Submitted URL: http://berhilpress.info/r.php?v=dD1jJmQ9OTE3MCZsPTY5ODgmYz02NjA4
Effective URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Submission: On October 18 via api from BE

Summary

This website contacted 16 IPs in 9 countries across 20 domains to perform 66 HTTP transactions. The main IP is 45.79.244.12, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 144.217.171.217 16276 (OVH)
1 1 109.234.162.107 50474 (O2SWITCH)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 1 54.93.36.121 16509 (AMAZON-02)
1 1 52.28.86.101 16509 (AMAZON-02)
1 1 69.16.231.150 32244 (LIQUIDWEB)
8 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 216.58.208.34 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 7 63.250.58.116 210329 (CLOUDWEBM...)
29 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
11 11 212.115.109.66 210329 (CLOUDWEBM...)
11 11 194.146.24.56 210329 (CLOUDWEBM...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
66 16
Domain Requested by
29 img-s-msn-com.akamaized.net simcast.com
11 img2.smartsearch.me 11 redirects
11 img4.smartsearch.me 11 redirects
8 simcast.com gdmconvtrck.com
simcast.com
code.jquery.com
7 img3.smartsearch.me 7 redirects
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 securepubads.g.doubleclick.net simcast.com
securepubads.g.doubleclick.net
cd-down.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdnjs.cloudflare.com simcast.com
2 cd-down.com 1 redirects
1 www.google.com securepubads.g.doubleclick.net
1 dd4d2b8a10d07c5f58b4f3884645f7f7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 www.youtube.com simcast.com
1 cadet.parklogic.com simcast.com
1 cdn.onesignal.com simcast.com
1 code.jquery.com simcast.com
1 www.rdr4trck.com 1 redirects
1 www.meetdate.xyz 1 redirects
1 t.insigit.com 1 redirects
1 gdmconvtrck.com cd-down.com
1 riftv.net 1 redirects
1 berhilpress.info 1 redirects
66 25

This site contains no links.

Subject Issuer Validity Valid
cd-down.com
Amazon
2020-04-22 -
2021-05-22
a year crt.sh
gdmconvtrck.com
Amazon
2020-03-21 -
2021-04-21
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.parklogic.com
COMODO RSA Domain Validation Secure Server CA
2018-12-16 -
2020-12-29
2 years crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-12 -
2022-08-17
2 years crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1
2020-07-15 -
2021-09-13
a year crt.sh
*.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.google.nl
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh

This page contains 4 frames:

Primary Page: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Frame ID: E222029D84B966A14A812DA4BB68F140
Requests: 56 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jmZlp9o9KQo
Frame ID: 5D561D0BA172B3E1FF4E196F437145F7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu14gMCyIO-jF9ESm8SlhVMGYlK5bKpleNcsY3GYfWK2nYUX4cW6fBCP7Pymi07MtZ5sS2B3HsmJSO-W2rQ2R1dBHxG2o_zC41Ot0G4d2H_KhId_c2yPn3Mxr0BqFziVNW_m5yJl2M89hDIa4-5mHJflfoovuUnfzaH-xH1ZvqwpXjiPZZ5CTLDDYvwZfl9z3DpFdFJv2GVMzbXKNuMy1NRERbgctKMzfMsVgequ2aJUjHCUM_qBTovREfzVjU2rkx85VVZHQ&sai=AMfl-YRDS17yTam2HMY9t_BNyAUzuXFB5y-7hUBOH35ZHo0G652OK9K-cVJAtPoFdaPPBUuyAFRjwTO41ci7e3S5U369hSPOEVQlCW6s1W5lkisADT6SG6e7Q88vm0HmLzU&sig=Cg0ArKJSzIoY58tVa33aEAE&adurl=
Frame ID: BBC83635C5DA7677AD145E928081D8C8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 714DC00B985C44C07DFE580734B60306
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTE3MCZsPTY5ODgmYz02NjA4 HTTP 302
    https://riftv.net/LGPZS?sub1=1&sub2=9170&sub3=12318&sub4=6988&sub5=6608 HTTP 301
    https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd Page URL
  2. https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1603005168133&h=40298b... HTTP 302
    https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f... HTTP 302
    https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=de84f... HTTP 302
    http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cD... HTTP 302
    http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

