simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mx3.tpaypal.com/
Effective URL:
https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Submission Tags: @phishunt_io
Submission: On November 24 via api (November 24th 2024, 3:26:19 pm UTC) from DE — Scanned from DE

Summary HTTP 106 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 33 domains to perform 106 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is simcast.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 26th 2024. Valid for: a year.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.232.31.180 172.232.31.180	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	69.16.230.228 69.16.230.228	32244 (LIQUIDWEB) (LIQUIDWEB)
10	45.79.244.12 45.79.244.12	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	104.21.234.176 104.21.234.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2600:3c02:1::... 2600:3c02:1::2d4f:f4d1	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a02:26f0:350... 2a02:26f0:3500:10::210:a9d	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:237... 2600:9000:237d:f600:12:baaf:c600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	161.35.116.36 161.35.116.36	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.16.133.229 104.16.133.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	172.67.134.204 172.67.134.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2ae3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.122.63 18.66.122.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
4	34.107.217.107 34.107.217.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	54.160.172.25 54.160.172.25	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:ce00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	34.117.250.57 34.117.250.57	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	79.127.216.47 79.127.216.47	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
5	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.215.35.31 52.215.35.31	16509 (AMAZON-02) (AMAZON-02)
2	3.94.51.169 3.94.51.169	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
5	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	172.67.135.143 172.67.135.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
106	38

1 172.232.31.180 (Chicago, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: anchor02.parklogic.com

mx3.tpaypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.230.228 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb05.parklogic.com

ww99.tpaypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 45.79.244.12 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-244-12.ip.linodeusercontent.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.176 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:3c02:1::2d4f:f4d1 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

parking3.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:26f0:3500:10::210:a9d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:f600:12:baaf:c600:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jscaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.35.116.36 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture3.analytics.hbwrapper

cat3.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.133.229 (None, )

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.134.204 (United States)

ASN13335 (CLOUDFLARENET, US)

ipua.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2ae3 (United States)

ASN13335 (CLOUDFLARENET, US)

wrapperconsole.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net

p.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.217.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.217.107.34.bc.googleusercontent.com

static.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aegis.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.160.172.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-172-25.compute-1.amazonaws.com

p2.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ce00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.250.57 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 57.250.117.34.bc.googleusercontent.com

material.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.127.216.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-79-127-216-47.datapacket.com

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.35.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-35-31.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.94.51.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-51-169.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

de.vour.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.135.143 (United States)

ASN13335 (CLOUDFLARENET, US)

algenid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	akamaized.net img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 177	252 KB
10	simcast.com simcast.com	103 KB
8	anonymised.io static.anonymised.io — Cisco Umbrella Rank: 13869 material.anonymised.io — Cisco Umbrella Rank: 13604 aegis.anonymised.io — Cisco Umbrella Rank: 13944	38 KB
5	vour.io de.vour.io — Cisco Umbrella Rank: 137700	3 KB
5	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1519 a.ad.gt — Cisco Umbrella Rank: 1619	9 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	196 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695	214 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	21 KB
3	gcprivacy.com p.gcprivacy.com — Cisco Umbrella Rank: 18519 p2.gcprivacy.com — Cisco Umbrella Rank: 18150	19 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	276 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225 cloudflare.com — Cisco Umbrella Rank: 80	5 KB
3	tpaypal.com 1 redirects mx3.tpaypal.com ww99.tpaypal.com	2 KB
2	algenid.com algenid.com — Cisco Umbrella Rank: 165675	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	2 KB
2	liadm.com idx.liadm.com — Cisco Umbrella Rank: 1368	367 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	8 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel.quantserve.com — Cisco Umbrella Rank: 1059	10 KB
2	ipua.io ipua.io — Cisco Umbrella Rank: 146868	2 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	185 KB
2	parklogic.com parking3.parklogic.com — Cisco Umbrella Rank: 129805	2 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2708	314 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1791	12 KB
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 1660	266 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	633 B
1	digitaloceanspaces.com wrapperconsole.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 23266
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	1 KB
1	hbwrapper.com cat3.hbwrapper.com — Cisco Umbrella Rank: 22492	293 B
1	jscaddy.com cdn.jscaddy.com — Cisco Umbrella Rank: 100904	17 KB
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 23360	160 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	30 KB
0	rlcdn.com Failed api.rlcdn.com Failed
106	33

	Domain	Requested by
25	img-s-msn-com.akamaized.net	simcast.com
10	simcast.com	ww99.tpaypal.com simcast.com code.jquery.com
5	de.vour.io	cdn.jscaddy.com
5	pagead2.googlesyndication.com	simcast.com pagead2.googlesyndication.com
4	material.anonymised.io	static.anonymised.io
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	id.hadron.ad.gt	p.gcprivacy.com cdn.hadronid.net
3	www.googletagmanager.com	simcast.com cdn.adapex.io www.googletagmanager.com
2	algenid.com	cdn.jscaddy.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	ib.adnxs.com	2 redirects
2	idx.liadm.com	cdn.adapex.io
2	a.ad.gt	p.gcprivacy.com cdn.hadronid.net
2	fonts.googleapis.com	client
2	aegis.anonymised.io	static.anonymised.io
2	p2.gcprivacy.com	p.gcprivacy.com simcast.com
2	static.anonymised.io	www.googletagmanager.com static.anonymised.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ipua.io	cdn.jscaddy.com
2	securepubads.g.doubleclick.net	cdn.adapex.io securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	simcast.com
2	parking3.parklogic.com	simcast.com parking3.parklogic.com
2	ww99.tpaypal.com	ww99.tpaypal.com
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	fonts.gstatic.com	simcast.com
1	id.crwdcntrl.net	p.gcprivacy.com
1	cdn.hadronid.net	p.gcprivacy.com
1	id.a-mx.com	p.gcprivacy.com
1	pixel.quantserve.com	simcast.com
1	rules.quantcount.com	secure.quantserve.com
1	region1.google-analytics.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	p.gcprivacy.com	cdn.adapex.io
1	wrapperconsole.nyc3.cdn.digitaloceanspaces.com	cdn.adapex.io
1	cdn.jsdelivr.net	cdn.adapex.io
1	cloudflare.com	cdn.adapex.io
1	cat3.hbwrapper.com	cdn.adapex.io
1	cdn.jscaddy.com	parking3.parklogic.com
1	cdn.adapex.io	simcast.com
1	code.jquery.com	simcast.com
1	mx3.tpaypal.com	1 redirects
0	api.rlcdn.com Failed	cdn.adapex.io
106	42

This site contains no links.

Subject Issuer	Validity	Valid
ww99.tpaypal.com R10	`2024-11-14` - `2025-02-12`	3 months	crt.sh
*.simcast.com Sectigo RSA Domain Validation Secure Server CA	`2024-08-26` - `2025-08-29`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
adapex.io WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.parklogic.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-20` - `2025-02-19`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdn.jscaddy.com Amazon RSA 2048 M02	`2024-09-27` - `2025-10-27`	a year	crt.sh
cat3.hbwrapper.com R11	`2024-11-06` - `2025-02-04`	3 months	crt.sh
cloudflare.com WE1	`2024-10-10` - `2025-01-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
ipua.io WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-20` - `2025-05-07`	a year	crt.sh
*.gcprivacy.com Amazon RSA 2048 M02	`2024-10-03` - `2025-11-01`	a year	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
anonymised.io WR3	`2024-10-28` - `2025-01-26`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2024-11-11` - `2025-12-11`	a year	crt.sh
id.hadron.ad.gt WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
hadronid.net WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
a.ad.gt WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M03	`2024-09-08` - `2025-10-08`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2024-07-31` - `2025-08-29`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
vour.io WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
algenid.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Frame ID: 74B6CF26D7B5C7CD1ACD5C75D98C36C8
Requests: 95 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 63A9395B84173BC88A9BBF14836498C6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&abgtt=1&lmt=1732461974&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732461973992&bpp=2&bdt=607&idt=150&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2808331209367&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088250%2C95345966%2C95347755&oid=2&pvsid=130273901582199&tmod=2123175740&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fww99.tpaypal.com%2F&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=164
Frame ID: C10D53FA35624B9F3C7AB03182E9B14A
Requests: 1 HTTP requests in this frame

Frame: https://wrapperconsole.nyc3.cdn.digitaloceanspaces.com/cookiesEnabled.html
Frame ID: 33A5F040DB89371A6747045953D66A60
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 6F8FEAD26A35D742D1BA56A1B0C60307
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

https://mx3.tpaypal.com/ HTTP 302
http://ww99.tpaypal.com/ HTTP 307
https://ww99.tpaypal.com/ Page URL
https://ww99.tpaypal.com/page/bouncy.php?&bpae=GbhGdysnYk17jkt2PJtks4W03lLuejGoKUs1NISnKzHX6OmgKlUib7... Page URL
https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

106
Requests

97 %
HTTPS

41 %
IPv6

33
Domains

42
Subdomains

38
IPs

5
Countries

1635 kB
Transfer

5266 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mx3.tpaypal.com/ HTTP 302
http://ww99.tpaypal.com/ HTTP 307
https://ww99.tpaypal.com/ Page URL
https://ww99.tpaypal.com/page/bouncy.php?&bpae=GbhGdysnYk17jkt2PJtks4W03lLuejGoKUs1NISnKzHX6OmgKlUib76r%2Bo%2BUnKyYoiSIiI3sawGm9MKaOHwGuoWLSCmaH%2B7bEH1JvoDVnN7hUM%2BCVjm7PtWWwSQLoSHyY4CsF4gT2Rw0IZ6xzpMBHu8eoOIcd5Juh2%2FlDaT12kSamz7fh%2B%2FA%2BOkUq0yhbSa6XTYSe6q5xBPKABUuFTjcLNBcGZpSHHw5rzB6bazMvuwg%2F1jLKC1CCIR3AK%2FrBT47qOMvLSF0w1z2dihg4M1lBhdPL1vUPTkjUPZviJiSUzbaa6bPW3BVmiGoa0VBnQJ3l%2BipgwPgBF%2BXadeK4Cuu8FgONx3kT0q5fO%2FaiOuz5VhvHlI5CWfOnTLv3n431AQ75LQTP7WQszzLQ8JOMF78ljY%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://mx3.tpaypal.com/ HTTP 302
http://ww99.tpaypal.com/ HTTP 307
https://ww99.tpaypal.com/

Request Chain 83

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fpid%3D6CP1D%26id%3D%24UID%26gcid%3D4617849a-e7eb-4aff-be32-0377f6436614 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fpid%253D6CP1D%2526id%253D%2524UID%2526gcid%253D4617849a-e7eb-4aff-be32-0377f6436614 HTTP 302
https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=3683510204239054061&gcid=4617849a-e7eb-4aff-be32-0377f6436614

