaD6wcWctSlMyoYtFBogzzbCxCMD8GmvjqdFWlRjBqDfN1m%2B0TrXeEbyl6qBs1JEgF9yKwJCDtm3r%2Fs8Y%2FgW2Stv%2Bnq0aeFT9FMmqpFX0P9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88a02e83fd2b2c63-FRA
expires
Fri, 16 May 2025 19:30:47 GMT
modal.css
simcast.com/widgets/modal/ 		992 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:56 GMT
server
Apache/2.4.38 (Debian)
etag
"3e0-5d2ab305a0600-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
352
BB1n5pay.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n5pay.img?h=100&w=100&x=694.5&y=218.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9016ef6ab0c80848913a716110cc8c43ce50b089f0cc5f420f02932d69d229cd
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 19:17:18 GMT
x-resizerversion
1.0
x-source-length
140660
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431210
x-activityid
fd10a944-9852-421b-b4a9-8b8052ad8a88
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n5pay?h=100&w=100&x=694.5&y=218.5&m=5
timing-allow-origin
*
content-length
8192
expires
Fri, 31 May 2024 19:17:37 GMT
AA6KiAV.img
img.s-msn.com/tenant/amp/entityid/ 		498 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.s-msn.com/tenant/amp/entityid/AA6KiAV.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.124.64 Curitiba, Brazil, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-124-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
683e4d91832ed1a75f28518fb24f18c87590144e8e40c819e842c61371ca7c9c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Date
Sun, 26 May 2024 19:30:48 GMT
Last-Modified
Thu, 23 May 2024 09:15:03 GMT
X-ResizerVersion
1.0
X-Datacenter
eastus
X-Source-Length
498
X-Frame-Options
DENY
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=135847
X-ActivityId
39839a6e-34bc-4fe1-85de-55f94fb142eb
Connection
keep-alive
Timing-Allow-Origin
*
Content-Location
https://img.s-msn.com/tenant/amp/entityid/AA6KiAV
Content-Length
498
Expires
Tue, 28 May 2024 09:14:55 GMT
BB1n59aw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n59aw.img?h=100&w=100&x=358&y=175&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
39ff63823fd25741720244e59db747d04ad20e6f0cb7bbc91972a666ea9521c2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 15:21:03 GMT
x-resizerversion
1.0
x-source-length
27624
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=417017
x-activityid
fc599186-a261-4701-9120-38b8b4f5d7aa
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n59aw?h=100&w=100&x=358&y=175&m=5
timing-allow-origin
*
content-length
4096
expires
Fri, 31 May 2024 15:21:04 GMT
AAzjSw3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzjSw3.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Fri, 24 May 2024 02:00:52 GMT
x-resizerversion
1.0
x-source-length
3247
x-datacenter
westus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=196242
x-activityid
8b5e8a18-7c81-4f6e-b775-238d96ce8566
content-location
https://img.s-msn.com/tenant/amp/entityid/AAzjSw3
timing-allow-origin
*
content-length
3247
expires
Wed, 29 May 2024 02:01:29 GMT
BB1mUrnY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1mUrnY.img?h=100&w=100&x=1059.5&y=530.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
29404cf6255eff834f2b85f5a3850b48052a4cd46c91cae2e7af923e56287159
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Thu, 23 May 2024 14:04:50 GMT
x-resizerversion
1.0
x-source-length
209837
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=153161
x-activityid
ee75b966-14fe-44a0-9859-8b04f86c30df
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1mUrnY?h=100&w=100&x=1059.5&y=530.5&m=5
timing-allow-origin
*
content-length
4096
expires
Tue, 28 May 2024 14:03:28 GMT
AA13ujqB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13ujqB.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a15b174d14d596b8d6ae04a53a60c14492998dc3d3bfbe0f8e1d9514937f95a8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Mon, 29 Apr 2024 22:16:06 GMT
x-resizerversion
1.0
x-source-length
5588
x-datacenter
westus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=53065
x-activityid
ddcdfa26-bc39-46b4-ba45-e76db956dd28
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13ujqB
timing-allow-origin
*
content-length
5588
expires
Mon, 27 May 2024 10:15:12 GMT
BB1n5j1R.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n5j1R.img?h=100&w=100&x=960&y=540&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3e316ecbe2a133db88d0b1d7d2e45ad0f47cb6c90535f0b7b7dca819fc4af919
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 16:46:28 GMT
x-resizerversion
1.0
x-source-length
211012
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=422089
x-activityid
f43b0dce-6bb2-4f7a-8d08-80766151dfce
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n5j1R?h=100&w=100&x=960&y=540&m=5
timing-allow-origin
*
content-length
4096
expires
Fri, 31 May 2024 16:45:36 GMT
BBZbaoj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		351 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Mon, 13 May 2024 22:05:40 GMT
x-resizerversion
1.0
x-source-length
351
x-datacenter
westus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=95801
x-activityid
9185f991-78c4-40dc-969e-90b88a741e3e
content-location
https://img.s-msn.com/tenant/amp/entityid/BBZbaoj
timing-allow-origin
*
content-length
351
expires
Mon, 27 May 2024 22:07:28 GMT
BB1n5cN7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n5cN7.img?h=100&w=100&x=626&y=248&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12cd4d2b2c465ccb86a83f73b1d7e98dd753e934b53f57f18fb015527c2e26c1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 18:45:15 GMT
x-resizerversion
1.0
x-source-length
212630
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429297
x-activityid
234c74e1-6a0d-412a-929e-1e3f3a7c4cd0