66
Requests

85 %
HTTPS

57 %
IPv6

20
Domains

25
Subdomains

16
IPs

9
Countries

1792 kB
Transfer

2269 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTE3MCZsPTY5ODgmYz02NjA4 HTTP 302
    https://riftv.net/LGPZS?sub1=1&sub2=9170&sub3=12318&sub4=6988&sub5=6608 HTTP 301
    https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd Page URL
  2. https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1603005168133&h=40298b070a7dc5ac8ce74c9287dd4379d83725fb&req=https%3A%2F%2Fcd-down.com%2Fsmartlink%2F%3Fa%3D93640%26sm%3D4612%26s1%3Dmm%26s2%3Ddd&mt=3&svi=c435d0260a0847a1a6726ca06942e8f3_1603005168133_10_4612_-1_-2_-5_8953_61&o=53216&dl=t&us=aebed04a6b574448b7c1bfdd90512a18 HTTP 302
    https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=f3f4160301f14a9db6fcf95a61ed2968cfe0&utm_sub=opnfnl&m=ps HTTP 302
    https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=de84f552dc8a46f1d0ef30162150eddcaa944f43&s6=f3f4160301f14a9db6fcf95a61ed2968cfe0&dci=751cee23b0524d94b0b8d0b76594f652dbeafbca&tds_host=t.insigit.com&tds_split=a&tds_campaign=r1992shy&tds_id=r1992shy_lp_a_524562638273_adsbridge&tds_oid=926b90433b7736a8_&tds_cid=de84f552dc8a46f1d0ef30162150eddcaa944f43&tdsId=r1992shy_lp_a_524562638273_adsbridge&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=f3f4160301f14a9db6fcf95a61ed2968cfe0&utm_sub=opnfnl&m=ps&p_tds_cid=f0846e141f85bb1aceb4c9aa0f8ffbc682a7b755&tds_reason=direct HTTP 302
    http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cDovL2ZpbmQtYmVzdC1kYXRpbmdzLmNvbS8%2FdT0wMWE4ZWt5Jm89MWRsZGw3ZSZ0PTM3NjgyNF8xMTNfZjE1ZGViYmMmY2lkPWx5bnl4NWY4YmVhZjA5ODFhOTg2Mzk0ODExNQ%3D%3D&action=action_tmp HTTP 302
    http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTE3MCZsPTY5ODgmYz02NjA4 HTTP 302
  • https://riftv.net/LGPZS?sub1=1&sub2=9170&sub3=12318&sub4=6988&sub5=6608 HTTP 301
  • https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Request Chain 12
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDZJUHJucm5CMldlQVZuci9uRTZ3K2w3S2FmajZ3U3dUSzNleDJLREQyVXhiM1JHTURGOUhJQzdENnQ0cGNQU0U= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KoV.img?m=4&w=800&h=800
Request Chain 13
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEo1TDlSNlF6M0dEVnNOUGFYK050emplNCtRUXJaaTB0ckJObm5XR1ZTenZIN0I1N2hSTTRYV0dBZWhWTll2SmQ= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8N9k.img?m=4&w=800&h=800
Request Chain 14
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Request Chain 15
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHFjYkdQTU5UTklIcm9aa3VLckVJRmJLVDhabHppUHZFM212MkpvNnVGVCs0ZkR3akw2R3E2TEptQmNleFJaeWs= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KfJ.img?m=4&w=800&h=800
Request Chain 16
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Request Chain 17
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZtYnE5VEF1dUZ4RkRNMnB5WGozM3FTWEdVVlpybFJXWndlaisxdHRZZjZLY2t6VDVwRnNyK09XcWVGcnQ1NjU= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8B1u.img?m=4&w=800&h=800
Request Chain 18
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Request Chain 19
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHppaUFxVTgrN3ZUM3pPNEZYYlQyNGN5TEJ6bzZHbVdCYTEweFZGWlMrYlFZZHM3dHZZTEtPNmxxbGZqM1Q3UEw= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8Htx.img?m=4&w=800&h=800
Request Chain 20
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Request Chain 21
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFUrcVJ1N3VMajlYU0pieFhsMkZPSmc3aUpvT2t4OS9OYVlpZmFaeXZicUlpQWVORkpFV0NLS0E3UGU1eUhYR1k= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rCE.img?m=4&w=800&h=800
Request Chain 22
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEhIM1UxS3FvbjNuc1FDVHgycGN2UnR3LzBjVE96UklGTUJEMjlnZnhWdDlQbUZjSFFLTzZZZlpKQ291VW0zRDQ= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rwo.img?m=4&w=800&h=800
Request Chain 24
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHliRXd0NDNwSnBibWNHTWdENHhwZ3ZwdmpaZnprUkE0U2g1RitkaEdlOWwwbUY0c0FNdFVIa1VnQklQUFNnaW0= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8xIV.img?m=4&w=800&h=800
Request Chain 25
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Request Chain 26
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDNONmVkSlVDTEdXaml6UXdEUzVhVWJVdTJvUm9mUWRTRGZ6eUVEZm9TcGt6dGpjZktkZGJ5c3Zicm1EOWNhT0M= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8G1G.img?m=4&w=800&h=800
Request Chain 27
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGRHZFlGYk9rcGgrUWRodTlwRXNFYW5DNlZtUHJpRHNRNTIzN0sxWEZvOTkvQ0pNVVhHbTd2Z3gyTkg1dG9hcnA= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB198VPB.img?m=4&w=800&h=800
Request Chain 28
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1yS3dvWWlLRkMzRURobzYzMkdoUHl2dVlkUVY2UGlTUFoyRFo4TkIyd2dEcFdIZGtpNmwyZkFjRDdNekxxN1M= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
Request Chain 29
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Request Chain 30
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGhTVFZoblJjSVdIcFJqSlhiM2c2UkxkZnRudVF6TzFlaVc2WXpSVWdqamNscUJnbUNoOXdDempDWVdZcTN3ZzU= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
Request Chain 31
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDM1TVdVRi9wL3JBTVByK1EvTWZvd1UzQ2hJb3N2STRWUUZyVFhRejFtQ3BOTEZRUWxCUDBkTWlnR1Z4TDlxQUg= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8H2D.img?m=4&w=800&h=800
Request Chain 32
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Request Chain 33
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJnYU9EVXhmbEJsam5CRnFkTzdFMXFWdWlma3o0U1k0cDY4UjJyb00zT0VFV0ZWNnBoejNjeEM1bWg2MkxKNTA= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
Request Chain 34
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdubmZkcy9RWWVvRnhhTk5jd3VwaGw3bTVrT3FzVTJiR3FDTmxoMkJFRkkzY1pXTXJWaTRuaVBIYzFzVWVMeU0= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
Request Chain 35
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZiVUdhTnJCZ1dkS2ZSeGNOUGlja3JaWVRpTDVpamdiVGFCc3V1RzNTRG9zVVN6bktzK0tMRUxFR0lQb09tOVU= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
Request Chain 36
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Request Chain 37
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZpakNleDY5cUZlVGFDSWRVR3p1eU83SjBlQXJLcVBxS3ZuT3FKQnRWWFpNTnZmYy9sTExaRUliOEpRS2c3K2c= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
Request Chain 38
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFVPV2UxWURXellFUmVCQVZBb3hIbTBNOWJRbUdpbDAzRlBjNGVUUERDK3c9 HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
Request Chain 39
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFlkRFVBV1dyZHJXNmFTbmc0MFhZZE5qR2owb3huYXlIdyswZkJ2WFFUajYvblJBM1dKZy9PeTU4Qlg3eEZ0SEY= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
Request Chain 40
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGNBaXZlU3B2RHptejhyWU1pT1Z1MGl5WE9HeDJWcnJ4SGhOeXlyb1IvYmZFVUE5Z1V5Z0F0ZTUvUE1hYndWS20= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
Request Chain 41
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEEycFJpeTVPQ3EySjluVGc2Mk5aQ3cyQTkrNm9XMyt0N25OUmVSU3o3K2ZoaWJXRFRKZGFQMXFKc0dpNlhDYlk= HTTP 301
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
cd-down.com/smartlink/
Redirect Chain
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTE3MCZsPTY5ODgmYz02NjA4
  • https://riftv.net/LGPZS?sub1=1&sub2=9170&sub3=12318&sub4=6988&sub5=6608
  • https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
2 KB
1 KB
Document
General
Full URL
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6130:4b73:ac63:d9c0:5908 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0e25165ee3a55d0aba43cf8e1e28bf031170dd758a1bb7fd143d676a6c49dcf9

Request headers

:method
GET
:authority
cd-down.com
:scheme
https
:path
/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 18 Oct 2020 07:12:48 GMT
content-type
text/html;charset=utf-8
server
nginx
vary
Accept-Encoding
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding
gzip