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ww99.tpaypal.com/
Redirect Chain

https://mx3.tpaypal.com/
http://ww99.tpaypal.com/
https://ww99.tpaypal.com/

2 KB
837 B

572ms
177ms

Document
text/html

69.16.230.228
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ww99.tpaypal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.230.228 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb05.parklogic.com
Software: openresty / PHP/5.4.16
Resource Hash: 8ee428745c486f2950588ab883e4b665b995ecfc5ddf870ecc17e06042d4f352

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sun, 24 Nov 2024 15:26:11 GMT
pragma: no-cache
server: openresty
x-powered-by: PHP/5.4.16

Redirect headers

Location: https://ww99.tpaypal.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bouncy.php Show response
ww99.tpaypal.com/page/ 688 B
457 B 156ms
156ms Document
text/html 69.16.230.228
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ww99.tpaypal.com/page/bouncy.php?&bpae=GbhGdysnYk17jkt2PJtks4W03lLuejGoKUs1NISnKzHX6OmgKlUib76r%2Bo%2BUnKyYoiSIiI3sawGm9MKaOHwGuoWLSCmaH%2B7bEH1JvoDVnN7hUM%2BCVjm7PtWWwSQLoSHyY4CsF4gT2Rw0IZ6xzpMBHu8eoOIcd5Juh2%2FlDaT12kSamz7fh%2B%2FA%2BOkUq0yhbSa6XTYSe6q5xBPKABUuFTjcLNBcGZpSHHw5rzB6bazMvuwg%2F1jLKC1CCIR3AK%2FrBT47qOMvLSF0w1z2dihg4M1lBhdPL1vUPTkjUPZviJiSUzbaa6bPW3BVmiGoa0VBnQJ3l%2BipgwPgBF%2BXadeK4Cuu8FgONx3kT0q5fO%2FaiOuz5VhvHlI5CWfOnTLv3n431AQ75LQTP7WQszzLQ8JOMF78ljY%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: ww99.tpaypal.com
URL: https://ww99.tpaypal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.230.228 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb05.parklogic.com
Software: openresty / PHP/5.4.16
Resource Hash: a181bf0df8378ec2ec627ffc24ccb055129fd5986f3764cd03804820c4cff679

Request headers

Referer: https://ww99.tpaypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sun, 24 Nov 2024 15:26:11 GMT
pragma: no-cache
server: openresty
x-powered-by: PHP/5.4.16

GET
H/1.1 200
OK Primary Request / Show response
simcast.com/ 37 KB
7 KB 1495ms
1165ms Document
text/html 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Requested by: Host: ww99.tpaypal.com
URL: https://ww99.tpaypal.com/page/bouncy.php?&bpae=GbhGdysnYk17jkt2PJtks4W03lLuejGoKUs1NISnKzHX6OmgKlUib76r%2Bo%2BUnKyYoiSIiI3sawGm9MKaOHwGuoWLSCmaH%2B7bEH1JvoDVnN7hUM%2BCVjm7PtWWwSQLoSHyY4CsF4gT2Rw0IZ6xzpMBHu8eoOIcd5Juh2%2FlDaT12kSamz7fh%2B%2FA%2BOkUq0yhbSa6XTYSe6q5xBPKABUuFTjcLNBcGZpSHHw5rzB6bazMvuwg%2F1jLKC1CCIR3AK%2FrBT47qOMvLSF0w1z2dihg4M1lBhdPL1vUPTkjUPZviJiSUzbaa6bPW3BVmiGoa0VBnQJ3l%2BipgwPgBF%2BXadeK4Cuu8FgONx3kT0q5fO%2FaiOuz5VhvHlI5CWfOnTLv3n431AQ75LQTP7WQszzLQ8JOMF78ljY%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: fdfb87bb5a0d976bd9df5f9bb4a1af49d04643ebd331dca4ec732fd1170d303d

Request headers

Referer: https://ww99.tpaypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
connection: Upgrade
content-encoding: gzip
content-length: 7014
content-type: text/html; charset=UTF-8
date: Sun, 24 Nov 2024 15:26:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.38 (Debian)
upgrade: h2
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 124ms
38ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://simcast.com
Referer: https://simcast.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15851"
age: 2764265
x-cache: HIT, HIT
date: Sun, 24 Nov 2024 15:26:13 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 18, 43064
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21965-LGA, cache-cph2320047-CPH
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1732461973.489672,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30638
server: nginx

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 20 KB
4 KB 397ms
133ms Stylesheet
text/css 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "5101-5d2abe6bdeb00-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 4273
date: Sun, 24 Nov 2024 15:26:13 GMT
last-modified: Thu, 09 Dec 2021 00:43:56 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: text/css

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 399ms
136ms Stylesheet
text/css 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "daa3-5d2a935d4d580-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 12209
date: Sun, 24 Nov 2024 15:26:13 GMT
last-modified: Wed, 08 Dec 2021 21:31:18 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: text/css

GET
H/1.1 200
OK lib.js Show response
simcast.com/templates/simcast/js/ 856 B
787 B 399ms
134ms Script
application/javascript 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/js/lib.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "358-5d39fa3726fc0-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 459
date: Sun, 24 Nov 2024 15:26:13 GMT
last-modified: Tue, 21 Dec 2021 03:31:19 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: application/javascript

GET
H3 200 aaw.simcast.js Show response
cdn.adapex.io/hb/ 503 KB
160 KB 100ms
50ms Script
application/javascript 104.21.234.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.simcast.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ce839443663b7bfdeef77df8844d8fc20b29d22050d8b6296fd1ecb287b4d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c3f1d-7dafb"
age: 28001
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iq8%2FpwEjm9gpwKDp%2BduH%2BeuAeGnSShZ71CChsUEPL3ISDjuhYGpFpL%2FijrKDxy%2BfKi970iDAs1H55XO5CTwf9miL3ESL3D%2FUoPPrT2mXFWyZejqy8JyDj%2BMAZYojuvFT"}],"group":"cf-nel","max_age":604800}
expires: Mon, 25 Nov 2024 07:33:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36970&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4114&recv_bytes=4234&delivery_rate=88839&cwnd=12000&unsent_bytes=0&cid=44508249987396b7&ts=53&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:26:13 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 07:32:45 GMT
vary: Accept-Encoding
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a6a88afa9d22a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 151ms
63ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9024866824dfa86ceb277934accb6e09cf2ee8dfb3c83af27443459d1794a50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 650777818638507049
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 15:26:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 24 Nov 2024 15:26:13 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53312
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 400ms
134ms Image
image/png 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Response headers

upgrade: h2
etag: "527-5d2abf11cf280"
connection: Upgrade
accept-ranges: bytes
content-length: 1319
date: Sun, 24 Nov 2024 15:26:13 GMT
last-modified: Thu, 09 Dec 2021 00:46:50 GMT
content-type: image/png
server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK enhance.js Show response
parking3.parklogic.com/page/ 2 KB
2 KB 395ms
130ms Script
text/javascript 2600:3c02:1::2d4f:f4d1
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://parking3.parklogic.com/page/enhance.js?pcId=56&domain=tpaypal.com
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c02:1::2d4f:f4d1 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: a30ace517bd81f23557305075a2f161abeb03e9447d5a6bc68dbaf7f4c58ffbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

transfer-encoding: chunked
date: Sun, 24 Nov 2024 15:26:13 GMT
content-type: text/javascript;charset=UTF-8
x-powered-by: PHP/5.5.38
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
connection: close

GET
H3 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 90ms
47ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-1359"
age: 946499
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xicU9bVklrDOoboiqC09vm8D79t8Io%2F4K%2FVl0RV2zkNWjbmqmtp8w6vMoNR4BSkEyQZ%2FifTfFE33geSFhUDsVZho0vRtjg8H%2B%2BVuVKbZIz133JtiwxPGF8LiiuaLkc4s6qmFTIcj"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 15:26:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 24 Nov 2024 15:26:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e7a6a8889b0bb67-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1399
server: cloudflare

GET
H3 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 85ms
47ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-c81"
age: 417829
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8mh%2Fb%2BdOXB6XA%2FYL35b9VDTQF8UxQgoFbyWkWCLVy9YWP%2Bm1XvKoOY%2BPc1CI03RbwC9MbHj6JPaxwRcBMG3nmKY%2BKPYIMdMJZ0b8x4GFfEyLFHPHIKHK3GGm5ghYJ%2FZt%2B41%2FI6u"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 15:26:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 24 Nov 2024 15:26:13 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e7a6a8889afbb67-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1541
server: cloudflare

GET
H/1.1 200
OK modal.css
simcast.com/widgets/modal/ 992 B
666 B 387ms
129ms Stylesheet
text/css 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/modal/modal.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "3e0-5d2ab305a0600-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 352
date: Sun, 24 Nov 2024 15:26:14 GMT
last-modified: Wed, 08 Dec 2021 23:52:56 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: text/css

GET
H2 200 AA1uxycr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 150ms
44ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uxycr.img?h=100&w=100&x=1024&y=576&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

9cd711bc6467adfd84700127f93c290153fac067d82f8e6ba1d2746b5c1d1065

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: ba5373d1-1f5f-48ca-a7fb-8dc9b0a6c4cc
cache-control: public, max-age=313369
timing-allow-origin: *
x-datacenter: eastap
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uxycr?h=100&w=100&x=1024&y=576&m=5
expires: Thu, 28 Nov 2024 06:29:02 GMT
access-control-allow-origin: *
x-source-length: 43589
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 06:30:02 GMT
x-frame-options: DENY

GET
H2 200 AA1suUlj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 6 KB
6 KB 144ms
38ms Image
image/png 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1suUlj.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

2479d0a1af167421b3ae5b7e7ecb4eea1689c00df5950c6ed6da8a792668b2da

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 8ee1552a-ad74-4d06-b3ef-e07503d4b769
cache-control: public, max-age=400112
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1suUlj
expires: Fri, 29 Nov 2024 06:34:45 GMT
access-control-allow-origin: *
x-source-length: 5774
content-length: 5774
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Tue, 19 Nov 2024 18:36:06 GMT
x-frame-options: DENY

GET
H2 200 AA1uEkjg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 146ms
41ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uEkjg.img?h=100&w=100&x=944&y=266&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

57cc9b842957122089ecf222243791d6faf6dd1202a30e4a15244f54e96cfafd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: c333cf00-b14c-4f4e-b4a5-b0da733ff582
cache-control: public, max-age=423448
timing-allow-origin: *
x-datacenter: eastap
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uEkjg?h=100&w=100&x=944&y=266&m=5
expires: Fri, 29 Nov 2024 13:03:41 GMT
access-control-allow-origin: *
x-source-length: 155574
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 13:02:19 GMT
x-frame-options: DENY

