simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://forensicaccount.com/
Effective URL:
https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Submission: On November 29 via automatic, source certstream-suspicious (November 29th 2024, 12:03:30 am UTC) — Scanned from CA

Summary HTTP 145 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 47 IPs in 3 countries across 46 domains to perform 145 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is simcast.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 26th 2024. Valid for: a year.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	72.52.179.174 72.52.179.174	32244 (LIQUIDWEB) (LIQUIDWEB)
11	45.79.244.12 45.79.244.12	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3038::6815:eab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2600:3c02::f0... 2600:3c02::f03c:95ff:fe6e:3972	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2600:141b:1c0... 2600:141b:1c00:6::17df:d12b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
4	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
1	134.122.30.244 134.122.30.244	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:911d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.252.92 13.33.252.92	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
4	34.107.217.107 34.107.217.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
2	44.210.209.12 44.210.209.12	14618 (AMAZON-AES) (AMAZON-AES)
10	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:4a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	34.117.250.57 34.117.250.57	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:251... 2600:9000:2511:7000:a:e047:754:f4a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:28b... 2600:9000:28b2:8c00:1e:e2c6:2e54:f4c1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f1:1800:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	104.18.29.101 104.18.29.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.128.124 108.138.128.124	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	121.127.42.98 121.127.42.98	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1 1	138.199.41.120 138.199.41.120	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1 18	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.173.157.167 35.173.157.167	14618 (AMAZON-AES) (AMAZON-AES)
4 4	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	35.162.65.214 35.162.65.214	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.146.5 69.173.146.5	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1 1	2620:112:f008... 2620:112:f008:200::101	26120 (RHYTHMONE) (RHYTHMONE)
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200d	27630 (AS-XFERNET) (AS-XFERNET)
1	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2004	15169 (GOOGLE) (GOOGLE)
145	47

2 72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

forensicaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 45.79.244.12 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-244-12.ip.linodeusercontent.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eab1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:3c02::f03c:95ff:fe6e:3972 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

parking3.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2600:141b:1c00:6::17df:d12b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.30.244 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture1.analytics.hbwrapper

cat1.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:911d (United States)

ASN13335 (CLOUDFLARENET, US)

wrapperconsole.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.252.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-252-92.jfk50.r.cloudfront.net

p.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.217.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.217.107.34.bc.googleusercontent.com

static.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aegis.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.210.209.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-209-12.compute-1.amazonaws.com

p2.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:4a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.250.57 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 57.250.117.34.bc.googleusercontent.com

material.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:7000:a:e047:754:f4a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:28b2:8c00:1e:e2c6:2e54:f4c1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.euid.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:1800:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.127.42.98 (Ashburn, United States) 1 redirects

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-121-127-42-98.datapacket.com

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.41.120 (New York, United States) 1 redirects

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-138-199-41-120.datapacket.com

c3.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::6816:545 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proton.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.173.157.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-157-167.compute-1.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.75 (Colonia, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.162.65.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-65-214.us-west-2.compute.amazonaws.com