Redirect headers

status
301
date
Sun, 18 Oct 2020 07:12:48 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
x-powered-by
PHP/7.4.11
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=b10c8f68ebe8710001a50a30ee9a0f90; path=/ short_LGPZS=1; expires=Sun, 18-Oct-2020 07:42:48 GMT; Max-Age=1800; path=/; HttpOnly
server
o2switch-PowerBoost-v3
user
gdmconvtrck.com/
1 KB
1 KB
Script
General
Full URL
https://gdmconvtrck.com/user?a=93640&c=169426
Requested by
Host: cd-down.com
URL: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6110:de04:6bd7:82f8:2d00 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4fa728220ed04ef26d16c4c84ad13a48867ee55498ec5f753baf16179f1ce4a0

Request headers

Referer
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Oct 2020 07:12:48 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*, *
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
expires
Sat, 1 May 2020 12:00:00 GMT
Primary Request Cookie set /
simcast.com/
Redirect Chain
  • https://cd-down.com/?a=93640&c=169426&oc=65682&sr=t&rc=1_0&s1=mm&s2=dd&vt=1603005168133&h=40298b070a7dc5ac8ce74c9287dd4379d83725fb&req=https%3A%2F%2Fcd-down.com%2Fsmartlink%2F%3Fa%3D93640%26sm%3D46...
  • https://t.insigit.com/tds/cpa?tdsId=p8714zol_r&tds_campaign=p8714zol&utm_source=int&utm_campaign=f15debbc&utm_content=93640&data2=f3f4160301f14a9db6fcf95a61ed2968cfe0&utm_sub=opnfnl&m=ps
  • https://www.meetdate.xyz/c/4ca3cf0390458396?s1=113_f15debbc&s2=f15debbc&s3=r1992shy&s4=93640&s5=de84f552dc8a46f1d0ef30162150eddcaa944f43&s6=f3f4160301f14a9db6fcf95a61ed2968cfe0&dci=751cee23b0524d94...
  • http://www.rdr4trck.com/redirect/index?type=script&to=aHR0cDovL3d3dy5yZHI0dHJjay5jb20%3D&data=aHR0cDovL2ZpbmQtYmVzdC1kYXRpbmdzLmNvbS8%2FdT0wMWE4ZWt5Jm89MWRsZGw3ZSZ0PTM3NjgyNF8xMTNfZjE1ZGViYmMmY2lkP...
  • http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
44 KB
9 KB
Document
General
Full URL
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Requested by
Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/user?a=93640&c=169426
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
db3ac21cce0257905e5a7d33149072073f02959515c15301c196ad2e83599430

Request headers

Host
simcast.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd

Response headers

Date
Sun, 18 Oct 2020 07:12:49 GMT
Server
Apache/2.4.38 (Debian)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=0m98l8mphhb4t30d0t989emr9i; expires=Mon, 19-Oct-2020 07:12:49 GMT; Max-Age=86400; path=/ NB_SRVID=srv8226215; path=/
Upgrade
h2
Connection
Upgrade, close
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8408
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 18 Oct 2020 07:12:49 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
http://simcast.com
Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:13:03 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
status
200
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1603005183.dop216.fr8.t,1603005183.cds271.fr8.hn,1603005183.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/
13 KB
3 KB
Stylesheet
General
Full URL
http://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 07:12:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Sep 2020 04:24:01 GMT
Server
Apache/2.4.38 (Debian)
ETag
"34cd-5af8edec19a40-gzip"
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
2953
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/
55 KB
12 KB
Stylesheet
General
Full URL
http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 07:12:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jul 2019 03:45:19 GMT
Server
Apache/2.4.38 (Debian)
ETag
"daa3-58d2345dc71c0-gzip"
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
12209
OneSignalSDK.js
cdn.onesignal.com/sdks/
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:12:50 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3447
etag
W/"af07e3bccd7885748057bb532c526ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
5e40740e796e2b7d-FRA
cf-request-id
05dc26dd0c00002b7d1a376000000001
expires
Sun, 18 Oct 2020 19:12:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
52 KB
18 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
sffe /
Resource Hash
75beb22a5b9ca13c921484119c5d004bfb9c96c3fb626efd4cc61e9bec1608af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:12:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"666 / 288 of 1000 / last-modified: 1602886436"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17664
x-xss-protection
0
expires
Sun, 18 Oct 2020 07:12:51 GMT
enhance.js
cadet.parklogic.com/page/
2 KB
2 KB
Script
General
Full URL
https://cadet.parklogic.com/page/enhance.js?pcId=56&domain=rdr4trck.com
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:91ff:fee2:5b0f , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
c63b049f72ef1f0ae5cd28334a6b7f66cd1a44fc4f2df74902a3c24c93e1355f