GET
H2 200 BBZbaoj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 351 B
653 B 145ms
39ms Image
image/png 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: d8b006dc-79c8-4e5b-9fb8-86df40da2477
cache-control: public, max-age=382798
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/BBZbaoj
expires: Fri, 29 Nov 2024 01:46:11 GMT
access-control-allow-origin: *
x-source-length: 351
content-length: 351
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Tue, 19 Nov 2024 13:44:58 GMT
x-frame-options: DENY

GET
H2 200 AA1uDQxb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 8 KB
8 KB 148ms
45ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uDQxb.img?h=100&w=100&x=390&y=186.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

64fff61e8913bd861cd4b7ac24de12d6dc1a863588f06c0d6a85bbe06f91456a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 69c10045-be1d-41b4-abc9-353c608c3a7d
cache-control: public, max-age=396092
timing-allow-origin: *
x-datacenter: eastap
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uDQxb?h=100&w=100&x=390&y=186.5&m=5
expires: Fri, 29 Nov 2024 05:27:45 GMT
access-control-allow-origin: *
x-source-length: 105945
content-length: 8192
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 05:27:03 GMT
x-frame-options: DENY

GET
H2 200 AAzjSw3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 65ms
43ms Image
image/png 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzjSw3.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: ac65db43-2886-4417-8e08-f8506d8da731
cache-control: public, max-age=50145
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AAzjSw3
expires: Mon, 25 Nov 2024 05:21:58 GMT
access-control-allow-origin: *
x-source-length: 3247
content-length: 3247
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Fri, 15 Nov 2024 17:21:58 GMT
x-frame-options: deny

GET
H2 200 AA1uqvs3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 46ms
40ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uqvs3.img?h=100&w=100&x=600&y=400&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

bd09711da5ac9ffcea07268136b0ef23f929e2b268d178961d23d739906ad0d1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 41855bf7-4344-4b91-a2c8-65d74bb9c0eb
cache-control: public, max-age=379107
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uqvs3?h=100&w=100&x=600&y=400&m=5
expires: Fri, 29 Nov 2024 00:44:40 GMT
access-control-allow-origin: *
x-source-length: 520056
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 00:44:25 GMT
x-frame-options: deny

GET
H2 200 AA1fZKnL.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 8 KB
8 KB 44ms
38ms Image
image/png 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1fZKnL.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

eb2bd4808264f978639b4d45fcfc11c203686fda2e55098192568315c6eec3a8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 3c385b8e-ab3c-4df5-8cc8-7cd2b4dc8d28
cache-control: public, max-age=290461
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1fZKnL
expires: Thu, 28 Nov 2024 00:07:14 GMT
access-control-allow-origin: *
x-source-length: 8017
content-length: 8017
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
last-modified: Mon, 18 Nov 2024 12:06:53 GMT
content-type: image/png
x-frame-options: deny

GET
H2 200 AA1uERNf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 47ms
42ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uERNf.img?h=100&w=100&x=1009&y=597&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

143214083fd66f15ab9165a50e3bfeaa129e01ad4a756c01e4c639e4b18c125f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 1a0b8b1b-6551-455e-8e20-fb15f789aaf6
cache-control: public, max-age=422008
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uERNf?h=100&w=100&x=1009&y=597&m=5
expires: Fri, 29 Nov 2024 12:39:41 GMT
access-control-allow-origin: *
x-source-length: 170743
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 12:39:25 GMT
x-frame-options: deny

GET
H2 200 AA1uC3uQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 64 KB
64 KB 53ms
47ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uC3uQ.img?h=500&w=1000&x=479.5&y=441.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

8a289a9e7fc2dac35019fb3e01c5a54ed0eb2d5ea43161e3fab0305431440576

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: f72c1173-fdd2-449d-a655-1bb408284e01
cache-control: public, max-age=335473
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uC3uQ?h=500&w=1000&x=479.5&y=441.5&m=2
expires: Thu, 28 Nov 2024 12:37:26 GMT
access-control-allow-origin: *
x-source-length: 132792
content-length: 65536
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 12:37:32 GMT
x-frame-options: deny

GET
H2 200 AA1uuFOX.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 93ms
87ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uuFOX.img?h=70&w=95&x=773&y=405.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

2ece6c759129924d603174b53bbdf9f5a3933e644e516964587e2350c677ce6b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 94319c12-853c-4e5b-93be-cb127a425b8d
cache-control: public, max-age=163470
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uuFOX?h=70&w=95&x=773&y=405.5&m=5
expires: Tue, 26 Nov 2024 12:50:43 GMT
access-control-allow-origin: *
x-source-length: 322347
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 21 Nov 2024 12:50:53 GMT
x-frame-options: DENY

GET
H2 200 BB1iAO7e.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 53ms
48ms Image
image/png 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1iAO7e.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

0016932bbb3f975043c429925776722d1ea1648e02796901bb810d23d9bf2e68

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: e988f763-c15b-41d8-818e-ee8413584c12
cache-control: public, max-age=263618
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/BB1iAO7e
expires: Wed, 27 Nov 2024 16:39:51 GMT
access-control-allow-origin: *
x-source-length: 1856
content-length: 1856
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
last-modified: Fri, 22 Nov 2024 16:40:10 GMT
content-type: image/png
x-frame-options: DENY

GET
H2 200 AA1uEZih.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 48ms
42ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uEZih.img?h=70&w=95&x=468&y=384&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

ea594a4b68b85d178312b7334a7fac124e21b1905d6e9792be0eb5a4693640f1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 6ca90dc7-f706-41b5-9a7c-46c018928fe3
cache-control: public, max-age=425700
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uEZih?h=70&w=95&x=468&y=384&m=5
expires: Fri, 29 Nov 2024 13:41:13 GMT
access-control-allow-origin: *
x-source-length: 82505
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 13:40:44 GMT
x-frame-options: DENY

GET
H2 200 BBs47TE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 745 B
1 KB 49ms
43ms Image
image/png 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBs47TE.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

abaab2cba237aa106298f6fbba0f540da1e0f943171b14d50e74776696168ec0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 2f74434d-2a2a-4674-b9c8-8640fe794303
cache-control: public, max-age=49898
timing-allow-origin: *
x-datacenter: northeu
content-location: https://img.s-msn.com/tenant/amp/entityid/BBs47TE
expires: Mon, 25 Nov 2024 05:17:51 GMT
access-control-allow-origin: *
x-source-length: 745
content-length: 745
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Fri, 15 Nov 2024 17:18:58 GMT
x-frame-options: deny

GET
H2 200 AA1uF7DC.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 94ms
88ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uF7DC.img?h=70&w=95&x=539&y=175&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

5bc2752dec59105f95d2f76190c4c57635bb8fb59165b3f1d655f34263f2ec31

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 856666f8-c29c-4992-9dbf-29971368318a
cache-control: public, max-age=429816
timing-allow-origin: *
x-datacenter: northeu
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uF7DC?h=70&w=95&x=539&y=175&m=5
expires: Fri, 29 Nov 2024 14:49:49 GMT
access-control-allow-origin: *
x-source-length: 184568
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 14:50:30 GMT
x-frame-options: deny

GET
H2 200 AA1uEkjg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 50ms
44ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uEkjg.img?h=70&w=95&x=944&y=266&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

8261cc5cb0a8936426baf6a34ca198d773cf6f5a1dfe8bec8756cc2879bfe18a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 19beb36b-7b49-4c3c-aa13-e9bed286782b
cache-control: public, max-age=421741
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uEkjg?h=70&w=95&x=944&y=266&m=5
expires: Fri, 29 Nov 2024 12:35:14 GMT
access-control-allow-origin: *
x-source-length: 155574
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 12:35:08 GMT
x-frame-options: DENY

GET
H2 200 AA1uxycr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 90ms
85ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uxycr.img?h=70&w=95&x=1024&y=576&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

0f29482e5140c56e72ec9c5489e9becc880e1e4499e96d84126ad8e9e5909bd4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 4e139c8b-179e-4bad-8376-63ebba97002d
cache-control: public, max-age=330196
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uxycr?h=70&w=95&x=1024&y=576&m=5
expires: Thu, 28 Nov 2024 11:09:29 GMT
access-control-allow-origin: *
x-source-length: 43589
content-length: 2048
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 11:09:22 GMT
x-frame-options: deny

GET
H2 200 AA1uF3Yb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 51ms
45ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uF3Yb.img?h=70&w=95&x=390&y=186.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

6f37e69e697028230c06d74a08a21b9a2e9dd39f3500137b958ab47b1276671a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: c6aa8ae0-c93b-4ce4-833d-b09a23fbb90a
cache-control: public, max-age=430681
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uF3Yb?h=70&w=95&x=390&y=186.5&m=5
expires: Fri, 29 Nov 2024 15:04:14 GMT
access-control-allow-origin: *
x-source-length: 18947
content-length: 2048
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 15:04:26 GMT
x-frame-options: deny

GET
H2 200 AA1urGPb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 46ms
41ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1urGPb.img?h=70&w=95&x=300&y=169&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

3b1c2810a6bc181572d52816b836fb77c30ba4319f6600d07d704eb373b4d8ba

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 2aaedb7b-b5f3-4136-80f4-9cee5677b1a3
cache-control: public, max-age=406988
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1urGPb?h=70&w=95&x=300&y=169&m=5
expires: Fri, 29 Nov 2024 08:29:21 GMT
access-control-allow-origin: *
x-source-length: 22373
content-length: 2048
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 08:27:52 GMT
x-frame-options: deny

GET
H2 200 AA1g51ID.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 6 KB
6 KB 52ms
47ms Image
image/png 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1g51ID.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

c19397608305167cd3b70dc22f62c99eb6426fa9f7bf10b86f01085847982f8b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 44cc4b36-788f-4662-9e2d-58f14f8f1c3d
cache-control: public, max-age=238591
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1g51ID
expires: Wed, 27 Nov 2024 09:42:44 GMT
access-control-allow-origin: *
x-source-length: 6281
content-length: 6281
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Fri, 22 Nov 2024 09:42:03 GMT
x-frame-options: deny

GET
H2 200 AA1uERNf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 91ms
86ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uERNf.img?h=70&w=95&x=1009&y=597&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

f3473c71aef970949d40ce36bf09784061224a58db9481aef59c3e2658fbeba3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: dceafd1c-fe22-4d7c-82bc-f77314eb6b36
cache-control: public, max-age=422605
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uERNf?h=70&w=95&x=1009&y=597&m=5
expires: Fri, 29 Nov 2024 12:49:38 GMT
access-control-allow-origin: *
x-source-length: 170743
content-length: 4096
date: Sun, 24 Nov 2024 15:26:13 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 12:50:13 GMT
x-frame-options: DENY