ids4.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f008:200::101 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:200d (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	akamaized.net img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 177	417 KB
23	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1519 a.ad.gt — Cisco Umbrella Rank: 1619 p.ad.gt — Cisco Umbrella Rank: 1714 ids.ad.gt — Cisco Umbrella Rank: 1557 ids4.ad.gt — Cisco Umbrella Rank: 2415 pixels.ad.gt — Cisco Umbrella Rank: 1708 seg.ad.gt — Cisco Umbrella Rank: 1984 proton.ad.gt — Cisco Umbrella Rank: 4167	26 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	73 KB
11	simcast.com simcast.com	134 KB
8	anonymised.io static.anonymised.io — Cisco Umbrella Rank: 13869 material.anonymised.io — Cisco Umbrella Rank: 13604 aegis.anonymised.io — Cisco Umbrella Rank: 13944	38 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	186 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	211 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 281 secure.adnxs.com — Cisco Umbrella Rank: 495	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	371 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225 cloudflare.com — Cisco Umbrella Rank: 80	7 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	2 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 id.crwdcntrl.net — Cisco Umbrella Rank: 2708 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
3	gcprivacy.com p.gcprivacy.com — Cisco Umbrella Rank: 18519 p2.gcprivacy.com — Cisco Umbrella Rank: 18150	20 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 886	729 B
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 761	765 B
2	a-mx.com 1 redirects id.a-mx.com — Cisco Umbrella Rank: 1660	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel.quantserve.com — Cisco Umbrella Rank: 1059	10 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	2 KB
2	parklogic.com parking3.parklogic.com — Cisco Umbrella Rank: 129805	2 KB
2	forensicaccount.com forensicaccount.com	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	283 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 915	665 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1126	443 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 500	1 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4214	550 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1791	12 KB
1	a-mo.net 1 redirects c3.a-mo.net — Cisco Umbrella Rank: 19499	945 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	1 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com Failed	29 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1329	7 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 6469	9 KB
1	euid.eu cdn.prod.euid.eu — Cisco Umbrella Rank: 19768	4 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	636 B
1	digitaloceanspaces.com wrapperconsole.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 23266
1	hbwrapper.com cat1.hbwrapper.com — Cisco Umbrella Rank: 15478	256 B
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 23360	160 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	30 KB
0	rlcdn.com Failed api.rlcdn.com Failed
145	46

	Domain	Requested by
28	img-s-msn-com.akamaized.net	simcast.com
11	simcast.com	forensicaccount.com simcast.com code.jquery.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
9	ids.ad.gt	1 redirects simcast.com
6	pagead2.googlesyndication.com	simcast.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	material.anonymised.io	static.anonymised.io
4	www.googletagmanager.com	simcast.com cdn.adapex.io www.googletagmanager.com p.ad.gt
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	p.ad.gt	a.ad.gt p.ad.gt
3	a.ad.gt	p.gcprivacy.com cdn.hadronid.net p.ad.gt
3	id.hadron.ad.gt	p.gcprivacy.com cdn.hadronid.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	securepubads.g.doubleclick.net	cdn.adapex.io securepubads.g.doubleclick.net
3	cdnjs.cloudflare.com	simcast.com static.anonymised.io
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	seg.ad.gt	p.ad.gt
2	cm.g.doubleclick.net	simcast.com
2	image2.pubmatic.com	2 redirects
2	u.openx.net	2 redirects
2	secure.adnxs.com	2 redirects
2	ib.adnxs.com	2 redirects
2	id.a-mx.com	1 redirects simcast.com
2	aegis.anonymised.io	static.anonymised.io
2	p2.gcprivacy.com	p.gcprivacy.com simcast.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	static.anonymised.io	www.googletagmanager.com static.anonymised.io
2	cdn.jsdelivr.net	cdn.adapex.io securepubads.g.doubleclick.net
2	parking3.parklogic.com	simcast.com parking3.parklogic.com
2	forensicaccount.com	forensicaccount.com
1	www.google.com	ep2.adtrafficquality.google
1	proton.ad.gt	p.ad.gt
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	pixels.ad.gt	p.ad.gt
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	sync.go.sonobi.com	1 redirects
1	d.turn.com	1 redirects
1	token.rubiconproject.com	simcast.com
1	ids4.ad.gt	simcast.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	gum.criteo.com	static.criteo.net
1	pixel.quantserve.com	simcast.com
1	id.crwdcntrl.net	p.gcprivacy.com
1	cdn.hadronid.net	p.gcprivacy.com
1	c3.a-mo.net	1 redirects
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	cdn.prod.euid.eu	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	client
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	p.gcprivacy.com	cdn.adapex.io
1	wrapperconsole.nyc3.cdn.digitaloceanspaces.com	cdn.adapex.io
1	cloudflare.com	cdn.adapex.io
1	cat1.hbwrapper.com	cdn.adapex.io
1	cdn.adapex.io	simcast.com
1	code.jquery.com	simcast.com
0	id5-sync.com Failed	cdn.id5-sync.com
0	api.rlcdn.com Failed	cdn.adapex.io
145	66

This site contains links to these domains. Also see Links.