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n5cN7?h=100&w=100&x=626&y=248&m=5
timing-allow-origin
*
content-length
4096
expires
Fri, 31 May 2024 18:45:44 GMT
BB1mBMNe.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1mBMNe.img?h=500&w=1000&x=600&y=400&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a0b499441d78346fd987e1432fafbbb27afb833dfb44d722306e8fc222fb43d4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 19:25:51 GMT
x-resizerversion
1.0
x-source-length
254891
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431664
x-activityid
e64c1f6a-9e64-43ca-9eb7-484a63269988
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1mBMNe?h=500&w=1000&x=600&y=400&m=2
timing-allow-origin
*
content-length
131072
expires
Fri, 31 May 2024 19:25:11 GMT
BB1n2gpb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n2gpb.img?h=70&w=95&x=620&y=269&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cb4878150515e7fa2f1c0eda36eb0826724ce8e3cf06486ec69c1cb3339cc277
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sat, 25 May 2024 13:21:30 GMT
x-resizerversion
1.0
x-source-length
103158
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=323443
x-activityid
2f3aa1fa-fc97-4d13-9c6b-b280c99475c3
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n2gpb?h=70&w=95&x=620&y=269&m=5
timing-allow-origin
*
content-length
4096
expires
Thu, 30 May 2024 13:21:30 GMT
AA1mP0bP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1mP0bP.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14639f1f1a28642bc4c8dc2d3422f93211a4ca2c0b9d8ae00d1c9550092814b4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Wed, 27 Mar 2024 17:41:19 GMT
x-resizerversion
1.0
x-source-length
7198
x-datacenter
eastap
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=296421
x-activityid
9161420e-8a46-4a9d-a690-f9671d7c0995
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1mP0bP
timing-allow-origin
*
content-length
7198
expires
Thu, 30 May 2024 05:51:08 GMT
BB1mUaJA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1mUaJA.img?h=70&w=95&x=450&y=600&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1c5f01a9226ca0a6ce97234c6aac7e0d3ea5bf8c9e700cc4f8a5b6056da205e5
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Thu, 23 May 2024 11:05:12 GMT
x-resizerversion
1.0
x-source-length
144795
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=142491
x-activityid
c1ab9ef3-4374-4150-9922-32d0cee71582
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1mUaJA?h=70&w=95&x=450&y=600&m=5
timing-allow-origin
*
content-length
4096
expires
Tue, 28 May 2024 11:05:38 GMT
AAYrVG5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAYrVG5.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
413a071d1c806bb7e4c8e2d5a83e5eb3533bbd03de21bb71fb2ca6faebe8dbe9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 05 May 2024 03:10:57 GMT
x-resizerversion
1.0
x-datacenter
eastap
x-source-length
1723
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=114074
x-activityid
f3b7344d-f691-497a-8d1f-977a54b6efa9
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAYrVG5
content-length
1723
expires
Tue, 28 May 2024 03:12:01 GMT
BB1n4Jr3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n4Jr3.img?h=70&w=95&x=400&y=200&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ace673ab35f92a6c0135ed64e4ccd7aae142558d2f8a48ee932d97c84d2a8960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 13:24:52 GMT
x-resizerversion
1.0
x-source-length
72307
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=409972
x-activityid
88a1a554-da35-40e6-a6d4-ae4c7f98d1d0
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n4Jr3?h=70&w=95&x=400&y=200&m=5
timing-allow-origin
*
content-length
4096
expires
Fri, 31 May 2024 13:23:39 GMT
BB1mUaC1.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1mUaC1.img?h=70&w=95&x=600&y=400&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
68d60233f94276bba975ad88c291b88c60c89c9fb908e71bc6913591bba4cd56
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Thu, 23 May 2024 10:54:24 GMT
x-resizerversion
1.0
x-source-length
138250
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=141797
x-activityid
1aae09f4-363f-4109-a66a-43407fb99dd8
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1mUaC1?h=70&w=95&x=600&y=400&m=5
timing-allow-origin
*
content-length
4096
expires
Tue, 28 May 2024 10:54:04 GMT
AA1g05df.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1g05df.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9339c33571d78f6a8509cd45984cee45fc2b9268d590d8a2a458914bc12d9e69
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Tue, 07 May 2024 06:31:16 GMT
x-resizerversion
1.0
x-source-length
10553
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=299037
x-activityid
c1f7948b-9cbb-48e8-b426-afc8db30a82a
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1g05df
timing-allow-origin
*
content-length
10553
expires
Thu, 30 May 2024 06:34:44 GMT
BB1n1Wkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n1Wkn.img?h=70&w=95&x=600&y=404&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
91c00ece7df64547afbba59f53d5c652f2c98dcc5fc67a3ea15cdae9b7449d29
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sat, 25 May 2024 10:38:02 GMT
x-resizerversion
1.0
x-source-length
177000
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=313558
x-activityid
cf11afdd-7b81-42fc-95bd-8f4e9395bf34
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n1Wkn?h=70&w=95&x=600&y=404&m=5
timing-allow-origin
*
content-length
4096
expires
Thu, 30 May 2024 10:36:45 GMT
AA1fZKnL.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1fZKnL.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb2bd4808264f978639b4d45fcfc11c203686fda2e55098192568315c6eec3a8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Tue, 07 May 2024 14:52:01 GMT