GET
H2 200 AA1uE0IR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 95ms
90ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uE0IR.img?h=70&w=95&x=614.5&y=234.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

eca3c746bf0054c0d4de77f40dbbd84746a258bc5d1fbf614a705af8c4de5f18

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 2a21420d-b2d2-4fb0-ac65-f3b2bd34e815
cache-control: public, max-age=401063
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uE0IR?h=70&w=95&x=614.5&y=234.5&m=5
expires: Fri, 29 Nov 2024 06:50:37 GMT
access-control-allow-origin: *
x-source-length: 1567841
content-length: 4096
date: Sun, 24 Nov 2024 15:26:14 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 06:51:49 GMT
x-frame-options: deny

GET
H2 200 BB1nxqOY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 5 KB
5 KB 96ms
91ms Image
image/png 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1nxqOY.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

3df35d35bc9f3c4902ecc4404810e0bbdafbeb2b3379bfc6849a85b2f927e4ed

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 16db9b4d-1b67-46bb-8de0-6d48b6700a30
cache-control: public, max-age=54274
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/BB1nxqOY
expires: Mon, 25 Nov 2024 06:30:48 GMT
access-control-allow-origin: *
x-source-length: 5098
content-length: 5098
date: Sun, 24 Nov 2024 15:26:14 GMT
x-resizerversion: 1.0
last-modified: Fri, 01 Nov 2024 17:04:27 GMT
content-type: image/png
x-frame-options: DENY

GET
H2 200 AA1uFeOL.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 64 KB
64 KB 103ms
97ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uFeOL.img?h=300&w=400&x=440&y=147.5&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

c23d575a52811839e293f5f6c1558b408ae9482f8524d3b65060868fd4055ca3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: b570a9b5-041c-4985-9ee0-61a6367a5d33
cache-control: public, max-age=430871
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uFeOL?h=300&w=400&x=440&y=147.5&m=2
expires: Fri, 29 Nov 2024 15:07:25 GMT
access-control-allow-origin: *
x-source-length: 48900
content-length: 65536
date: Sun, 24 Nov 2024 15:26:14 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 15:07:59 GMT
x-frame-options: DENY

GET
H2 200 AA1uEqD6.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 32 KB
32 KB 97ms
92ms Image
image/jpeg 2a02:26f0:3500:10::210:a9d
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uEqD6.img?h=300&w=400&x=2808&y=1686&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

55525ea69603b140e951f2674976ea51142cd1946dcd3c3f1e080250f797a295

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: f2942f50-69a7-4b37-a812-7c67fc46905c
cache-control: public, max-age=418163
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uEqD6?h=300&w=400&x=2808&y=1686&m=2
expires: Fri, 29 Nov 2024 11:35:37 GMT
access-control-allow-origin: *
x-source-length: 1261602
content-length: 32768
date: Sun, 24 Nov 2024 15:26:14 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Sun, 24 Nov 2024 11:35:09 GMT
x-frame-options: DENY

GET
H/1.1 200
OK gdpr.css
simcast.com/widgets/gdpr/ 799 B
665 B 394ms
130ms Stylesheet
text/css 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/gdpr/gdpr.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "31f-5d2ab2d5f1580-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 351
date: Sun, 24 Nov 2024 15:26:14 GMT
last-modified: Wed, 08 Dec 2021 23:52:06 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 140ms
52ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f595e3eefe504b3559ef42ba374eed5ac8ad1f6ee909f9d855ff14d163f7f5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 24 Nov 2024 15:26:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 24 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81475
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK scribe.php Show response
parking3.parklogic.com/page/ 46 B
319 B 388ms
130ms Fetch
text/html 2600:3c02:1::2d4f:f4d1
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://parking3.parklogic.com/page/scribe.php?pcId=56&domain=tpaypal.com&pId=1497&usid=null&utid=null&query=null&domainJs=simcast.com&path=/&ss=true&lp=1
Requested by: Host: parking3.parklogic.com
URL: https://parking3.parklogic.com/page/enhance.js?pcId=56&domain=tpaypal.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c02:1::2d4f:f4d1 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: 9b15df1e782ff406f68da34a865f5e01adebe41ba87ab265ba159faec6a0d3ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

transfer-encoding: chunked
access-control-allow-origin: *
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/html;charset=UTF-8
x-powered-by: PHP/5.5.38
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
connection: close

GET
H2 200 qk8xlw7c.js Show response
cdn.jscaddy.com/js/v1/IejqY0xxsskg4LKL1MzZaKy7PkxiVlsq/ 50 KB
17 KB 160ms
49ms Script
application/javascript 2600:9000:237d:f600:12:baaf:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jscaddy.com/js/v1/IejqY0xxsskg4LKL1MzZaKy7PkxiVlsq/qk8xlw7c.js
Requested by: Host: parking3.parklogic.com
URL: https://parking3.parklogic.com/page/enhance.js?pcId=56&domain=tpaypal.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:f600:12:baaf:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 675bccf4569f9262943c70fe1d5e6d29c6d260f4c9889e842a2efee6b845f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-amz-cf-pop: MUC50-P2
content-encoding: gzip
etag: W/"99fdec0cb92ddd2c0bd7550a90259a0f"
age: 38118
via: 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ZYsmOse1AIRNfZkaPd_2KabA_Mmf8_EzHk5bGGYWQH0VD_FjqpP_hg==
date: Sun, 24 Nov 2024 05:13:38 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Thu, 14 Nov 2024 12:49:52 GMT
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 74 KB
74 KB 508ms
258ms Font
font/woff2 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://simcast.com
Referer: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css

Response headers

upgrade: h2
etag: "126b0-5d2a938b14180"
connection: Upgrade
accept-ranges: bytes
content-length: 75440
date: Sun, 24 Nov 2024 15:26:14 GMT
last-modified: Wed, 08 Dec 2021 21:32:06 GMT
content-type: font/woff2
server: Apache/2.4.38 (Debian)

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 434 KB
144 KB 87ms
86ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ea72fcb3c311f0ec3f612d617520b4ecd371071c5cb272e127cbf5280b7b57af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 14562269818107774981
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 15:26:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147668
x-xss-protection: 0
server: cafe

POST
H/1.1 200
OK / Show response
cat3.hbwrapper.com/ 15 B
293 B 343ms
109ms Fetch
text/html 161.35.116.36
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat3.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.116.36 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture3.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://simcast.com/

Response headers

Connection: Keep-Alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://simcast.com
Content-Length: 15
Keep-Alive: timeout=5, max=100
Date: Sun, 24 Nov 2024 15:26:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache

GET
H3 200 trace Show response
cloudflare.com/cdn-cgi/ 305 B
410 B 85ms
38ms Fetch
text/plain 104.16.133.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.133.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee4de3cfdaff482382d8925776e749f6bc9a5e44e3c7e8526aeeef101fd86a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://simcast.com/

Response headers

cache-control: no-cache
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 8e7a6a8a48a0e509-TXL
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: *
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/plain
server: cloudflare
x-frame-options: DENY

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
33 KB 143ms
60ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9f7d9ffcabf4cc97ef06e9d47115084765d9747fe1afff04e9fd77eaf4ece89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 655 / 20051 / m202411180101 / config-hash: 79477889192541496
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 15:26:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33913
x-xss-protection: 0
server: cafe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 385 KB
99 KB 94ms
94ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ae7b04820dfa9e8ae0f4f82e1488e9f31a06e9830c002f55d7d178e79b3d0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 24 Nov 2024 15:26:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 24 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101291
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 126ms
37ms Fetch
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

56b293cfee8b30afb93d305cfb9ccc8ee91918a1bd3d32d03cd0ad9571b18c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://simcast.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"636-bsXTZtQ6E9bbW09MMnAUMoFhOho"
age: 41120
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-cph2320059-CPH
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 831
x-jsd-version: 1.0.2249

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H3 200 ip Show response
ipua.io/ 73 B
824 B 574ms
521ms Fetch
application/json 172.67.134.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipua.io/ip
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/IejqY0xxsskg4LKL1MzZaKy7PkxiVlsq/qk8xlw7c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fc33f3408ed33102434ebdbb582fedf5a9344df0200ff525ac749b280d9438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1MBQ5Zk8K8OrLWjcegZVezLSkrgIGlMIEiCmReXL1k%2BP%2BwrYZ2KLoYY1%2B2dtDtGdSMFIlrAHBQxhCxeXGSe9F8WY4w0ee8PhDKwOrc4BPle%2BgH3rlN5ABTP"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7a6a8abb50365b-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://simcast.com
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37112&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4131&recv_bytes=4396&delivery_rate=448&cwnd=12000&unsent_bytes=0&cid=c2c673414961d988&ts=526&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/json
vary: Origin
server: cloudflare
priority: u=1,i

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/ Frame 63A9 0
0 110ms
38ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 72288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 19:21:26 GMT
etag: 17661348622971093804
expires: Sat, 07 Dec 2024 19:21:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 24 Nov 2024 15:26:14 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame C10D 0
0 167ms
102ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&abgtt=1&lmt=1732461974&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732461973992&bpp=2&bdt=607&idt=150&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2808331209367&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088250%2C95345966%2C95347755&oid=2&pvsid=130273901582199&tmod=2123175740&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fww99.tpaypal.com%2F&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=164

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 15:26:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookiesEnabled.html
wrapperconsole.nyc3.cdn.digitaloceanspaces.com/ Frame 33A5 0
0 136ms
48ms Document
text/html 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wrapperconsole.nyc3.cdn.digitaloceanspaces.com/cookiesEnabled.html

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 771
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 8e7a6a8b6e7fd396-FRA
content-encoding: gzip
content-type: text/html
date: Sun, 24 Nov 2024 15:26:14 GMT
last-modified: Wed, 04 Sep 2024 04:53:30 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx00000477857c83db607b7-006716c9a2-1a0a1bf7-nyc3d
x-do-cdn-uuid: 9a191ecb-c35d-46ce-a26c-0bae59400ae4
x-envoy-upstream-healthchecked-cluster
x-rgw-object-type: Normal

GET
H2 200 gcid_s.min.js Show response
p.gcprivacy.com/t/ 18 KB
18 KB 131ms
42ms Script
text/javascript 18.66.122.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.gcprivacy.com/t/gcid_s.min.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-63.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88575ff303df65d5686db04492e628e2d7cd1988fc0496bf19d0d4dc7b875ffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-amz-version-id: F4gxiahOhIp04XLjfsE4LvSMahFqr2ke
etag: "fed493a9f267d69673e8f19b14befec1"
age: 25336
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 18153
x-amz-cf-id: U8EbMl9fx73tNb_VZ6mQZuMx0iw0GCjQPMezlERuGjl7tyt3F97eHQ==
date: Sun, 24 Nov 2024 14:44:58 GMT
content-type: text/javascript
last-modified: Wed, 20 Nov 2024 14:42:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
96 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RFSL1NPH34&l=dataLayer&cx=c&gtm=457e4bk0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e463ca644748bbfba312e45702eac40fea6551c6ab4e5a73ff59bd7181d09fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 24 Nov 2024 15:26:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98684
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
age: 2689
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 16:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 14:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H/1.1 200
OK ajaxjs.php Show response
simcast.com/widgets/ms/ 4 B
363 B 393ms
135ms XHR
text/html 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Referer: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01