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 07:12:50 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Content-Length
2221
Keep-Alive
timeout=5, max=100
Content-Type
text/javascript;charset=UTF-8
simcastlogo_35y.png
simcast.com/templates/simcast/images/
1 KB
2 KB
Image
General
Full URL
http://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 07:12:51 GMT
Last-Modified
Wed, 26 Feb 2020 07:27:31 GMT
Server
Apache/2.4.38 (Debian)
ETag
"527-59f758988fec0"
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1319
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:12:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1502102
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
cf-request-id
05dc26db1400003233ada68000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603005170"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e40740b59e23233-FRA
expires
Fri, 08 Oct 2021 07:12:50 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/
3 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:12:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1506615
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
cf-request-id
05dc26db2500003233ad36d000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603005170"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e40740b6a0b3233-FRA
expires
Fri, 08 Oct 2021 07:12:50 GMT
modal.css
simcast.com/widgets/modal/
577 B
633 B
Stylesheet
General
Full URL
http://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 07:12:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Aug 2020 23:13:02 GMT
Server
Apache/2.4.38 (Debian)
ETag
"241-5acb6544e5b80-gzip"
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
272
BB1a8KoV.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDZJUHJucm5CMldlQVZuci9uRTZ3K2w3S2FmajZ3U3dUSzNleDJLREQyVXhiM1JHTURGOUhJQzd...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KoV.img?m=4&w=800&h=800
44 KB
44 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KoV.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
9288f4c00d54d3f3e04551b03d6c62a3fd3b23f5d1377a759ee07fb7f26c8e09
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8KoV
date
Sun, 18 Oct 2020 07:12:51 GMT
x-source-length
118235
status
200
x-activityid
b857c30a-c254-4b57-9b83-91a37b0dad73
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
44577
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 07:10:24 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431891
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KoV?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 07:11:02 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:51 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KoV.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8N9k.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEo1TDlSNlF6M0dEVnNOUGFYK050emplNCtRUXJaaTB0ckJObm5XR1ZTenZIN0I1N2hSTTRYV0d...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8N9k.img?m=4&w=800&h=800
60 KB
61 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8N9k.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8e41f8444974e04d1309f0a0bd6da30ccbad2a721d519d59da7ea99c2c2b642c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8N9k
date
Sun, 18 Oct 2020 07:12:51 GMT
x-source-length
94778
status
200
x-activityid
910cf1f9-57e4-4539-bf39-fd4f14f3c170
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
61777
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 07:10:24 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431850
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8N9k?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 07:10:21 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:51 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8N9k.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
195 B
555 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBj0TsQ
date
Sun, 18 Oct 2020 07:12:51 GMT
x-source-length
195
status
200
x-activityid
6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
195
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=219060
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires
Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:51 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8KfJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHFjYkdQTU5UTklIcm9aa3VLckVJRmJLVDhabHppUHZFM212MkpvNnVGVCs0ZkR3akw2R3E2TEp...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KfJ.img?m=4&w=800&h=800
51 KB
51 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KfJ.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
008be084745be312e68e5b6b3529e046be98dbb4e7d209926e60a4ec4d423936
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8KfJ
date
Sun, 18 Oct 2020 07:12:51 GMT
x-source-length
103356
status
200
x-activityid
648b1752-da95-4c9e-bce6-5659dcacb72f
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
51858
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 06:59:03 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431123
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KfJ?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 06:58:14 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:51 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8KfJ.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
195 B
555 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBj0TsQ
date
Sun, 18 Oct 2020 07:12:51 GMT
x-source-length
195
status
200
x-activityid
6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
195
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=219060
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires
Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:51 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8B1u.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZtYnE5VEF1dUZ4RkRNMnB5WGozM3FTWEdVVlpybFJXWndlaisxdHRZZjZLY2t6VDVwRnNyK09...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8B1u.img?m=4&w=800&h=800
41 KB
41 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8B1u.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
4dd2ceb043515832862dcfcab7539b61f77adac0c14073b6fb467345116a1d3c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8B1u
date
Sun, 18 Oct 2020 07:12:51 GMT
x-source-length
41522
status
200
x-activityid
34edde59-b5e9-4070-8661-d4d9bbbf0551
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
41741
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 06:59:03 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431130
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8B1u?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 06:58:21 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8B1u.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
1 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXFkn
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
1198
status
200
x-activityid
9178dc15-1478-43f7-b98e-e4f38785875d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
1198
last-modified
Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=311937
timing-allow-origin
*
x-akamai-path-stats
[1:642:358]
expires
Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8Htx.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHppaUFxVTgrN3ZUM3pPNEZYYlQyNGN5TEJ6bzZHbVdCYTEweFZGWlMrYlFZZHM3dHZZTEtPNmx...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8Htx.img?m=4&w=800&h=800
55 KB
55 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8Htx.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a621d5da4efd50e409d2a96184d91b60e2bea76f4a1a98fad55262303e68c5f9
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8Htx
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
94909
status
200
x-activityid
4d5e9bcc-b80e-401f-94e3-cb93b6602327
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
56279
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 06:22:30 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428939
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8Htx?m=4&w=800&h=800
x-akamai-path-stats
[3:24818:31182]
expires
Fri, 23 Oct 2020 06:21:51 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8Htx.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
195 B
555 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBj0TsQ
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
195
status
200
x-activityid
6bd43b08-c07e-47d5-995d-bb39a1da52ac
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
195
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:04:21 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=219059
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
expires
Tue, 20 Oct 2020 20:03:51 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8rCE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFUrcVJ1N3VMajlYU0pieFhsMkZPSmc3aUpvT2t4OS9OYVlpZmFaeXZicUlpQWVORkpFV0NLS0E...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rCE.img?m=4&w=800&h=800
77 KB
78 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rCE.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
7e4bd4fe2687430b61db24c492e7d606d28fc27cd8da552c5442383c9cc2fb5c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8rCE
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
138686
status
200
x-activityid
81862f90-4d26-4f7f-8a8c-9a63b6fbed8e
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
79239
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 06:05:56 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427971
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rCE?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 06:05:43 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rCE.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8rwo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEhIM1UxS3FvbjNuc1FDVHgycGN2UnR3LzBjVE96UklGTUJEMjlnZnhWdDlQbUZjSFFLTzZZZlp...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rwo.img?m=4&w=800&h=800
42 KB
42 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rwo.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
cebb28a640e2744812d2cea441f419795b82f9890682bfd1b897769a1ff4f91f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8rwo
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
547361
status
200
x-activityid
bbeed8e8-032d-4db7-b349-a94bf8c4ee5c
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
42701
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 06:05:56 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427984
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rwo?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 06:05:56 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8rwo.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
login.js
simcast.com/widgets/login/
931 B
574 B
Script
General
Full URL
http://simcast.com/widgets/login/login.js
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 07:12:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Aug 2019 05:50:21 GMT
Server
Apache/2.4.38 (Debian)
ETag
"3a3-59071ea59a140-gzip"
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
max-age=3024000, public
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
199
BB1a8xIV.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHliRXd0NDNwSnBibWNHTWdENHhwZ3ZwdmpaZnprUkE0U2g1RitkaEdlOWwwbUY0c0FNdFVIa1V...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8xIV.img?m=4&w=800&h=800
50 KB
50 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8xIV.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
7b9f135bfd64875cd432625a8203eef29fa4faf0de8827dc068f55ceb88cb6f1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8xIV
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
1772145
status
200
x-activityid
ba4c700f-e29f-4c4d-8485-19a463bb9670
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
51026
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 06:22:30 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428898
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8xIV?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 06:21:10 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8xIV.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
1 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXFkn
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
1198
status
200
x-activityid
9178dc15-1478-43f7-b98e-e4f38785875d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
1198
last-modified
Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=311937
timing-allow-origin
*
x-akamai-path-stats
[1:642:358]
expires
Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8G1G.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDNONmVkSlVDTEdXaml6UXdEUzVhVWJVdTJvUm9mUWRTRGZ6eUVEZm9TcGt6dGpjZktkZGJ5c3Z...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8G1G.img?m=4&w=800&h=800
103 KB