x-resizerversion
1.0
x-source-length
8017
x-datacenter
eastap
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=329793
x-activityid
32d31fd9-723a-459a-bdad-37299af84b9a
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1fZKnL
timing-allow-origin
*
content-length
8017
expires
Thu, 30 May 2024 15:07:20 GMT
BB1n5pay.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n5pay.img?h=70&w=95&x=694.5&y=218.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6a6f124c02a1e598339fb0987c7b41c8725b7341f967f5f9660535d8caeb6549
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 18:54:05 GMT
x-resizerversion
1.0
x-source-length
140660
x-datacenter
eastap
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429852
x-activityid
07fdf26a-413b-45bf-a856-0d0bdb7b94dc
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n5pay?h=70&w=95&x=694.5&y=218.5&m=5
timing-allow-origin
*
content-length
4096
expires
Fri, 31 May 2024 18:54:59 GMT
BB1jpAei.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1jpAei.img?h=70&w=95&x=400&y=200&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
64a1c6ae1966f9fc6f11b961cd5d3ceccb5b325028f7bb8191350eabd53fa127
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sat, 25 May 2024 21:26:10 GMT
x-resizerversion
1.0
x-source-length
58831
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=352526
x-activityid
9e3649f0-80b8-4dbf-bfea-fad0261c18a9
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1jpAei?h=70&w=95&x=400&y=200&m=5
timing-allow-origin
*
content-length
4096
expires
Thu, 30 May 2024 21:26:13 GMT
BB1n4ZoB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n4ZoB.img?h=70&w=95&x=739.5&y=271.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
310085a8254cd4e850f6abb9743b061f1286664322fddee03a371121fd6aedeb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 15:40:35 GMT
x-resizerversion
1.0
x-source-length
134878
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=418129
x-activityid
5c1ccdba-e6b0-4a27-845e-b94c77fa9d42
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n4ZoB?h=70&w=95&x=739.5&y=271.5&m=5
timing-allow-origin
*
content-length
4096
expires
Fri, 31 May 2024 15:39:36 GMT
BB1n4N8t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n4N8t.img?h=70&w=95&x=522.5&y=144.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
54b79b8e3a16ca51f52dc2797a951ce9beeff20374c6ff16c931251f3eb1a835
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sun, 26 May 2024 18:47:29 GMT
x-resizerversion
1.0
x-source-length
108874
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429402
x-activityid
f5cdf081-1b62-4cf9-84de-311c9ec9401c
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n4N8t?h=70&w=95&x=522.5&y=144.5&m=5
timing-allow-origin
*
content-length
4096
expires
Fri, 31 May 2024 18:47:29 GMT
AA1gq9ck.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1gq9ck.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3bd77a6185835cefa1f6a8435ba03cf7f165200be6315c732b68d88818bc6df1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Thu, 28 Mar 2024 21:43:21 GMT
x-resizerversion
1.0
x-source-length
3885
x-datacenter
northeu
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=397132
x-activityid
420f819f-7500-4ed6-82e7-8c1edbe8baa7
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1gq9ck
timing-allow-origin
*
content-length
3885
expires
Fri, 31 May 2024 09:49:39 GMT
BB1n2d7v.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1n2d7v.img?h=300&w=400&x=600&y=399.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2761e85c12ed54dc72f3d1efebabff77c48837ebf0845e2c2c639e7fd924d502
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sat, 25 May 2024 12:37:09 GMT
x-resizerversion
1.0
x-source-length
158783
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=320807
x-activityid
ddb32780-51d3-4179-a151-27669abf7f39
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1n2d7v?h=300&w=400&x=600&y=399.5&m=2
timing-allow-origin
*
content-length
32768
expires
Thu, 30 May 2024 12:37:34 GMT
BB1lL65G.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1lL65G.img?h=300&w=400&x=784&y=375&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:6::213:7ac9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
266cd41cbc6cd1c83bd7dfa85049d0a03ce809632be7cf1f350787da80688321
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Sat, 25 May 2024 00:11:49 GMT
x-resizerversion
1.0
x-source-length
121029
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=276078
x-activityid
2898acc6-5a6b-45a8-b27d-ce2a9aaf449b
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1lL65G?h=300&w=400&x=784&y=375&m=2
timing-allow-origin
*
content-length
65536
expires
Thu, 30 May 2024 00:12:05 GMT
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:06 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5d2ab2d5f1580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
351
js
www.googletagmanager.com/gtag/ 		203 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8997df1237085f6e5a1c901640e60026d1091f5f369028551ddc6d4934f0f11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75005
x-xss-protection
0
last-modified
Sun, 26 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 May 2024 19:30:47 GMT
scribe.php
parking3.parklogic.com/page/ 		46 B
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://parking3.parklogic.com/page/scribe.php?pcId=56&domain=financeinvest.xyz&pId=2739&usid=null&utid=null&query=null&domainJs=simcast.com&path=/&ss=true&lp=1
Requested by
Host: parking3.parklogic.com
URL: https://parking3.parklogic.com/page/enhance.js?pcId=56&domain=financeinvest.xyz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c02:1::2d4f:f4d1 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
e9b5a209bb45f7d6f760111c08135c18ff5ad6ace1bfbfe8d77f796d00d18f41