Domain
www.afternic.com

Subject Issuer	Validity	Valid
forensicaccount.com R11	`2024-11-28` - `2025-02-26`	3 months	crt.sh
*.simcast.com Sectigo RSA Domain Validation Secure Server CA	`2024-08-26` - `2025-08-29`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
adapex.io WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.parklogic.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-20` - `2025-02-19`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cat.hbwrapper.com R11	`2024-10-07` - `2025-01-05`	3 months	crt.sh
cloudflare.com WE1	`2024-11-25` - `2025-02-23`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-20` - `2025-05-07`	a year	crt.sh
*.gcprivacy.com Amazon RSA 2048 M02	`2024-10-03` - `2025-11-01`	a year	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
anonymised.io WR3	`2024-10-28` - `2025-01-26`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdn.prod.uidapi.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
cdn.prod.euid.eu Amazon RSA 2048 M02	`2024-11-20` - `2025-12-20`	a year	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-10-29` - `2025-04-24`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
id5-sync.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
invstatic101.creativecdn.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
hadronid.net WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
a.ad.gt WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
esp.rtbhouse.com WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh
p.ad.gt WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
ids.ad.gt WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
pixels.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
seg.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
proton.ad.gt WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Frame ID: 12E08F2A85115266578400BCE52253B1
Requests: 131 HTTP requests in this frame

Frame: https://wrapperconsole.nyc3.cdn.digitaloceanspaces.com/cookiesEnabled.html
Frame ID: E4E99331CB40A971A8EE85D7F3D63734
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 54717A05D6779FFFC3BBC6F319903F4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&abgtt=1&lmt=1732838602&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aipaq=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732838602006&bpp=5&bdt=903&idt=355&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=613098847893&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95335246%2C95345967&oid=2&pvsid=4085003714973237&tmod=1687385967&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fforensicaccount.com%2F&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=394
Frame ID: 9D929937A80771B9CD801E3302FF02D0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: E5C2A07DFADA5152194E254E4D31C038
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simcast.com&gdpr=0&gdpr_consent=
Frame ID: 6A3D2E9982F2D2C4F207E6EE8B00EFAF
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: 7D18B455E374D3C84952725E0061F89E
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: D54C1D72C014BEAA95A96009DE85890E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC7EF0DFEEFA7AA99F81783164B025CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

https://forensicaccount.com/ Page URL
https://forensicaccount.com/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf32qjhrA7jZ9FJvgZZ3PNyG1n9tBNW8Y8GrLa8... Page URL
https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

145
Requests

90 %
HTTPS

56 %
IPv6

46
Domains

66
Subdomains

47
IPs

3
Countries

1834 kB
Transfer

4465 kB
Size

54
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.afternic.com/forsale/forensicaccount.com?utm_source=TDFS&utm_medium=sn_affiliate_click&traffic_type=TDFS&traffic_id=SN_AFFILIATE
Title: The domain forensicaccount.com is for sale.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://forensicaccount.com/ Page URL
https://forensicaccount.com/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf32qjhrA7jZ9FJvgZZ3PNyG1n9tBNW8Y8GrLa8MWCwdEvq0IGBUueFTwaB%2Flb7JgvnOBYPrRQitCMLhqQyuAb8hXM20vUxZmFxZq9iBnRK82qA3mHHUJPFm3JrMnuu6TggBM4rx9tCz%2BPJqqC74gDZK2Pr99wQEOTmz7pYS9ZSNlyKu7QAGDNMBuYK3wqAmz0wHbmdaGLhCs8wesMGcH8WseIpRTX4jdXJBaxn14rBEOa63FgimVU%2F%2F0dD76XcO3uc9WTinODNT1LHN9CHjlwS%2FNEwGqrSwfpkWLZ%2Bo4yXPSiU6mn6G1I7ASMDCfx9cPDYrw7IyG1L%2BRifQ5e95qoKavow%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://id.a-mx.com/sync/ HTTP 302
https://c3.a-mo.net/b?uid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&sh=id.a-mx.com& HTTP 302
https://id.a-mx.com/set?oid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&uid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&