103 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8G1G.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ecadd1dbe7da90b2c49973b1674562dc0814728a3ec9323be9736c1f7b956b23
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8G1G
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
352378
status
200
x-activityid
e5d9f5c9-42de-4483-85b4-de2cf66b86d9
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
105218
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 05:26:31 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425608
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8G1G?m=4&w=800&h=800
x-akamai-path-stats
[3:27441:37559]
expires
Fri, 23 Oct 2020 05:26:20 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8G1G.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB198VPB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGRHZFlGYk9rcGgrUWRodTlwRXNFYW5DNlZtUHJpRHNRNTIzN0sxWEZvOTkvQ0pNVVhHbTd2Z3g...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB198VPB.img?m=4&w=800&h=800
49 KB
49 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB198VPB.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
2a51783bfa0de8c9daf0f0830a87b1c1490d9a7e8a604f89cb03b2fdf97e5dd3
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB198VPB
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
78964
status
200
x-activityid
de2c2809-72bd-4835-9962-8cdd3c8b587c
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
49979
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 06:05:56 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427984
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB198VPB?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 06:05:56 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB198VPB.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a7VIG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1yS3dvWWlLRkMzRURobzYzMkdoUHl2dVlkUVY2UGlTUFoyRFo4TkIyd2dEcFdIZGtpNmwyZkF...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
75 KB
75 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6a2dbec1a367fc4e1c33dbaae1268daa467995128f60cb04ed5cf4102af03965
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a7VIG
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
262550
status
200
x-activityid
72509a31-bb7a-4e60-8b42-6fc0b995512a
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
76492
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 05:08:01 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=424566
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 05:08:58 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a7VIG.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
660 B
1021 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXuBZ
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
660
status
200
x-activityid
377e4e78-bb46-4d46-bec0-6f0394a3f0bb
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
660
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:03:28 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=219060
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
expires
Tue, 20 Oct 2020 20:03:52 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8uNb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGhTVFZoblJjSVdIcFJqSlhiM2c2UkxkZnRudVF6TzFlaVc2WXpSVWdqamNscUJnbUNoOXdDemp...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
54 KB
54 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f783b41bec7d99f1033609e173ef2a709d034f841d6efc878286330170f16f9b
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8uNb
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
208810
status
200
x-activityid
61294d02-6b09-4728-9491-0a16b2fa82c1
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
54964
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 02:19:49 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=414393
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 02:19:25 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:50 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8uNb.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8H2D.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDM1TVdVRi9wL3JBTVByK1EvTWZvd1UzQ2hJb3N2STRWUUZyVFhRejFtQ3BOTEZRUWxCUDBkTWl...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8H2D.img?m=4&w=800&h=800
161 KB
161 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8H2D.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
9c49b31d843207871ca2278fd2dc6eb557e04eb41c2eef70f7df82104bec9282
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8H2D
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
680749
status
200
x-activityid
175969a6-ff6b-4c18-abc8-0c8120a1cc16
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
164550
timing-allow-origin
*
last-modified
Sun, 18 Oct 2020 06:05:56 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427966
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8H2D?m=4&w=800&h=800
expires
Fri, 23 Oct 2020 06:05:38 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8H2D.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
660 B
1021 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXuBZ
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
660
status
200
x-activityid
377e4e78-bb46-4d46-bec0-6f0394a3f0bb
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
660
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 20:03:28 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=219060
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
expires
Tue, 20 Oct 2020 20:03:52 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB19TfvG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJnYU9EVXhmbEJsam5CRnFkTzdFMXFWdWlma3o0U1k0cDY4UjJyb00zT0VFV0ZWNnBoejNjeEM...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
97 KB
97 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
d6dc570ca5cb8f584dce75241aee186b6a20f22129bc3b1c3adf842fd196c682
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB19TfvG
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
405033
status
200
x-activityid
a93a0b2a-2910-4785-a5ba-b0731946f4e5
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG?m=4&w=800&h=800
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
98895
last-modified
Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=405780
timing-allow-origin
*
expires
Thu, 22 Oct 2020 23:55:52 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB19TfvG.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8mXT.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdubmZkcy9RWWVvRnhhTk5jd3VwaGw3bTVrT3FzVTJiR3FDTmxoMkJFRkkzY1pXTXJWaTRuaVB...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
98 KB
98 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
19b1d6dd56343930c7bd22eaa903a4438ccc4a22a1624d288278cb68b2b64ea0
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8mXT
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
369471
status
200
x-activityid
5326dab8-8ab7-4439-9b4e-0b677be40e92
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
100044
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=405836
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 23:56:48 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8mXT.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8fD5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZiVUdhTnJCZ1dkS2ZSeGNOUGlja3JaWVRpTDVpamdiVGFCc3V1RzNTRG9zVVN6bktzK0tMRUx...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
77 KB
78 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
5c4fbbc23b5c4e11729357bd442db7f0f24076bd6fab6cee19605afc06c20176
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8fD5
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
83064
status
200
x-activityid
9e6096ff-2acf-435d-9399-a59fa6f420fd
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
78902
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=405766
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 23:55:38 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8fD5.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
1 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAkXFkn
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
1198
status
200
x-activityid
9178dc15-1478-43f7-b98e-e4f38785875d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
1198
last-modified
Fri, 16 Oct 2020 21:50:42 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=311937
timing-allow-origin
*
x-akamai-path-stats
[1:642:358]
expires
Wed, 21 Oct 2020 21:51:49 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8bAw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZpakNleDY5cUZlVGFDSWRVR3p1eU83SjBlQXJLcVBxS3ZuT3FKQnRWWFpNTnZmYy9sTExaRUl...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
87 KB
88 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
42fc936b173f9be34071e3426a44bde1b8badfd979f7d87cfd4c117f863b1362
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8bAw
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
139528
status
200
x-activityid
c7815bbb-5876-40ab-8981-6488a3e6992c
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
89173
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 23:54:50 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=405748
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 23:55:20 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8bAw.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB2kwUc.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFVPV2UxWURXellFUmVCQVZBb3hIbTBNOWJRbUdpbDAzRlBjNGVUUERDK3c9
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
338 B
698 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
40685f972cc54e56f7d5bd69e75ff9c0d489c12bfbb22efc939729715fdb4c02
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB2kwUc
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
338
status
200
x-activityid
45f5f6d8-c89c-4a73-b2bc-4ac5e054c7aa
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
338
last-modified
Tue, 13 Oct 2020 18:22:55 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=40174
timing-allow-origin
*
expires
Sun, 18 Oct 2020 18:22:26 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2kwUc.img
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a8b2i.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFlkRFVBV1dyZHJXNmFTbmc0MFhZZE5qR2owb3huYXlIdyswZkJ2WFFUajYvblJBM1dKZy9PeTU...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
52 KB
53 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a6aba9e0d75c3fc91da5f41da302ecf845d2dc9937f41f57211f737cbbdf9bda
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a8b2i
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
119641
status
200
x-activityid
a2faf5fa-d87e-4feb-a123-d6f59d04ca24
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
53702
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 19:52:54 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=391256
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 19:53:48 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a8b2i.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a85Qv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGNBaXZlU3B2RHptejhyWU1pT1Z1MGl5WE9HeDJWcnJ4SGhOeXlyb1IvYmZFVUE5Z1V5Z0F0ZTU...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
52 KB
53 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
0865db941027b608fb3edd25259d5088c6124b0975b8f5ac7451aa2ecda80100
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a85Qv
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
167439
status
200
x-activityid
e40520d9-4c74-478e-9ada-a3709685fe21
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
53632
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 19:35:22 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=390132
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 19:35:04 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a85Qv.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
BB1a86ks.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain
  • https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEEycFJpeTVPQ3EySjluVGc2Mk5aQ3cyQTkrNm9XMyt0N25OUmVSU3o3K2ZoaWJXRFRKZGFQMXF...
  • https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800
102 KB
102 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
735ed4147bec7e788964ed2deec6b8e530af0b824c7cf3d1aea047a14e6ee7f8
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1a86ks
date
Sun, 18 Oct 2020 07:12:52 GMT
x-source-length
432711
status
200
x-activityid
0733d019-71c0-4964-af51-2d0400a7eb2b
x-deployment
cfc83d5b1f7540e6b2e5c1ce02b51371
content-length
104037
timing-allow-origin
*
last-modified
Sat, 17 Oct 2020 20:48:10 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=394523
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks?m=4&w=800&h=800
expires
Thu, 22 Oct 2020 20:48:15 GMT