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-origin
*
date
Sun, 26 May 2024 19:30:47 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
connection
close
x-powered-by
PHP/5.5.38
transfer-encoding
chunked
content-type
text/html;charset=UTF-8
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://www.google.com
Origin
https://simcast.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
last-modified
Wed, 08 Dec 2021 21:32:06 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5d2a938b14180"
upgrade
h2
content-type
font/woff2
connection
Upgrade
accept-ranges
bytes
content-length
75440
/
cat3.hbwrapper.com/ 		0
0
trace
cloudflare.com/cdn-cgi/ 		278 B
386 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c128cbfbeee2cd8af285ddf32d0dfd08cd748db60438da758d08978225c3476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
content-type
text/plain

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
88a02e849b703657-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
610275a935b4fbad9167a8f2f0c99488c1d19bed6fef3681b94eae277392e4b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29949
x-xss-protection
0
server
cafe
etag
329 / 19869 / 31083928 / config-hash: 9677823490987414970
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 26 May 2024 19:30:47 GMT
gtm.js
www.googletagmanager.com/ 		371 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b7c7ed61f625265e7472a32706237f9b33b30459c262b22f7373e68c614f95d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95200
x-xss-protection
0
last-modified
Sun, 26 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 May 2024 19:30:47 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f05a50f21a635e5a1f2cae5a060bdd8d9c66e3a084d5ec26bbb47f4cb579179a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 26 May 2024 19:30:47 GMT
x-content-type-options
nosniff
content-encoding
br
age
12599
x-jsd-version
1.0.2068
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
757
x-served-by
cache-fra-eddf8230085-FRA
x-jsd-version-type
version
etag
W/"63d-sgsocBz37rediNkdA4F5i9TxHdU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rtd
p2.gcprivacy.com/v2/ 		19 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p2.gcprivacy.com/v2/rtd?pid=Q6CV1VBC&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dfinanceinvest.xyz%26pcid%3D50%26rid%3D206%26a%3D0&
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.151.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-151-65.compute-1.amazonaws.com
Software
/
Resource Hash
9bfe1bbdb54edf381f3b49b277e17504e1101e48f4ab612d78ab10f240544461