Request Chain 93

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fpid%3D6CP1D%26id%3D%24UID%26gcid%3D51ec1e9f-da9f-424b-9e91-7799b2ad3f0c HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fpid%253D6CP1D%2526id%253D%2524UID%2526gcid%253D51ec1e9f-da9f-424b-9e91-7799b2ad3f0c HTTP 302
https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=4395001207402931055&gcid=51ec1e9f-da9f-424b-9e91-7799b2ad3f0c

Request Chain 106

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&adnxs_id=4395001207402931055&gdpr=0

Request Chain 107

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T%26auid%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T%26auid%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=1da8a4c3-588c-4992-87d6-2da238cb7a48&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&auid=AU1D-0100-001732838604-RVU1N8NZ-OG4T

Request Chain 108

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=44000BDC-DB08-46E4-BA8C-D43C5DE2A682&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T

Request Chain 110

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001732838604-RVU1N8NZ-OG4T&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001732838604-RVU1N8NZ-OG4T&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=619f44f3-b53d-458a-8e72-f443243af5a4&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T

Request Chain 111

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=51b5747a-ddf1-4893-a491-7d8ded6e53d2%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001732838604-RVU1N8NZ-OG4T%252526tapad_id%25253D51b5747a-ddf1-4893-a491-7d8ded6e53d2%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=619f44f3-b53d-458a-8e72-f443243af5a4&ttd_puid=51b5747a-ddf1-4893-a491-7d8ded6e53d2%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001732838604-RVU1N8NZ-OG4T%2526tapad_id%253D51b5747a-ddf1-4893-a491-7d8ded6e53d2%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&tapad_id=51b5747a-ddf1-4893-a491-7d8ded6e53d2

Request Chain 113

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=2347860620208296863&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T

Request Chain 114

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&uid=6e0781c1-2951-4d44-9769-076be29b002f&gdpr=0

Request Chain 115

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMjgzODYwNC1SVlUxTjhOWi1PRzRU

145 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
forensicaccount.com/ 2 KB
799 B 24291ms
171ms Document
text/html 72.52.179.174
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://forensicaccount.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: openresty / PHP/5.4.16
Resource Hash: e67a87f3ff82836ca2907e0cf35c3c8e48fb548e04778f3dd2f457dd6607bda9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 29 Nov 2024 00:03:18 GMT
pragma: no-cache
server: openresty
x-powered-by: PHP/5.4.16

GET
H2 200 bouncy.php Show response
forensicaccount.com/page/ 712 B
459 B 1622ms
1621ms Document
text/html 72.52.179.174
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://forensicaccount.com/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf32qjhrA7jZ9FJvgZZ3PNyG1n9tBNW8Y8GrLa8MWCwdEvq0IGBUueFTwaB%2Flb7JgvnOBYPrRQitCMLhqQyuAb8hXM20vUxZmFxZq9iBnRK82qA3mHHUJPFm3JrMnuu6TggBM4rx9tCz%2BPJqqC74gDZK2Pr99wQEOTmz7pYS9ZSNlyKu7QAGDNMBuYK3wqAmz0wHbmdaGLhCs8wesMGcH8WseIpRTX4jdXJBaxn14rBEOa63FgimVU%2F%2F0dD76XcO3uc9WTinODNT1LHN9CHjlwS%2FNEwGqrSwfpkWLZ%2Bo4yXPSiU6mn6G1I7ASMDCfx9cPDYrw7IyG1L%2BRifQ5e95qoKavow%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: forensicaccount.com
URL: https://forensicaccount.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: openresty / PHP/5.4.16
Resource Hash: 34b10757e7e6741cf29cc20df0bb4192d5f318523a9216dc3c9697c0b2f80a5f