Redirect headers

date
Sun, 18 Oct 2020 07:12:52 GMT
x-content-type-options
nosniff
server
nginx
status
301
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1a86ks.img?m=4&w=800&h=800
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
pubads_impl_2020101301.js
securepubads.g.doubleclick.net/gpt/
272 KB
96 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
sffe /
Resource Hash
e267059a6f7c5d7f3470cfddf149965e56f578a98c06d8aca77ae422e8e6775f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 08:44:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97748
x-xss-protection
0
expires
Sun, 18 Oct 2020 07:13:03 GMT
jmZlp9o9KQo
www.youtube.com/embed/ Frame 5D56
0
0
Document
General
Full URL
https://www.youtube.com/embed/jmZlp9o9KQo
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/jmZlp9o9KQo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Response headers

status
200
cache-control
no-cache
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length
10208
content-type
text/html; charset=utf-8
content-encoding
br
date
Sun, 18 Oct 2020 07:13:03 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=3BaHXdVdMfU; path=/; domain=.youtube.com; secure; expires=Fri, 16-Apr-2021 07:13:03 GMT; httponly; samesite=None YSC=HYnKUpLJPz8; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 18-Oct-2020 07:43:03 GMT VISITOR_INFO1_LIVE=3BaHXdVdMfU; path=/; domain=.youtube.com; secure; expires=Fri, 16-Apr-2021 07:13:03 GMT; httponly; samesite=None
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/
74 KB
74 KB
Font
General
Full URL
http://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Origin
http://simcast.com
Referer
http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 18 Oct 2020 07:13:03 GMT
Last-Modified
Mon, 08 Jul 2019 03:51:01 GMT
Server
Apache/2.4.38 (Debian)
ETag
"126b0-58d235a3ef340"
Upgrade
h2
Cache-control
private
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
font/woff2
Content-Length
75440
js.php
simcast.com/widgets/ms/
1 B
520 B
XHR
General
Full URL
http://simcast.com/widgets/ms/js.php?fra=0&ip=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Server
45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept
*/*
Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Oct 2020 07:13:03 GMT
Content-Encoding
gzip
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Upgrade
h2
Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, close
Content-Type
text/html; charset=UTF-8
Content-Length
21
Expires
Thu, 19 Nov 1981 08:52:00 GMT
integrator.js
adservice.google.nl/adsid/
109 B
890 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 07:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
890 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 07:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
3 KB
418 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3080889019115058&correlator=4273658374374126&output=ldjh&impl=fifs&eid=21067119%2C21068017%2C21065517%2C21067752%2C21067795&vrg=2020101301&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201018&iu_parts=51855962%2Csimcast%2Csimcast_970x250%2Csimcast_728x90%2Csimcast_728x90_2%2Csimcast_728x90_3%2CSimcast_300x250%2Csimcast_300x600%2Csimcast_320x50&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=970x250%7C728x90%2C728x90%2C728x90%2C728x90%2C300x250%2C300x600%2C320x50&cust_params=sub_id%3Drdr4trck.com&cookie_enabled=1&bc=23&abxe=1&lmt=1603005183&dt=1603005183737&dlt=1603005169987&idt=13729&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C10%2C20%2C-9%2C1255%2C36%2C-9&adys=-9%2C110%2C594%2C-9%2C499%2C1655%2C-9&adks=1580246415%2C330538255%2C2731548126%2C101588295%2C2408052046%2C1831785291%2C2541982844&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Drdr4trck.com%26s%3Dbone%26sw%3D17%26tr%3D&dssz=20&icsg=10883&std=0&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C1580x90%7C761x90%7C0x-1%7C300x250%7C1544x600%7C0x-1&msz=0x-1%7C1580x90%7C761x90%7C0x-1%7C300x250%7C1544x600%7C0x-1&ga_vid=1247783214.1603005184&ga_sid=1603005184&ga_hid=2010069222&fws=2%2C0%2C0%2C2%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
5662b89f962a7013fa42d2c134bc405379c6c319abed47f2c394254cb1a7ffa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dd4d2b8a10d07c5f58b4f3884645f7f7.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://dd4d2b8a10d07c5f58b4f3884645f7f7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
23 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3080889019115058&correlator=4273658374374126&output=ldjh&impl=fifs&eid=21067119%2C21068017%2C21065517%2C21067752%2C21067795&vrg=2020101301&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201018&iu_parts=51855962%2Ctest%2CTraffic_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cust_params=sub_id%3Drdr4trck.com&cookie_enabled=1&bc=23&abxe=1&lmt=1603005183&dt=1603005183745&dlt=1603005169987&idt=13729&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=2431&adks=890817012&ucis=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Drdr4trck.com%26s%3Dbone%26sw%3D17%26tr%3D&dssz=20&icsg=10883&std=0&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1247783214.1603005184&ga_sid=1603005184&ga_hid=2010069222&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
e3ca229c011b6215945fb0529f3fc7918bda94318069b8c74ed02cd570fe0443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9599
x-xss-protection
0
google-lineitem-id
5399501512
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138314905801
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BBC8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu14gMCyIO-jF9ESm8SlhVMGYlK5bKpleNcsY3GYfWK2nYUX4cW6fBCP7Pymi07MtZ5sS2B3HsmJSO-W2rQ2R1dBHxG2o_zC41Ot0G4d2H_KhId_c2yPn3Mxr0BqFziVNW_m5yJl2M89hDIa4-5mHJflfoovuUnfzaH-xH1ZvqwpXjiPZZ5CTLDDYvwZfl9z3DpFdFJv2GVMzbXKNuMy1NRERbgctKMzfMsVgequ2aJUjHCUM_qBTovREfzVjU2rkx85VVZHQ&sai=AMfl-YRDS17yTam2HMY9t_BNyAUzuXFB5y-7hUBOH35ZHo0G652OK9K-cVJAtPoFdaPPBUuyAFRjwTO41ci7e3S5U369hSPOEVQlCW6s1W5lkisADT6SG6e7Q88vm0HmLzU&sig=Cg0ArKJSzIoY58tVa33aEAE&adurl=
Requested by
Host: cd-down.com
URL: https://cd-down.com/smartlink/?a=93640&sm=4612&s1=mm&s2=dd
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 07:13:03 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 18 Oct 2020 07:13:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201014/r20110914/ Frame BBC8
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201014/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20d9780645e96c5273c4e1b6f46b94518dd9de586dbaf178f841c8151931e26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 17 Oct 2020 18:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7201
x-xss-protection
0
server
cafe
etag
13490672151077077007
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Oct 2020 18:51:28 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201014/r20110914/client/ Frame BBC8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201014/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 17 Oct 2020 18:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1335
x-xss-protection
0
server
cafe
etag
1884878862150193934
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Oct 2020 18:23:28 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame BBC8
75 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52f7679a6157f3fbbe5ec30d613e5ddd98121049d1bc60b890a8b32da7be8865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602674900477171"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28907
x-xss-protection
0
expires
Sun, 18 Oct 2020 07:13:03 GMT
l
www.google.com/ads/measurement/ Frame BBC8
0
0
Image
General
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaQKeSyAUecw9YbiTKA96UjJ8Nuho7k8DE8KnAOF4OpzJBBX1A4n0LTLSUlGxbgG4EL33QGg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