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
content-type
text/plain

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
19
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405220101/ 		452 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405220101/pubads_impl.js?cb=31083928
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
417c7e1b793dab1354daa456a61f7344f780ad31fff8e4fef024f4997f29942e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 16:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
10718
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144540
x-xss-protection
0
server
cafe
etag
8652273211762621675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 26 May 2025 16:32:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
9abeac09e442691384560e4273070f4a2a96b26a84f8f534ca98cebea29bffc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
450
x-xss-protection
0
expires
Sun, 26 May 2024 19:30:47 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 02 Jun 2024 19:30:47 GMT
loader.js
static.anonymised.io/light/ 		448 B
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1c7b6e1a10e57329701da6355553f5ee4a2fcad0579fee0c2a8b5b601696db36

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:21:19 GMT
content-encoding
gzip
age
568
x-guploader-uploadid
ABPtcPoQBWKfyPFXM4d-3pyGGprCJgaS6GkRZTUs2J8bP53wad1wlyLTaHENCzhCgYA_PExBZx0CVEx_Hg
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
last-modified
Thu, 16 May 2024 07:22:22 GMT
server
UploadServer
etag
"242abe1d7df2c664a904904bb44bda0c"
vary
Accept-Encoding
x-goog-generation
1715844142539081
x-goog-hash
crc32c=AOGnLw==, md5=JCq+HX3yxmSpBJBLtEvaDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=600
x-goog-stored-content-length
314
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 26 May 2024 19:31:19 GMT
22181265
fundingchoicesmessages.google.com/i/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22181265?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405220101/pubads_impl.js?cb=31083928
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e30ccb6a7b4034606e83911ffbac7e9b4cd26cecd091b68bf74b2378d43d607f
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-74igo39ou_j9St26tY_3Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-security-policy
script-src 'nonce-74igo39ou_j9St26tY_3Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw0JBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQt3--wDoTiIV4OJ7PPreJTaDhwMnFjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqZGxnoGZvEFBgDcKTbJ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
bundle.js
static.anonymised.io/light/ 		119 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/bundle.js?v=0.3.11
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a0666a78e58866b59dc3739c55e900ed6486cb6383893976ce65a02909abaa7a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:15:12 GMT
content-encoding
gzip
age
935
x-guploader-uploadid
ABPtcPoIara_yiyPKyFGnBPn1B3UFVii5ZP-jNgEPaAuI_EPi_aXdJ0yyoeHq909a9vSel_AZrw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33887
last-modified
Thu, 16 May 2024 07:22:20 GMT
server
UploadServer
etag
"52ca717766a3b945181b847a7d4da710"
vary
Accept-Encoding
x-goog-generation
1715844140166992
x-goog-hash
crc32c=WNRBEA==, md5=Uspxd2ajuUUYG4R6fU2nEA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=1200
x-goog-stored-content-length
33887
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 26 May 2024 19:35:12 GMT
rules-p-WFJsXCa9VD158.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 18:52:51 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2277
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Tue, 11 Apr 2023 19:39:28 GMT
server
AmazonS3
etag
"8451e96214684fb5c6ec4f91dde0548e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
0NbBtriLhK2UfxRbFT6kTYPcObZPDGNIalYUseef5yyWi-pU0MOqUg==
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7699b1aa142b429406ced6d26a112935d8bcc26763663ff50913cfe8b01ec5fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74976
x-xss-protection
0
last-modified
Sun, 26 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 May 2024 19:30:47 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RFSL1NPH34&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
80eb86866ea8cdc3f9463329db63b9ccf5a2d5b96d1e095e2c825292158fb2d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91103
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 May 2024 19:30:47 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 26 May 2024 18:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3699
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 26 May 2024 20:29:08 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		3 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
dfc881e25f452460b303912a9addfb9ad1ff678609f7329ce2967adb6e3a9095

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.google.com
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-length
23
expires
Thu, 19 Nov 1981 08:52:00 GMT
configs
material.anonymised.io/v3/tag/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://material.anonymised.io/v3/tag/configs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.250.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
allow
OPTIONS, GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 26 May 2024 19:30:47 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-request-id
WFntNyayJDFkxqLWMfFXVVCIUMRaaGvg
health
aegis.anonymised.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aegis.anonymised.io/health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://simcast.com
allow
OPTIONS, GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 26 May 2024 19:30:47 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
73b680e71a27e828f5760e40878db723
x-request-id
fvLeMGpexCGgpWYOIXZJCsIPhUmVzdAu
configs
material.anonymised.io/v3/tag/ 		3 B
144 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://material.anonymised.io/v3/tag/configs
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.250.117.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/json

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27
x-request-id
hNzZQtwacUcRErwosClJLqeGnSfgdpLE
health
aegis.anonymised.io/ 		2 B
146 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aegis.anonymised.io/health
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/json