Request headers

Referer: https://forensicaccount.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 29 Nov 2024 00:03:18 GMT
pragma: no-cache
server: openresty
x-powered-by: PHP/5.4.16

GET
H/1.1 200
OK Primary Request / Show response
simcast.com/ 37 KB
7 KB 1119ms
842ms Document
text/html 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Requested by: Host: forensicaccount.com
URL: https://forensicaccount.com/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf32qjhrA7jZ9FJvgZZ3PNyG1n9tBNW8Y8GrLa8MWCwdEvq0IGBUueFTwaB%2Flb7JgvnOBYPrRQitCMLhqQyuAb8hXM20vUxZmFxZq9iBnRK82qA3mHHUJPFm3JrMnuu6TggBM4rx9tCz%2BPJqqC74gDZK2Pr99wQEOTmz7pYS9ZSNlyKu7QAGDNMBuYK3wqAmz0wHbmdaGLhCs8wesMGcH8WseIpRTX4jdXJBaxn14rBEOa63FgimVU%2F%2F0dD76XcO3uc9WTinODNT1LHN9CHjlwS%2FNEwGqrSwfpkWLZ%2Bo4yXPSiU6mn6G1I7ASMDCfx9cPDYrw7IyG1L%2BRifQ5e95qoKavow%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 55adc2486f4cda0fbbab5c30b939989939f0f240a9435d5b6568c83fdf645d4a

Request headers

Referer: https://forensicaccount.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
connection: Upgrade
content-encoding: gzip
content-length: 6977
content-type: text/html; charset=UTF-8
date: Fri, 29 Nov 2024 00:03:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.38 (Debian)
upgrade: h2
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 232ms
22ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://simcast.com
Referer: https://simcast.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15851"
age: 2310009
x-cache: HIT, HIT
date: Fri, 29 Nov 2024 00:03:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 183944, 16570
x-served-by: cache-lga21965-LGA, cache-yyz4529-YYZ
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1732838601.331012,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30638
server: nginx

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 20 KB
4 KB 285ms
91ms Stylesheet
text/css 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "5101-5d2abe6bdeb00-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 4273
date: Fri, 29 Nov 2024 00:03:21 GMT
last-modified: Thu, 09 Dec 2021 00:43:56 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: text/css

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 290ms
96ms Stylesheet
text/css 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "daa3-5d2a935d4d580-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 12209
date: Fri, 29 Nov 2024 00:03:21 GMT
last-modified: Wed, 08 Dec 2021 21:31:18 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: text/css

GET
H/1.1 200
OK lib.js Show response
simcast.com/templates/simcast/js/ 856 B
787 B 289ms
94ms Script
application/javascript 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/js/lib.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "358-5d39fa3726fc0-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 459
date: Fri, 29 Nov 2024 00:03:21 GMT
last-modified: Tue, 21 Dec 2021 03:31:19 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: application/javascript

GET
H3 200 aaw.simcast.js Show response
cdn.adapex.io/hb/ 503 KB
160 KB 271ms
68ms Script
application/javascript 2606:4700:3038::6815:eab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.simcast.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3353dd8a2af68a46996a078bdbeaf23d6ac9dbc1abff22af889f5a04625a232

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67456456-7dd9b"
age: 64805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4JIleRlxI62C16ELn57e0awWZi3Q%2FL9iMtjeWhTyE1m2Pg3wG1PjOolom7I11olPnn8on0lqrHZDl7WK6uJeNgFCP0K3VEvEXB8q7Ocy5TCuAC8TN0HzPHT%2FiWLh%2FQ0uqLfPFpt88%2BhqKZg"}],"group":"cf-nel","max_age":604800}
expires: Fri, 29 Nov 2024 06:03:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45491&min_rtt=43823&rtt_var=17625&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4205&recv_bytes=4221&delivery_rate=66658&cwnd=12000&unsent_bytes=0&cid=61c834a20b4adb7f&ts=126&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 00:03:21 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 06:01:58 GMT
vary: Accept-Encoding
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e9e558c49690fa7-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 278ms
80ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a72bb028bce20c10ceec49f52ef0c29d1e876f2825eefe14cfe9e748d45e10ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 14703369792628518273
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 00:03:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 29 Nov 2024 00:03:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53305
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 291ms
87ms Image
image/png 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Response headers