2364309221291099109
tpc.googlesyndication.com/simgad/ Frame BBC8
807 B
970 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2364309221291099109
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 06:15:12 GMT
x-content-type-options
nosniff
age
176271
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
807
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 05:45:21 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Oct 2021 06:15:12 GMT
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602674900477171"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Sun, 18 Oct 2020 07:13:03 GMT
truncated
/ Frame BBC8
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddfef2a4a3720d91fab6c3cd6b79caf36b4191409e8b7544557b0491ca757672

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame BBC8
0
21 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEW77LGlOX-ErlFZQTbzcpLMt5dLOTHKio7afoYHNiYaq1_1Xy9gTv26-LUwQRXDxZlkhLi1JnTY4wdZ6PSdp4yfckiKiLZ--qkAoHMKQDitt33o2tXBPsdgwop3I3g1qEIiGgJOmIokKdSWRCCu6hJoab1l_EFXzjop-zbNUAy9IOJlnOv9vRlh-rSpqGbbfPbKXK7ncTzUkXOOQoblfYsV0cwUXpoSEgokyDWYAQB2bCFARHMvpuIwrNORWPE_9lNsvWGB4I&sai=AMfl-YQg__4mrPI5xMRM_BxqEP-mYHJgwlCDJa9HyEHs-1hrW38yRnMZpGSoVcfSJ9_2V3UFSv-SsCVc0q4lt9SrMl21S0oAXgZmxmIUgsy3_lUV-yJpeSfhwXmKhxSYv8U&sig=Cg0ArKJSzA_mYx0kEn4EEAE&adurl=
Requested by
Host: simcast.com
URL: http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 07:13:03 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d43c5c052f80fbb450cbc9addd5d8d5a0886f6c4f60cda36b96db16989f9790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Oct 2020 07:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6858
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101301.js?21068017
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 07:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Sun, 18 Oct 2020 07:13:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 714D
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Sun, 18 Oct 2020 05:01:27 GMT
expires
Mon, 18 Oct 2021 05:01:27 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7897
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
163 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020101301&jk=3080889019115058&bg=!BQalBibNAAUZK2QAGViRCHBwD_kn0wIAAABDUgAAAAwKAPKWf7nLOBthzlDCeb_nyJlhFd9_cT5YBLbMC6SEKRL0LIpc_TKcJGNzU-9A4dcId-e1Q3Uo190x2pJn8Y6686mIzyKarJ_313kxn0iYFRaub7Vvhrp0LZJLtnY9F5DU3H-YX7Nes_ZU53otitihuyX-5U8dTpGgOKkfCTyhBkLlUZto5mmBfZbQTgyW6wsj4bHCpQ4LcAgXSER0ilQBLBsxzCqvVeb1s0rnHIihvatgti18MAQ6h7QwpFFhNWZcLmnKa1cxwuiAGAf9ohsn_MWG81XppUyJLqFelctpQyhFZaAPK8h5iim-d9Tjq5St8NNr4JkB8BgSgLhsjVribLsDtC28L3sAiZ3270Ywqys7BXDlyBPjQuMUvsEIbWrMbM16L8ZQiVmOoL0EVklUJOiEbMog_sSOxPwZwzN9HOC0owXtBhcelnmNxenpJ9JHb20i7-QpzP_m8WvOleR_dZ7q5ycQ4egtq-WfeQL6hFfW9MTSPYqbsdhrncF6IMsKicHOczB4kJYC7BwBKLFgknSg2p3KU9PWg_av5Gn35vl-aP_jbSQzsmu23BHvibnMjE3ITN8KK0zJLCE6IVyILBxjkSg-FKGkaytDIjolrNJhME_h1ZN_7YNP2FI179o7InU44qC75rsvRBBe9K1T1vCFpvAq0S-9WVF-oDvRXrwj0TJC2AynHDMZYXiXzsQEmPZum1h-ITZpx_ADNXphuFoEX-JfkTtzLD87-7XBiHC7B4MPtwTAyCp_MTs51VbJWSV1TWS-6VmuA6dQF1D_UIkjaXlQ2acHOCsGLPzgmlkGNxgR0VPokJlLYgF-2PqrJCg1QPPKEBgKLyWKKnVEiFl9npHELoKUWq1OVPjdFPPsbijhf4XYOCi1NR3hMbZOziQBXGi2reNrWhqEhQbLfkSvLMd7JAVTitpOeWjvM_22XEDsSzV4lqbQi37oNbSTkO9hXhZH8582nf57Pp1yAVLjFeVloDQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://simcast.com/?d=rdr4trck.com&s=bone&sw=17&tr=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Oct 2020 07:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| trustedTypes function| $ function| jQuery object| OneSignal object| googletag function| include function| getParametersFromUrl function| getParameters function| forSaleBanner object| parameters object| ggeac object| google_js_reporting_queue function| myConfirm function| displayModal function| displayComment function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 3BaHXdVdMfU
.simcast.com/ Name: __gads
Value: ID=c32cac901311adef-22988c91feb800dc:T=1603005183:S=ALNI_Mb7gFFnno-Xbh3j9GpvkfqWG2NkQA
.youtube.com/ Name: YSC
Value: HYnKUpLJPz8
simcast.com/ Name: NB_SRVID
Value: srv8226217