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
via
1.1 google
server
Google Frontend
vary
Origin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
x-cloud-trace-context
408bae110d02dd3e5e5b70e557231dda
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-request-id
CEJAlgYoLJHbcjISppxSEHuHNacAuxrd
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de0d5c8115a1288e27d8bfd256692f28315b3d26cdd109c23f94d17d59ca0c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=31536000
date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 May 2024 19:30:47 GMT
pixel;r=751632053;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dfinanceinvest.xyz%26pcid%3D50%26rid%3D206%26a%3D0;ref=http%3A%2F%2Ffinanceinvest.xyz%2F;uht=2;fpan=1;fpa=P...
pixel.quantserve.com/ 		35 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=751632053;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dfinanceinvest.xyz%26pcid%3D50%26rid%3D206%26a%3D0;ref=http%3A%2F%2Ffinanceinvest.xyz%2F;uht=2;fpan=1;fpa=P0-1454879798-1716751847292;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=simcast.com;dst=1;et=1716751847367;tzo=-120;ogl=;ses=297a2b0d-b3e9-43d4-acc2-e180c27d75f6;mdl=
Requested by
Host: simcast.com
URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Sun, 26 May 2024 19:30:47 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=835456484&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dfinanceinvest.xyz%26pcid%3D50%26rid%3D206%26a%3D0&dr=http%3A%2F%2Ffinanceinvest.xyz%2F&ul=de-de&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1088263004&gjid=282859203&cid=277672018.1716751847&tid=UA-205158314-1&_gid=1397209416.1716751847&_r=1&gtm=457e45m0za200zb898301455&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=457543798
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 May 2024 19:30:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RFSL1NPH34&gtm=45je45m0v9124667839za200&_p=1716751847114&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=277672018.1716751847&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1716751847&sct=1&seg=0&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dfinanceinvest.xyz%26pcid%3D50%26rid%3D206%26a%3D0&dr=http%3A%2F%2Ffinanceinvest.xyz%2F&dt=Simcast%20News%20portal.&en=page_view&_fv=1&_ss=1&tfd=2585
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RFSL1NPH34&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Sun, 26 May 2024 19:30:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidderchecker.js
static.anonymised.io/light/ 		961 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/bidderchecker.js?v=0.3.11
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
722a4121ccf998eefa71a33203ddd5e99a0ba3243c0549cdf7302268fe0ba979

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:13:03 GMT
content-encoding
gzip
age
1064
x-guploader-uploadid
ABPtcPrTj15tEXj2ZjUGvjdXP_StOSX3gReaQ5Y50fIb07zxD97AgZCddL-zaziWCq19rkQZbhasxu6HXQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
387
last-modified
Thu, 16 May 2024 07:22:19 GMT
server
UploadServer
etag
"8ed4939d35a2eb716aed62e3779edde0"
vary
Accept-Encoding
x-goog-generation
1715844139219204
x-goog-hash
crc32c=qtTMBw==, md5=jtSTnTWi63Fq7WLjd57d4A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=1200
x-goog-stored-content-length
387
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 26 May 2024 19:33:03 GMT
timeme.min.js
cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/timeme.min.js
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
844237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1532
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-163a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e30p1bK8MAUllA%2Fdp%2FmJIfvMXzAT9K6c9%2BYzPGBA41%2FGg0idWWLfHbNEPYEmINa9omjAWMreX7105ovAviAZfnEp8R6e%2FVHowgDc0E2fK1%2B%2FCORbkrFLfaBlZqTUgCCYHlS16ugT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88a02e877b342c63-FRA
expires
Fri, 16 May 2025 19:30:47 GMT
interest-scores
material.anonymised.io/v3/anon/ 		13 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://material.anonymised.io/v3/anon/interest-scores
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.250.117.34.bc.googleusercontent.com
Software
/
Resource Hash
bd461e10d9b45659c302a27604a29eb231318bfaae5fd1ffc508cd57692b6feb