Response headers

upgrade: h2
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
connection: Upgrade
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 24
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 165ms
47ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "mLYq618hJoRcW1Crupr2OQ=="
expires: Sun, 01 Dec 2024 15:26:14 GMT
accept-ranges: bytes
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 loader.js Show response
static.anonymised.io/light/ 472 B
851 B 132ms
40ms Script
text/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a152910ba3aff9671dbf925d17fdf511c3b45c3a772b41df66306fed31522cc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-goog-metageneration: 3
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=rDf69g==, md5=QxJrQr0cKqZwuSRifoib6w==
etag: "43126b42bd1c2aa670b924627e889beb"
age: 2623
x-goog-stored-content-encoding: gzip
expires: Sun, 24 Nov 2024 15:42:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 324
date: Sun, 24 Nov 2024 14:42:31 GMT
last-modified: Tue, 19 Nov 2024 11:53:31 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC58AL1ngMwhM31Rhma-_hHE7YD3540olpf9zMP4aKUX8rUEzHa8NwKqxoSWgogIS7ojVXqlMD7ZPQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732017211419907
content-length: 324
server: UploadServer

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 38ms
37ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 21694
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 09:24:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 24 Nov 2024 09:24:40 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 133ms
45ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RFSL1NPH34&gtm=45je4bk0v9124667839za200&_p=1732461974066&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1781665645.1732461974&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732461974&sct=1&seg=0&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&dr=https%3A%2F%2Fww99.tpaypal.com%2F&dt=Simcast%20News%20portal.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2420
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RFSL1NPH34&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://simcast.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sync Show response
p2.gcprivacy.com/v2/ 670 B
1 KB 368ms
129ms XHR
application/json 54.160.172.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=d7c5de58-32c3-4a4c-ba88-613eccaf5880&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&h=simcast.com&ref=https%3A%2F%2Fww99.tpaypal.com%2F&ids=sharedid%2Cd7c5de58-32c3-4a4c-ba88-613eccaf5880%7C&v=v4.0.32
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.172.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-172-25.compute-1.amazonaws.com
Software: /
Resource Hash: 5a3c716b66af4d4456e82e68d46c8872669173a74420b19ceef06dadbb7e9086

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://simcast.com
content-length: 670
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/json
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max

GET
H2 200 22181265 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 168ms
70ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22181265?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11927b70eb6b0a4b4310a946b54310e285df6c1f5195bbb611f2e1f01beb770e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-v4YILpiHrs-nGGV_6tGTrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYeO15VkcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxDPOX2ZdAMRFEldYG4D4dtMV1sdAzPD1CisHEAvxcEzr7t3FJnDiTvMvRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQ0NDSz0Dw_gCAwBjYkU4"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-v4YILpiHrs-nGGV_6tGTrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 bundle.js Show response
static.anonymised.io/light/ 132 KB
37 KB 40ms
39ms Script
text/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/bundle.js?v=0.3.19
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a23d7e6d00020944c75f7bfdc455bd7f5ee847f2269292297f432311a5e1bc37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=uN/8SQ==, md5=mhglgCGIBBbsgoyq+bON7A==
etag: "9a18258021880416ec828caaf9b38dec"
age: 1987
x-goog-stored-content-encoding: gzip
expires: Tue, 24 Dec 2024 14:53:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 37113
date: Sun, 24 Nov 2024 14:53:07 GMT
last-modified: Tue, 19 Nov 2024 11:53:29 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4TNnPIA-AdJXCbFVnUfyrL2-gmKfVGskLeAtxSZsYs1F18r0SMO3WdSjqDbJvur3Gkj0A
cache-control: public,max-age=2592000
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732017209528722
content-length: 37113
server: UploadServer

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
415 B 45ms
44ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1713123232&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&dr=https%3A%2F%2Fww99.tpaypal.com%2F&ul=de-de&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=231489552&gjid=1852109275&cid=1781665645.1732461974&tid=UA-205158314-1&_gid=1728307116.1732461974&_r=1&gtm=457e4bk0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&npa=1&z=1333862286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://simcast.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 rules-p-WFJsXCa9VD158.js Show response
rules.quantcount.com/ 160 B
633 B 127ms
38ms Script
application/javascript 2600:9000:223c:ce00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ce00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

etag: "8451e96214684fb5c6ec4f91dde0548e"
age: 880
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: X_l_DQ7c9WBiJNMSOG-B_jKCVklubBcGsB-lNpsgJ1ay_1iLm1Anpw==
date: Sun, 24 Nov 2024 15:11:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 19:39:28 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 configs
material.anonymised.io/v3/tag/ Frame 0
0 139ms
47ms Preflight 34.117.250.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://material.anonymised.io/v3/tag/configs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 57.250.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anon-app-version,content-type
Access-Control-Request-Method: GET
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: anon-app-version,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
allow: OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-request-id: eYuRQJHkCXLsWotneEswVXJgTldUDxQU

OPTIONS
H2 204 health
aegis.anonymised.io/ Frame 0
0 142ms
50ms Preflight
text/html 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.anonymised.io/health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anon-app-version,content-type
Access-Control-Request-Method: GET
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: anon-app-version,content-type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://simcast.com
allow: OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 24 Nov 2024 15:26:14 GMT
server: Google Frontend
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: cc26a9bd50f70de5d2969f0998abd0b2
x-request-id: PFKgrfblNOZxNGLbjwTHFEBaaSzuyfMs

GET
H2 200 configs Show response
material.anonymised.io/v3/tag/ 3 B
144 B 49ms
48ms Fetch
application/json 34.117.250.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://material.anonymised.io/v3/tag/configs
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 57.250.117.34.bc.googleusercontent.com
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Anon-App-Version: 0.3.19

Response headers

x-request-id: CRxFpyzEfEQZFRJiHEqFwjhmWYPuQHAe
content-encoding: gzip
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/json
vary: Accept-Encoding,Origin

GET
H2 200 health Show response
aegis.anonymised.io/ 2 B
135 B 52ms
51ms Fetch
text/plain 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.anonymised.io/health
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Anon-App-Version: 0.3.19

Response headers

x-request-id: fEGYcGSWDEqebiuAsnsygdinYOMstcWX
via: 1.1 google
access-control-allow-origin: https://simcast.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/plain; charset=UTF-8
vary: Origin
server: Google Frontend
x-cloud-trace-context: 191b8464eacbc0fba2cc3068d889dd1c

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
2 KB 134ms
46ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bc895ce31272ac601c1fed2533915a479cff00320007e09de47a3c9de92ecb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 15:26:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 24 Nov 2024 14:04:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 pixel;r=548540930;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0;ref=https%3A%2F%2Fww99.tpaypal.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9...
pixel.quantserve.com/ 43 B
463 B 55ms
45ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=548540930;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0;ref=https%3A%2F%2Fww99.tpaypal.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;dst=1;et=1732461974531;tzo=-60;ogl=;ses=c09ca58a-4ee3-49fa-8291-4d9a7a7a98bf;d=simcast.com;uht=2;fpan=1;fpa=P0-1771938670-1732461974532;pbc=;gdpr=0;mdl=

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Sun, 24 Nov 2024 15:26:14 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type: image/gif

GET
H2 200 AGSKWxXuQG6I0YfJPXF8rP0PLmCWkqZLd8QyX9lMIDGwQXDyqElFTDcpOEUfN0mazHXoLTO38GGKuNpYTngW3fs92eF3drnuq3Tk5dpXoYLIBoBHwyCZCSzAziMDIuDnwMgUES8A6jlf Show response
fundingchoicesmessages.google.com/f/ 1 MB
149 KB 171ms
170ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXuQG6I0YfJPXF8rP0PLmCWkqZLd8QyX9lMIDGwQXDyqElFTDcpOEUfN0mazHXoLTO38GGKuNpYTngW3fs92eF3drnuq3Tk5dpXoYLIBoBHwyCZCSzAziMDIuDnwMgUES8A6jlf?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNDYxOTc0LDY0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zaW1jYXN0LmNvbS8iLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJkZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDhdLG51bGwsMTldIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzkBJsxAS-0H2Lb7ZgEnnlVKdGwnA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

749e84e963dd227436f1fc696f20077ddc6e0eb807d6a7aa20fd7d75b0c7ddbc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PJ3u_34dLmwgakgxNo_Jww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1ZBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQzzl9mXQDERRJXWBuA-HbTFdbHQMzw9QorBxAL8XBM6-7dxSawY_bVb0xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoaGhpZ6BobxBQYArn5KQg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PJ3u_34dLmwgakgxNo_Jww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ua Show response
ipua.io/ 179 B
776 B 221ms
220ms Fetch
application/json 172.67.134.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipua.io/ua
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/IejqY0xxsskg4LKL1MzZaKy7PkxiVlsq/qk8xlw7c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61a0415435fcf0d4631f61f6e34bd36c5549d878e4a590f5710d15e92b6302d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YsTty8P%2FYRvjpK9lTIz9fLb2663qUb%2FpPwOZfrFEB19EWGEuyKkKudm7OmT7tr07uDv3tuJeBQ7Yq6btrmHlW7LmD04Ihqf8ET1%2F48Uhcbg3LQBnGPmNKaL"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e7a6a8e0f53365b-FRA
access-control-allow-origin: https://simcast.com
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37719&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5026&recv_bytes=4775&delivery_rate=22057&cwnd=12000&unsent_bytes=0&cid=c2c673414961d988&ts=747&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/json
vary: Origin
server: cloudflare
priority: u=1,i

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
266 B 123ms
38ms Fetch
application/json 79.127.216.47
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 79.127.216.47 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-79-127-216-47.datapacket.com
Software: /
Resource Hash: 284b873ace093eb576b48704d24f01dc6c10b12ece3ae8ffdab6cdfe695dabdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

access-control-allow-origin: https://simcast.com
content-length: 66
date: Sun, 24 Nov 2024 16:26:14 +0100
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
316 B 149ms
52ms Fetch
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?_it=prebid&t=1&src=id&partner_id=788
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d9c8262e7af473748bc3fe8ff2b3240feea44368aea2073a8b86347c975b36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
allow: POST, OPTIONS, GET
cf-ray: 8e7a6a8e9927377c-FRA
access-control-allow-origin: *
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 140ms
52ms Script
text/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&ref=https%3A%2F%2Fww99.tpaypal.com%2F&_it=tag&partner_id=788&ha=ha
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: public, max-age=432000
content-encoding: br
cf-cache-status: HIT
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
age: 18
x-amz-request-id: THYQ7PDVX2TEBZGV
expires: Fri, 29 Nov 2024 15:26:14 GMT
cf-ray: 8e7a6a8e8e31367e-FRA
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: text/javascript
last-modified: Fri, 15 Nov 2024 18:21:40 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: vlzlKowFCxlyJf9oQ5E+X5xESX/8om1RuNE9HW31J9ZxJ68nKiYq3DX+oAWTlovUrR7jAmsFEqs=