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
berhilpress.info
cadet.parklogic.com
cd-down.com
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
dd4d2b8a10d07c5f58b4f3884645f7f7.safeframe.googlesyndication.com
gdmconvtrck.com
img-s-msn-com.akamaized.net
img2.smartsearch.me
img3.smartsearch.me
img4.smartsearch.me
pagead2.googlesyndication.com
riftv.net
securepubads.g.doubleclick.net
simcast.com
t.insigit.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.meetdate.xyz
www.rdr4trck.com
www.youtube.com
109.234.162.107
144.217.171.217
194.146.24.56
2001:4de0:ac19::1:b:1b
212.115.109.66
216.58.208.34
2600:3c02::f03c:91ff:fee2:5b0f
2606:4700::6811:4f6b
2606:4700::6812:e234
2a00:1450:4001:800::200e
2a00:1450:4001:802::2004
2a00:1450:4001:809::2001
2a00:1450:4001:819::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::2002
2a02:26f0:6c00::210:ba20
2a05:d018:483:6110:de04:6bd7:82f8:2d00
2a05:d018:483:6130:4b73:ac63:d9c0:5908
45.79.244.12
52.28.86.101
54.93.36.121
63.250.58.116
69.16.231.150
008be084745be312e68e5b6b3529e046be98dbb4e7d209926e60a4ec4d423936
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0865db941027b608fb3edd25259d5088c6124b0975b8f5ac7451aa2ecda80100
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e25165ee3a55d0aba43cf8e1e28bf031170dd758a1bb7fd143d676a6c49dcf9
14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70
19b1d6dd56343930c7bd22eaa903a4438ccc4a22a1624d288278cb68b2b64ea0
20d9780645e96c5273c4e1b6f46b94518dd9de586dbaf178f841c8151931e26a
2a51783bfa0de8c9daf0f0830a87b1c1490d9a7e8a604f89cb03b2fdf97e5dd3
3d43c5c052f80fbb450cbc9addd5d8d5a0886f6c4f60cda36b96db16989f9790
40685f972cc54e56f7d5bd69e75ff9c0d489c12bfbb22efc939729715fdb4c02
42fc936b173f9be34071e3426a44bde1b8badfd979f7d87cfd4c117f863b1362
4dd2ceb043515832862dcfcab7539b61f77adac0c14073b6fb467345116a1d3c
4fa728220ed04ef26d16c4c84ad13a48867ee55498ec5f753baf16179f1ce4a0
52f7679a6157f3fbbe5ec30d613e5ddd98121049d1bc60b890a8b32da7be8865
5662b89f962a7013fa42d2c134bc405379c6c319abed47f2c394254cb1a7ffa3
5c4fbbc23b5c4e11729357bd442db7f0f24076bd6fab6cee19605afc06c20176
6a2dbec1a367fc4e1c33dbaae1268daa467995128f60cb04ed5cf4102af03965
735ed4147bec7e788964ed2deec6b8e530af0b824c7cf3d1aea047a14e6ee7f8
75beb22a5b9ca13c921484119c5d004bfb9c96c3fb626efd4cc61e9bec1608af
7b9f135bfd64875cd432625a8203eef29fa4faf0de8827dc068f55ceb88cb6f1
7e4bd4fe2687430b61db24c492e7d606d28fc27cd8da552c5442383c9cc2fb5c
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
8e41f8444974e04d1309f0a0bd6da30ccbad2a721d519d59da7ea99c2c2b642c
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9288f4c00d54d3f3e04551b03d6c62a3fd3b23f5d1377a759ee07fb7f26c8e09
9c49b31d843207871ca2278fd2dc6eb557e04eb41c2eef70f7df82104bec9282
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a621d5da4efd50e409d2a96184d91b60e2bea76f4a1a98fad55262303e68c5f9
a6aba9e0d75c3fc91da5f41da302ecf845d2dc9937f41f57211f737cbbdf9bda
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
c63b049f72ef1f0ae5cd28334a6b7f66cd1a44fc4f2df74902a3c24c93e1355f
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cebb28a640e2744812d2cea441f419795b82f9890682bfd1b897769a1ff4f91f
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4
d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9
d6dc570ca5cb8f584dce75241aee186b6a20f22129bc3b1c3adf842fd196c682
db3ac21cce0257905e5a7d33149072073f02959515c15301c196ad2e83599430
ddfef2a4a3720d91fab6c3cd6b79caf36b4191409e8b7544557b0491ca757672
e267059a6f7c5d7f3470cfddf149965e56f578a98c06d8aca77ae422e8e6775f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca229c011b6215945fb0529f3fc7918bda94318069b8c74ed02cd570fe0443
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ecadd1dbe7da90b2c49973b1674562dc0814728a3ec9323be9736c1f7b956b23
f783b41bec7d99f1033609e173ef2a709d034f841d6efc878286330170f16f9b
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051