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/json

Response headers

date
Sun, 26 May 2024 19:30:47 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-request-id
KqcqCVFowyVLFsMGzhJxNBIvpUhAEeDc
interest-scores
material.anonymised.io/v3/anon/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://material.anonymised.io/v3/anon/interest-scores
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.250.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
allow
OPTIONS, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 26 May 2024 19:30:47 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-request-id
CxHHgRZpLuUROEDgopGnOEEfRtitmewd
collect.min.js
static.anonymised.io/light/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/collect.min.js?v=0.3.11
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d0fa3f2b7fc7758ad71071c8c55031a1a6fa25c306cf8413b8ee56e16d44ddb0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:11:25 GMT
content-encoding
gzip
age
1162
x-guploader-uploadid
ABPtcPrCTxQqOzl5Qe3gcf8rd28N6u_xxTMAKLnSXWAI8T9VrZMRgAaRaL0O6CMFTYFaQ0WLzDM
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2317
last-modified
Thu, 16 May 2024 07:22:20 GMT
server
UploadServer
etag
"874624bc6b92eb34a7cd76444f86e25b"
vary
Accept-Encoding
x-goog-generation
1715844140592093
x-goog-hash
crc32c=Ksy/iw==, md5=h0YkvGuS6zSnzXZET4biWw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=1200
x-goog-stored-content-length
2317
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 26 May 2024 19:31:25 GMT
favicon.png
simcast.com/templates/simcast/ 		486 B
749 B 		Other
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-244-12.ip.linodeusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
7962c200b80de04b6cd4fc25e4745f01c475bee72990d2933733140a3c26caba

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 26 May 2024 19:30:48 GMT
last-modified
Thu, 09 Dec 2021 00:44:01 GMT
server
Apache/2.4.38 (Debian)
etag
"1e6-5d2abe70a3640"
upgrade
h2
content-type
image/png
connection
Upgrade
accept-ranges
bytes
content-length
486

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cat3.hbwrapper.com
URL
https://cat3.hbwrapper.com/

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| LoadExt function| getCookie function| myConfirm function| myFunction object| usid object| utid string| path object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| dataLayer function| docReady object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue object| google_tag_manager object| _qevents object| ID5EspConfig undefined| google_measure_js_timing function| displayModal function| displayComment function| displayModalURL function| displayBroadCastModal function| quantserve function| __qc object| ezt object| _qoptions function| gtag string| GoogleAnalyticsObject function| ga object| regeneratorRuntime object| _anonymised_tag function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| gaplugins object| gaGlobal object| gaData object| TimeMe object| IdwCollect

9 Cookies

Domain/Path Name / Value
simcast.com/ Name: PHPSESSID
Value: co3lcm71b1n6mq6v86aq6tkmo3
simcast.com/ Name: uidinfer
Value: 256049803
simcast.com/ Name: mess
Value: 1
.simcast.com/ Name: _gid
Value: GA1.2.1397209416.1716751847
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.simcast.com/ Name: __qca
Value: P0-1454879798-1716751847292
.simcast.com/ Name: _ga_RFSL1NPH34
Value: GS1.1.1716751847.1.0.1716751847.0.0.0
.simcast.com/ Name: _ga
Value: GA1.1.277672018.1716751847
simcast.com/ Name: idw-fe-id
Value: 1e4960f3-41c5-492d-b18e-884ecf238f9d