GET
H2 200 788 Show response
a.ad.gt/api/v1/u/matches/ 8 KB
4 KB 320ms
224ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/788?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&ref=https%3A%2F%2Fww99.tpaypal.com%2F
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 969c6eddf135ee2ec6cce620f0e53512374faf9ea848cf2829693da5e8e19b2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
cross-origin-resource-policy: cross-origin
cf-ray: 8e7a6a8e9b4d8ebb-FRA
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: application/javascript
last-modified: Sun, 24 Nov 2024 15:26:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
314 B 172ms
54ms Fetch
application/json 52.215.35.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?&c=17228
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.35.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-35-31.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://simcast.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Sun, 24 Nov 2024 15:26:14 GMT
content-type: application/json;charset=utf-8
x-server: 10.45.14.121
server: Jetty(9.4.38.v20210224)

GET
H2 204 any Show response
idx.liadm.com/idex/did-0061/ 0
367 B 355ms
117ms Fetch 3.94.51.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/did-0061/any?did=did-0061&resolve=nonId&resolve=uid2&resolve=bidswitch&resolve=medianet&resolve=magnite&resolve=pubmatic&resolve=index&resolve=openx&resolve=thetradedesk&resolve=sovrn

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.51.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-51-169.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://simcast.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=3599, private
trace-id: 7dfbc8b58f18f8d0
request-time: 1
access-control-allow-credentials: true
expires: Sun, 24 Nov 2024 16:26:15 GMT
access-control-allow-origin: https://simcast.com
date: Sun, 24 Nov 2024 15:26:15 GMT
vary: Origin

GET
H2 204 any Show response
idx.liadm.com/idex/did-0061/ 0
0 354ms
354ms Fetch 3.94.51.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://idx.liadm.com/idex/did-0061/any?did=did-0061&resolve=nonId&resolve=uid2&resolve=bidswitch&resolve=medianet&resolve=magnite&resolve=pubmatic&resolve=index&resolve=openx&resolve=thetradedesk&resolve=sovrn
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.51.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-51-169.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://simcast.com/

Response headers

cache-control: max-age=3599, private
trace-id: 7dfbc8b58f18f8d0
request-time: 1
access-control-allow-credentials: true
expires: Sun, 24 Nov 2024 16:26:15 GMT
access-control-allow-origin: https://simcast.com
date: Sun, 24 Nov 2024 15:26:15 GMT
vary: Origin

GET
H2

200

xandr
p2.gcprivacy.com/v3/id/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fpid%3D6CP1D%26id%3D%24UID%26gcid%3D4617849a-e7eb-4aff-be32-0377f6436614
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fpid%253D6CP1D%2526id%253D%2524UID%2526gcid%253D4617849a-e7eb-4aff-be32-0377f6436614
https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=3683510204239054061&gcid=4617849a-e7eb-4aff-be32-0377f6436614

0
37 B

132ms
132ms

Image
text/plain

54.160.172.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=3683510204239054061&gcid=4617849a-e7eb-4aff-be32-0377f6436614
Requested by: Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: H2
Server: 54.160.172.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-172-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

date: Sun, 24 Nov 2024 15:26:15 GMT
content-length: 0

Redirect headers

cache-control: no-store, no-cache, private
location: https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=3683510204239054061&gcid=4617849a-e7eb-4aff-be32-0377f6436614
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.120; 80.255.7.120; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 15036e42-4c7b-4ac3-a42e-247d336ffe90
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 24 Nov 2024 15:26:14 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 121 B
298 B 137ms
137ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=tag&partner_id=788&sync=0&domain=simcast.com&url=https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&ref=https%3A%2F%2Fww99.tpaypal.com%2F&_it=tag&partner_id=788&ha=ha
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1955afc0f90893f108dcb967e6fd341d90977a738739ffd53c451f7598f68f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://simcast.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
debug: NON-OPTIONS
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
cf-ray: 8e7a6a8fdade377c-FRA
access-control-allow-origin: *
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 143ms
143ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=tag&partner_id=788&sync=0&domain=simcast.com&url=https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8e7a6a8ee971377c-FRA
content-length: 0
content-type: application/json
date: Sun, 24 Nov 2024 15:26:14 GMT
debug: OPTIONS block
expires: Mon, 24 Nov 2025 15:26:14 GMT
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 81ms
81ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwoTkmuAYzSfsxE5qTRUdN2LGVksA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 15:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 24 Nov 2024 15:26:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 86ms
38ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://simcast.com
Referer: https://simcast.com/

Response headers

age: 410885
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 21:18:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 21:18:10 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxWEd73eB4XxYpHGs4h8YveUTAsT5plg6raRBHncavdhd5DiIAp1OSuqJHaJv_IULfhRJSFprChS1bngcT1SokVt4gdA8zD7gPWtvR44uQJRTjpbJJsWxAfHQa9xhFI41b4-8dUk Show response
fundingchoicesmessages.google.com/el/ 0
28 B 97ms
51ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWEd73eB4XxYpHGs4h8YveUTAsT5plg6raRBHncavdhd5DiIAp1OSuqJHaJv_IULfhRJSFprChS1bngcT1SokVt4gdA8zD7gPWtvR44uQJRTjpbJJsWxAfHQa9xhFI41b4-8dUk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yH7LbxvjIpDtMjed1IoOOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBicEqfwRoCxAxfr7ByALEQN8f07t5dbAIXdl42VnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhoaGlnoGpvEFBgDb4CWS"
content-security-policy: script-src 'report-sample' 'nonce-yH7LbxvjIpDtMjed1IoOOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://simcast.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWEd73eB4XxYpHGs4h8YveUTAsT5plg6raRBHncavdhd5DiIAp1OSuqJHaJv_IULfhRJSFprChS1bngcT1SokVt4gdA8zD7gPWtvR44uQJRTjpbJJsWxAfHQa9xhFI41b4-8dUk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A0Z2yg8uSI3CwSBxy1ap5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBicEqfwRoCxAxfr7ByALEQN8f07t5dbAIfdt01VnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhoaGlnoGpvEFBgDn0iW8"
content-security-policy: script-src 'report-sample' 'nonce-A0Z2yg8uSI3CwSBxy1ap5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://simcast.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 200 a Show response
de.vour.io/ 111 B
821 B 387ms
344ms Fetch
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/a
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/IejqY0xxsskg4LKL1MzZaKy7PkxiVlsq/qk8xlw7c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c35eb60ed193de184db42ac1e02d83fa458f2a551070673dca685c60307536

Request headers

Authorization: Basic YTJhMzZhZWYtMjJkOC00ZDVjLWI5MTMtYWRhZWE2NzRkOTNhOkllanFZMHh4c3NrZzRMS0wxTXpaYUt5N1BreGlWbHNx
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-max-age: 86400
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOUjJC4feKnEehJaqpFv4Ux3gTV5lYw1Pa6pQnD8QLt8N1dinKBFM5PJiFZWd9eDnQ0Z02SYSKo6uh0%2F9xHzDYiMbJwj7vjfGnpUV5ihBDBAWSMFsbMJfly4iXct"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37887&sent=10&recv=8&lost=0&retrans=0&sent_bytes=2184&recv_bytes=3188&delivery_rate=431&cwnd=12000&unsent_bytes=0&cid=57b56719ab32d900&ts=348&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: text/plain
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: authorization
x-ip-country: DE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e7a6a934c6d1daa-FRA
access-control-allow-origin: https://simcast.com
server: cloudflare

OPTIONS
H3 200 a
de.vour.io/ Frame 0
0 361ms
306ms Preflight
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-origin: https://simcast.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e7a6a90e9c09bd6-FRA
content-length: 0
content-type: text/plain
date: Sun, 24 Nov 2024 15:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5I%2F9e6a2C13hVLfULEJ23naZVPL6iN7MtHclTFKRQDyRRxje7ip7T8ZJImId%2F66o6h3UHyoleO2cefiu7l3FiV%2FnSKldbZ6OzHPvt2ynL2Vh8leOgvbnoWIUJAi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=37247&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4141&recv_bytes=4284&delivery_rate=748&cwnd=12000&unsent_bytes=0&cid=cd8bf80b4c63d7b6&ts=313&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-ip-country: DE

GET
H2 200 788 Show response
a.ad.gt/api/v1/u/matches/ 8 KB
4 KB 55ms
54ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/788?_it=tag
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtpaypal.com%26pcid%3D48%26rid%3D112%26a%3D0&ref=https%3A%2F%2Fww99.tpaypal.com%2F&_it=tag&partner_id=788&ha=ha
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 969c6eddf135ee2ec6cce620f0e53512374faf9ea848cf2829693da5e8e19b2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 279
cross-origin-resource-policy: cross-origin
cf-ray: 8e7a6a90bd828ebb-FRA
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: application/javascript
last-modified: Sun, 24 Nov 2024 15:18:01 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H3 204 collect
material.anonymised.io/metrics/ Frame 0
0 47ms
47ms Preflight 34.117.250.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://material.anonymised.io/metrics/collect
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 57.250.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anon-app-version,content-type
Access-Control-Request-Method: GET
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: anon-app-version,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
allow: OPTIONS, GET, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:15 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-request-id: XfRQQHdsUxmRCnOWtjmXWGZjiwZMeIPv

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 158ms
55ms XHR
application/json 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

e45a20c9e0ea46e3290fea6be70ddac35d4cd4f207e68dbe1010c6ab2b9a01c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13260
date: Sun, 24 Nov 2024 15:26:15 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 collect Show response
material.anonymised.io/metrics/ 5 B
45 B 48ms
48ms Fetch
application/json 34.117.250.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://material.anonymised.io/metrics/collect
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 57.250.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Anon-App-Version: 0.3.19

Response headers

x-request-id: geKFjPtCtUgfABoEneKOqtGnEDzULFgP
content-encoding: gzip
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: application/json
vary: Accept-Encoding,Origin

GET
H/1.1 200
OK favicon.png
simcast.com/templates/simcast/ 486 B
749 B 398ms
134ms Other
image/png 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7962c200b80de04b6cd4fc25e4745f01c475bee72990d2933733140a3c26caba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0