4 Console Messages

Source Level URL
Text
other verbose URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq)
recommendation verbose URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript error URL: https://simcast.com/?d=financeinvest.xyz&pcid=50&rid=206&a=0
Message:
Access to fetch at 'https://cat3.hbwrapper.com/' from origin 'https://simcast.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www.google.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://cat3.hbwrapper.com/
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aegis.anonymised.io
cat3.hbwrapper.com
cdn.adapex.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
cloudflare.com
code.jquery.com
financeinvest.xyz
fonts.googleapis.com
fundingchoicesmessages.google.com
img-s-msn-com.akamaized.net
img.s-msn.com
material.anonymised.io
p2.gcprivacy.com
parking3.parklogic.com
pixel.quantserve.com
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
simcast.com
static.anonymised.io
www.google-analytics.com
www.googletagmanager.com
cat3.hbwrapper.com
104.16.133.229
104.17.24.14
104.21.234.176
142.250.185.232
172.217.18.2
2001:4860:4802:34::36
23.201.124.64
2600:3c02:1::2d4f:f4d1
2600:9000:223c:5400:6:44e3:f8c0:93a1
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::200a
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:4001:830::200e
2a02:26f0:280:6::213:7ac9
2a04:4e42::485
2a04:4e42::649
3.211.151.65
34.107.217.107
34.117.250.57
45.79.244.12
72.52.178.23
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
12cd4d2b2c465ccb86a83f73b1d7e98dd753e934b53f57f18fb015527c2e26c1
14639f1f1a28642bc4c8dc2d3422f93211a4ca2c0b9d8ae00d1c9550092814b4
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1c5f01a9226ca0a6ce97234c6aac7e0d3ea5bf8c9e700cc4f8a5b6056da205e5
1c7b6e1a10e57329701da6355553f5ee4a2fcad0579fee0c2a8b5b601696db36
23468b573ea36e13efaa55df94be8fc0afa632d1e3171bdbd6fa3df599a4852f
266cd41cbc6cd1c83bd7dfa85049d0a03ce809632be7cf1f350787da80688321
2761e85c12ed54dc72f3d1efebabff77c48837ebf0845e2c2c639e7fd924d502
29404cf6255eff834f2b85f5a3850b48052a4cd46c91cae2e7af923e56287159
30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845
310085a8254cd4e850f6abb9743b061f1286664322fddee03a371121fd6aedeb
39ff63823fd25741720244e59db747d04ad20e6f0cb7bbc91972a666ea9521c2
3bd77a6185835cefa1f6a8435ba03cf7f165200be6315c732b68d88818bc6df1
3e316ecbe2a133db88d0b1d7d2e45ad0f47cb6c90535f0b7b7dca819fc4af919
413a071d1c806bb7e4c8e2d5a83e5eb3533bbd03de21bb71fb2ca6faebe8dbe9
417c7e1b793dab1354daa456a61f7344f780ad31fff8e4fef024f4997f29942e
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4b64869b5ee8b1cbc4a4a40b40afb6b15634cb34dd197e2121df54b4b5fb3ef0
54b79b8e3a16ca51f52dc2797a951ce9beeff20374c6ff16c931251f3eb1a835
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3
610275a935b4fbad9167a8f2f0c99488c1d19bed6fef3681b94eae277392e4b1
64a1c6ae1966f9fc6f11b961cd5d3ceccb5b325028f7bb8191350eabd53fa127
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
683e4d91832ed1a75f28518fb24f18c87590144e8e40c819e842c61371ca7c9c
68d60233f94276bba975ad88c291b88c60c89c9fb908e71bc6913591bba4cd56
6a6f124c02a1e598339fb0987c7b41c8725b7341f967f5f9660535d8caeb6549
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c128cbfbeee2cd8af285ddf32d0dfd08cd748db60438da758d08978225c3476
722a4121ccf998eefa71a33203ddd5e99a0ba3243c0549cdf7302268fe0ba979
7699b1aa142b429406ced6d26a112935d8bcc26763663ff50913cfe8b01ec5fc
7962c200b80de04b6cd4fc25e4745f01c475bee72990d2933733140a3c26caba
80eb86866ea8cdc3f9463329db63b9ccf5a2d5b96d1e095e2c825292158fb2d3
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9016ef6ab0c80848913a716110cc8c43ce50b089f0cc5f420f02932d69d229cd
91c00ece7df64547afbba59f53d5c652f2c98dcc5fc67a3ea15cdae9b7449d29
9339c33571d78f6a8509cd45984cee45fc2b9268d590d8a2a458914bc12d9e69
9abeac09e442691384560e4273070f4a2a96b26a84f8f534ca98cebea29bffc9
9bfe1bbdb54edf381f3b49b277e17504e1101e48f4ab612d78ab10f240544461
a0666a78e58866b59dc3739c55e900ed6486cb6383893976ce65a02909abaa7a
a0b499441d78346fd987e1432fafbbb27afb833dfb44d722306e8fc222fb43d4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15b174d14d596b8d6ae04a53a60c14492998dc3d3bfbe0f8e1d9514937f95a8
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
ace673ab35f92a6c0135ed64e4ccd7aae142558d2f8a48ee932d97c84d2a8960
b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069
b7c7ed61f625265e7472a32706237f9b33b30459c262b22f7373e68c614f95d7
bd461e10d9b45659c302a27604a29eb231318bfaae5fd1ffc508cd57692b6feb
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb4878150515e7fa2f1c0eda36eb0826724ce8e3cf06486ec69c1cb3339cc277
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d0fa3f2b7fc7758ad71071c8c55031a1a6fa25c306cf8413b8ee56e16d44ddb0
d8997df1237085f6e5a1c901640e60026d1091f5f369028551ddc6d4934f0f11
dc4cbc496d683bd310ded5b601e2cc4c0bd0ed81bafb5522c7c35d591a3886ee
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
de0d5c8115a1288e27d8bfd256692f28315b3d26cdd109c23f94d17d59ca0c50
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc881e25f452460b303912a9addfb9ad1ff678609f7329ce2967adb6e3a9095
e30ccb6a7b4034606e83911ffbac7e9b4cd26cecd091b68bf74b2378d43d607f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b5a209bb45f7d6f760111c08135c18ff5ad6ace1bfbfe8d77f796d00d18f41
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb2bd4808264f978639b4d45fcfc11c203686fda2e55098192568315c6eec3a8
f05a50f21a635e5a1f2cae5a060bdd8d9c66e3a084d5ec26bbb47f4cb579179a