Response headers

upgrade: h2
etag: "1e6-5d2abe70a3640"
connection: Upgrade
accept-ranges: bytes
content-length: 486
date: Sun, 24 Nov 2024 15:26:15 GMT
last-modified: Thu, 09 Dec 2021 00:44:01 GMT
content-type: image/png
server: Apache/2.4.38 (Debian)

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 146ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 15:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:26:15 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 6F8F 0
0 116ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 14:40:10 GMT
expires: Sun, 24 Nov 2024 15:30:10 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 token Show response
algenid.com/ 192 B
1 KB 376ms
334ms Fetch
application/json 172.67.135.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algenid.com/token
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/IejqY0xxsskg4LKL1MzZaKy7PkxiVlsq/qk8xlw7c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 428dc8c3fc4073c01317639f42e1ef29d3635135c0bf7e1ee66c036abbde6cd5

Request headers

Authorization: Bearer p0W0Rak1PaDMggDW2s2JJnUXHmdkNfzXVtS2xqlUUdF_OngQ9xWTwXEdXsw_JzTI-aNmKHEDCoQGkOpBa8cmfv53KAIoV9OV_1VEiGVI2J0Gs48
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-max-age: 86400
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOMCBSxEGkIZRV0dpOWqgWZqogNVpwCvyNo%2BYz7j2TyMZejz9fH48134c%2FEwrI0EWFrkfAh8AOcSoSxGkiZFqLX6etbW9U6m5EtM7r0RzmlPwVQxsWmzofZ8uO8Ubw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40280&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2185&recv_bytes=4278&delivery_rate=451&cwnd=12000&unsent_bytes=0&cid=da8290e84a54931e&ts=337&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:26:16 GMT
content-type: application/json
priority: u=1,i
access-control-allow-headers: authorization
x-ip-country: DE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e7a6a968eb490ee-FRA
access-control-allow-origin: https://simcast.com
server: cloudflare

OPTIONS
H3 200 token
algenid.com/ Frame 0
0 236ms
184ms Preflight
text/plain 172.67.135.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algenid.com/token
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-origin: https://simcast.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e7a6a951a5ed2df-FRA
content-length: 0
content-type: text/plain
date: Sun, 24 Nov 2024 15:26:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IuJUQ3UNGftKXlypoXtpR6%2Bvh%2FQomqNdYhsu9Z1iK3EvcrcPx1S4z5O3ivTTIMKbTBOqv3IDCke%2FyRMmYTqNAkH%2Fk%2BsvugWm9DKbIJ5b7S6YenVcS6u4eP4p7TAZgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=37572&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4152&recv_bytes=4417&delivery_rate=449&cwnd=12000&unsent_bytes=0&cid=ee9403ee14a23461&ts=189&x=1" cfExtPri cfHdrFlush;dur=0
x-ip-country: DE

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

POST
H3 200 a Show response
de.vour.io/ 478 B
2 KB 411ms
411ms Fetch
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/a
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/IejqY0xxsskg4LKL1MzZaKy7PkxiVlsq/qk8xlw7c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4347a6258201412f9eb588a07c3578b3dc52a0f4e950aa21a358032bfc5bb07

Request headers

Authorization: Bearer yGKFqLEZ4SnPjj1XlXoFwwx3tEXSBdFWWEhYz0asp_UHiiSAHV8poj-uKkp4YXz13N6-2cmqzmwetR9-0D576HREWcQEAe5SpxFzp5SHmRQMEBXTteitnUpOsypQzFnGwQK72uo
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-max-age: 86400
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmZ3Nb1Ts4LYib%2FhmTyLvFKVf%2FUDFSMGZ5okez%2B%2F9MfOMyxb8KEuNVPG4U0KT7aDtuVCP%2BJMwwTA65uzJz%2FO1D08LkW8ctGycrKHyusL34nwUOVtQ30cSLJMLmCf"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37869&sent=13&recv=10&lost=0&retrans=0&sent_bytes=3076&recv_bytes=3642&delivery_rate=22998&cwnd=12000&unsent_bytes=0&cid=57b56719ab32d900&ts=1377&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:26:16 GMT
content-type: text/plain
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: authorization
x-ip-country: DE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e7a6a98ac161daa-FRA
access-control-allow-origin: https://simcast.com
server: cloudflare

OPTIONS
H3 200 i
de.vour.io/ Frame 0
0 418ms
418ms Preflight
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/i
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-origin: https://simcast.com
access-control-expose-headers: x-ip-country
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e7a6a9b3cac9bd6-FRA
content-length: 0
content-type: text/plain
date: Sun, 24 Nov 2024 15:26:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sH4JZo5jlAZsIU%2BtGawyrpcNEGEmlIo8D8uzo2PSV1T08aKGSk47sDE2kBcMFJ9kXk8pd3amt0w4vYQIlzjERVAPPql6DUyBiq3G6m5Ce5pcp6sncaaiHLa2Skl8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=37335&sent=15&recv=9&lost=0&retrans=1&sent_bytes=5585&recv_bytes=4639&delivery_rate=4064&cwnd=12000&unsent_bytes=0&cid=cd8bf80b4c63d7b6&ts=2152&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-ip-country: DE

POST
H3 200 i Show response
de.vour.io/ 16 B
690 B 255ms
254ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/i
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/IejqY0xxsskg4LKL1MzZaKy7PkxiVlsq/qk8xlw7c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiIyZDFjMGU1Mi0wMTA2LTQ4YTQtYTQ4NC00ZjQ3Zjc2MWI0NDgiLCJpYXQiOjE3MzI0NjE5NzUsInR5cCI6InIifQ.YGhQlDdzCcw9iaJEYFuadein0NsmhdA_H29NPLv4v31yzYMa7p3QuuZkifbQWqhQuAlcmyUEUHloZ4f_Uc6I8zK2GyiCJYaEfTPIPFpX9HaaWye2575v9S7KHYTSbSJoclNv69Oe1N-F3d6YF9gh-P0WN7BbIg6gRnwMsxKRx_QRtEvXHga6rTrN5iJBJp2Dd0G4fzDbOfTP17XJ8BjifMM2OwPqAXNC19G9qZBiCC2sJvYEA2ZwpbQ0xz-XUzB2mTlRFfpvZMaUL0Cmr8yo3VllWMwARnw4PJF5s9_Qq5A3lBgVm5p0p1MprqP87WjL_eiDxSiyB5xTHJIn8WsqcA
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-ip-country
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pV6F57cWQTvu7HAYUHpti%2BZZtQEdDl7eGOLKVFqClE0polkvQyFdKvnAPSqf4fujYEbfsbYuEFspRLgBljlheylt0%2FhhzWeSPjFsP%2BQ39axdnZiQz6KT3qdPWq%2B%2B"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37959&sent=18&recv=14&lost=0&retrans=0&sent_bytes=4774&recv_bytes=5570&delivery_rate=4029&cwnd=12000&unsent_bytes=0&cid=57b56719ab32d900&ts=2054&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:26:17 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: authorization
x-ip-country: DE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e7a6a9ddac21daa-FRA
access-control-allow-origin: https://simcast.com
content-length: 16
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=130273901582199&bg=!PD-lP3DNAAaIaF9IqGg7ADQBe5WfOPy5u_QZjZw7YTO71ePkVIxQdfptAJEeAHQ1OkMOam2lgdmSfzN6hc5RI0i00p71AgAAACZSAAAAAmgBB34ANlhmfyKdTE7QPbNJab1-VzRIYaX3GRmy4EFltsLr9muZ2PHGJzOVCaGdwGHNilPK5vUYRCVBjQoAdW6H3lW_cKjvsBWqH89iOYvDzaF_Syy6B3MsQrqgLHVj7R016J9cTCjjAE7YnMWxT3n-pArV5RBwyJBrJCYxCUpgMnZlNbwws3_44RULGqgvO6JK8sCdGCFqcxeYDqT8tGcTha_USqnoM2u1HX26vziEQ84hJJkCn_2JbxO-gF6xnYumenbZDQTBTM-6XputFOXsvbskEsz7AQ0wTghaeMP7Qu93eLGrgoNKY37KGeX2YJcyUwDZfqz_wugR6VU_Cx3UmB_7p41XQXA9A-K9LsOikkNLkBtEt3whWRImiSOUrrF6oHjTtbdL-TnQOyCTXmAPbHFJMVWmDSrDUJ1erso1Vfrgok5szS_G4xYC9zfd9Q7StZsvL-osGL7-rAYvaH7PBpOs6JnGhcgsV-VOu9laBpcStWv38cqCiUSbeG7933VdztAHhjIxLDzGEK5eVedAtH9hvROdnLq810WFm3mb8x8RkpByPyccgH-FscvVCKb0T6eOc2VR3JOa3uYV0iPwX36O5Uyl0YXoHtkSnaOlsGPHH2Gk9fq8F_fEfhHYFECCHfH6soHkzabdu-ne2x7QyKCGhqIB_UHC44vLI7ROpxXDLqkVKneX-KnQKvezrvS9V-0HeOeyT0k1G5hQNDCra5rCB2P7OsZcOxmaQeSIlK3hURvs8QWWZAAygvTGBGyC5908ICbY4DcFarow7DX1rEC_jYtMRp-Qg9g6Cqv62WlmYjB-kE4TN0f8fBt5WrpXYWV6q4hMYgkKomVQRSEsQFBtBKzr2A5ALCK4LwIbvO086RFWROVDKVpk-RDN3u1HciX94P4PTS3hoXPWtzIvEE1RvH9spgfN7lyR4r-fPnlx-Hzti7JvuVJ-1jgVgPpK7Zi2FjB1FhCYQUDIlVDtKDIlyvnyjM-LWzhz-LaAOAF9DzJgwXh5UMp3CQjl85bk5t8UoPLxbnTta1sifstu3n3fPIqWjYnHVfypP-kZErHRVW9dv9FBW9d4i8AZJpoVZGgLJV8EGRQtlnuhxkaTcR47jZeNbJ66ce4JXGgdO6yWQ7m5

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
simcast.com/	1970-01-21 01:14:22	Name: PHPSESSID Value: eoipe38o2tr2ruc17ffju3qcvb
simcast.com/	1970-01-21 01:57:33	Name: uidinfer Value: 285261617
simcast.com/	1970-01-21 01:14:25	Name: _lr_retry_request Value: true
simcast.com/	1970-01-21 01:57:33	Name: _lr_env_src_ats Value: false
simcast.com/	1969-12-31 23:59:59	Name: mess Value: 1
.simcast.com/	1970-01-21 10:50:21	Name: _ga_RFSL1NPH34 Value: GS1.1.1732461974.1.0.1732461974.0.0.0
.simcast.com/	1970-01-21 10:50:21	Name: _ga Value: GA1.2.1781665645.1732461974
.simcast.com/	1970-01-21 01:15:48	Name: _gid Value: GA1.2.1728307116.1732461974
.simcast.com/	1970-01-21 01:14:22	Name: _gat_gtag_UA_205158314_1 Value: 1
.quantserve.com/	1970-01-21 10:44:36	Name: mc Value: 67434596-88e7a-60ec0-9ae53
p2.gcprivacy.com/	1970-01-21 03:23:57	Name: gcid Value: 4617849a-e7eb-4aff-be32-0377f6436614
ipua.io/	1969-12-31 23:59:59	Name: JSESSIONID Value: b8v7HncuDNl4KEDchmPt7FEWdQDNvNZo
simcast.com/	1970-01-21 03:23:57	Name: gcid_first Value: 4617849a-e7eb-4aff-be32-0377f6436614
.adnxs.com/	1970-01-21 03:23:57	Name: XANDR_PANID Value: kPEHKmbm-2DOZ7I49fte50h3CflReDgBPNH2lNe68XyDbwZRe9ozqOeWN8hGdZnCd4FYnRfrj-WP7hWuHcsuF3mW7BwJ-56qfmPu6UTqA_8.
.adnxs.com/	1970-01-21 10:50:21	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:23:57	Name: uuid2 Value: 3683510204239054061
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.liadm.com/	1970-01-21 10:50:21	Name: lidid Value: 730ce0a8-d388-495a-b38f-716cec70931b
.algenid.com/	1970-01-21 09:59:57	Name: t1 Value: 7d97fd18c59841c6203f187204527c4af58b4e08de444e4f1d73a95fb418a42d2ef4a36d2ac08187ab360110be5c250f9a979a7572328b3a87aac0cc1c1723b0c408a19c7773ad29440895c0207178
.vour.io/	1970-01-21 09:59:57	Name: 624_jwt Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiIyZDFjMGU1Mi0wMTA2LTQ4YTQtYTQ4NC00ZjQ3Zjc2MWI0NDgiLCJpYXQiOjE3MzI0NjE5NzV9.eavOR1Q6oremQoEiTxo2GiCq_kbxNgEdKNAbNnDGBz5rGy4c7YtHh4dkx6nEufaFD6jBT9cRMyk19NjvljZTQ3oqx1VanAmGW927TB1u78gK4y1A8njyyqh8Sso8ie0xjkO5sRvh0xPls9MajCYYyEFDJ9pdEs8yHEzWvxUR8LSpW7Jldp3uxv4lYUHzqBu4KUH23T4JfgIzEo3Ce3kuRQjEYEZZwAwPtw8YIUjmN37pFw2gVcbftvWTYg4equqiXqSMxFXQDYDXwtqm_pikgF6dyGtytIcZGN7pkgbaRWlbLPPtwHHiX2c4Q-8glW-06ppV70Q1plT54AtMy8tSow

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	verbose	URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq)
recommendation	verbose	URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://simcast.com/?d=tpaypal.com&pcid=48&rid=112&a=0 Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aegis.anonymised.io
algenid.com
api.rlcdn.com
cat3.hbwrapper.com
cdn.adapex.io
cdn.hadronid.net
cdn.jscaddy.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cloudflare.com
code.jquery.com
de.vour.io
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
idx.liadm.com
img-s-msn-com.akamaized.net
ipua.io
material.anonymised.io
mx3.tpaypal.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
parking3.parklogic.com
pixel.quantserve.com
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
simcast.com
static.anonymised.io
wrapperconsole.nyc3.cdn.digitaloceanspaces.com
ww99.tpaypal.com
www.google-analytics.com
www.googletagmanager.com
api.rlcdn.com
ep1.adtrafficquality.google
104.16.133.229
104.17.25.14
104.21.234.176
142.250.185.78
142.250.186.34
161.35.116.36
172.217.16.194
172.217.18.3
172.232.31.180
172.67.134.204
172.67.135.143
18.66.122.63
185.89.210.244
188.114.96.3
2001:4860:4802:34::36
216.58.206.66
2600:3c02:1::2d4f:f4d1
2600:9000:223c:ce00:6:44e3:f8c0:93a1
2600:9000:237d:f600:12:baaf:c600:93a1
2606:4700:10::6816:34ad
2606:4700:10::6816:545
2606:4700:4400::6812:2ae3
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a02:26f0:3500:10::210:a9d
2a04:4e42:400::485
2a04:4e42:600::649
3.94.51.169
34.107.217.107
34.117.250.57
45.79.244.12
52.215.35.31
54.160.172.25
69.16.230.228
79.127.216.47
0016932bbb3f975043c429925776722d1ea1648e02796901bb810d23d9bf2e68
013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9
02d9c8262e7af473748bc3fe8ff2b3240feea44368aea2073a8b86347c975b36
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f29482e5140c56e72ec9c5489e9becc880e1e4499e96d84126ad8e9e5909bd4
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
11927b70eb6b0a4b4310a946b54310e285df6c1f5195bbb611f2e1f01beb770e
143214083fd66f15ab9165a50e3bfeaa129e01ad4a756c01e4c639e4b18c125f
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
2479d0a1af167421b3ae5b7e7ecb4eea1689c00df5950c6ed6da8a792668b2da
284b873ace093eb576b48704d24f01dc6c10b12ece3ae8ffdab6cdfe695dabdc
2ece6c759129924d603174b53bbdf9f5a3933e644e516964587e2350c677ce6b
30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed
3b1c2810a6bc181572d52816b836fb77c30ba4319f6600d07d704eb373b4d8ba
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3df35d35bc9f3c4902ecc4404810e0bbdafbeb2b3379bfc6849a85b2f927e4ed
40ce839443663b7bfdeef77df8844d8fc20b29d22050d8b6296fd1ecb287b4d3
41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f
428dc8c3fc4073c01317639f42e1ef29d3635135c0bf7e1ee66c036abbde6cd5
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4ae7b04820dfa9e8ae0f4f82e1488e9f31a06e9830c002f55d7d178e79b3d0dc
4bc895ce31272ac601c1fed2533915a479cff00320007e09de47a3c9de92ecb2
55525ea69603b140e951f2674976ea51142cd1946dcd3c3f1e080250f797a295
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b293cfee8b30afb93d305cfb9ccc8ee91918a1bd3d32d03cd0ad9571b18c87
57cc9b842957122089ecf222243791d6faf6dd1202a30e4a15244f54e96cfafd
5a3c716b66af4d4456e82e68d46c8872669173a74420b19ceef06dadbb7e9086
5bc2752dec59105f95d2f76190c4c57635bb8fb59165b3f1d655f34263f2ec31
61a0415435fcf0d4631f61f6e34bd36c5549d878e4a590f5710d15e92b6302d5
64fff61e8913bd861cd4b7ac24de12d6dc1a863588f06c0d6a85bbe06f91456a
675bccf4569f9262943c70fe1d5e6d29c6d260f4c9889e842a2efee6b845f1df
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f37e69e697028230c06d74a08a21b9a2e9dd39f3500137b958ab47b1276671a
749e84e963dd227436f1fc696f20077ddc6e0eb807d6a7aa20fd7d75b0c7ddbc
7962c200b80de04b6cd4fc25e4745f01c475bee72990d2933733140a3c26caba
8261cc5cb0a8936426baf6a34ca198d773cf6f5a1dfe8bec8756cc2879bfe18a
87c35eb60ed193de184db42ac1e02d83fa458f2a551070673dca685c60307536
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
87fc33f3408ed33102434ebdbb582fedf5a9344df0200ff525ac749b280d9438
88575ff303df65d5686db04492e628e2d7cd1988fc0496bf19d0d4dc7b875ffa
8a289a9e7fc2dac35019fb3e01c5a54ed0eb2d5ea43161e3fab0305431440576
8ee428745c486f2950588ab883e4b665b995ecfc5ddf870ecc17e06042d4f352
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9024866824dfa86ceb277934accb6e09cf2ee8dfb3c83af27443459d1794a50b
969c6eddf135ee2ec6cce620f0e53512374faf9ea848cf2829693da5e8e19b2b
9b15df1e782ff406f68da34a865f5e01adebe41ba87ab265ba159faec6a0d3ba
9cd711bc6467adfd84700127f93c290153fac067d82f8e6ba1d2746b5c1d1065
9ee4de3cfdaff482382d8925776e749f6bc9a5e44e3c7e8526aeeef101fd86a2
9f7d9ffcabf4cc97ef06e9d47115084765d9747fe1afff04e9fd77eaf4ece89d
a152910ba3aff9671dbf925d17fdf511c3b45c3a772b41df66306fed31522cc9
a181bf0df8378ec2ec627ffc24ccb055129fd5986f3764cd03804820c4cff679
a1955afc0f90893f108dcb967e6fd341d90977a738739ffd53c451f7598f68f8
a23d7e6d00020944c75f7bfdc455bd7f5ee847f2269292297f432311a5e1bc37
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a30ace517bd81f23557305075a2f161abeb03e9447d5a6bc68dbaf7f4c58ffbd
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abaab2cba237aa106298f6fbba0f540da1e0f943171b14d50e74776696168ec0
b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bd09711da5ac9ffcea07268136b0ef23f929e2b268d178961d23d739906ad0d1
c19397608305167cd3b70dc22f62c99eb6426fa9f7bf10b86f01085847982f8b
c23d575a52811839e293f5f6c1558b408ae9482f8524d3b65060868fd4055ca3
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4347a6258201412f9eb588a07c3578b3dc52a0f4e950aa21a358032bfc5bb07
e45a20c9e0ea46e3290fea6be70ddac35d4cd4f207e68dbe1010c6ab2b9a01c0
e463ca644748bbfba312e45702eac40fea6551c6ab4e5a73ff59bd7181d09fbe
ea594a4b68b85d178312b7334a7fac124e21b1905d6e9792be0eb5a4693640f1
ea72fcb3c311f0ec3f612d617520b4ecd371071c5cb272e127cbf5280b7b57af
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb2bd4808264f978639b4d45fcfc11c203686fda2e55098192568315c6eec3a8
eca3c746bf0054c0d4de77f40dbbd84746a258bc5d1fbf614a705af8c4de5f18
f3473c71aef970949d40ce36bf09784061224a58db9481aef59c3e2658fbeba3
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
f595e3eefe504b3559ef42ba374eed5ac8ad1f6ee909f9d855ff14d163f7f5ec
fdfb87bb5a0d976bd9df5f9bb4a1af49d04643ebd331dca4ec732fd1170d303d
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

97 %HTTPS

41 %IPv6

33 Domains

42 Subdomains

38 IPs

5 Countries

1635 kBTransfer

5266 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

97 %
HTTPS

41 %
IPv6

33
Domains

42
Subdomains

38
IPs

5
Countries

1635 kB
Transfer

5266 kB
Size

20
Cookies

106 HTTP transactions
0 data transactions