upgrade: h2
etag: "527-5d2abf11cf280"
connection: Upgrade
accept-ranges: bytes
content-length: 1319
date: Fri, 29 Nov 2024 00:03:21 GMT
last-modified: Thu, 09 Dec 2021 00:46:50 GMT
content-type: image/png
server: Apache/2.4.38 (Debian)

GET
H2 200 enhance.js Show response
parking3.parklogic.com/page/ 2 KB
2 KB 449ms
92ms Script
text/javascript 2600:3c02::f03c:95ff:fe6e:3972
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://parking3.parklogic.com/page/enhance.js?pcId=56&domain=forensicaccount.com
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c02::f03c:95ff:fe6e:3972 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: /
Resource Hash: 88905a4b891cc5c27cd26da4a13ea1df6c038bb56968e8d3059a31caa5ca9f42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

date: Fri, 29 Nov 2024 00:03:21 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *

GET
H3 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 232ms
57ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-1359"
age: 102860
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OWKP86MHxj6n3orusNtcYZmPQAwM47cK4q54%2FRQhBRm9Q6UNlSTRIIDV2ayx%2Ba5OrSxMgBQxhx2pY8kbAo2u8KJXtKv7i6v1m6PT8FSSH8DiQqlKPBpAki6crZ7aknxVXXDwAOydtGj38SeaRbCdaLOg"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 00:03:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 00:03:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e9e558c0ce62369-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1399
server: cloudflare

GET
H3 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 233ms
57ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-c81"
age: 236708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkRWXSqdC9OVed%2F8F0fceaj5a1XBm%2FiAr6MdZHlcQOv7JtvoViYukuAhQvENmNzM1%2FfuaPfYnYnFSe20UuLyUbMXThGpOwdFzRNsHlSyKQwUfaXRAlhONYnyjqsCCVIlIFe%2F1wMwVFmVdfM0NiaaVYTn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 00:03:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 00:03:21 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e9e558c0ce72369-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1541
server: cloudflare

GET
H/1.1 200
OK modal.css
simcast.com/widgets/modal/ 992 B
666 B 311ms
98ms Stylesheet
text/css 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/modal/modal.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "3e0-5d2ab305a0600-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 352
date: Fri, 29 Nov 2024 00:03:21 GMT
last-modified: Wed, 08 Dec 2021 23:52:56 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: text/css

GET
H/1.1 200
OK 6.jpg
simcast.com/images/clipart/news/ 31 KB
31 KB 337ms
114ms Image
image/jpeg 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/images/clipart/news/6.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7ced8e609d152bc8c67a45817b81a140b5f76a71d416f09a6e1b6b6058b02de1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Response headers

upgrade: h2
etag: "7bde-5d2ab73a53240"
connection: Upgrade
accept-ranges: bytes
content-length: 31710
date: Fri, 29 Nov 2024 00:03:21 GMT
last-modified: Thu, 09 Dec 2021 00:11:45 GMT
content-type: image/jpeg
server: Apache/2.4.38 (Debian)

GET
H2 200 AAXV829.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 375 B
674 B 263ms
58ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAXV829.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

a0668ba34f92cdd39f78d152645fcacd9cdca8bc1759a7d123124b655bdd4816

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 9297ccfd-d32e-43b9-9b4e-f79c9c5a3c9a
cache-control: public, max-age=355720
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AAXV829
expires: Tue, 03 Dec 2024 02:52:01 GMT
access-control-allow-origin: *
x-source-length: 375
content-length: 375
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Tue, 19 Nov 2024 01:23:51 GMT
x-frame-options: DENY

GET
H2 200 AA1uW22p.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 283ms
78ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uW22p.img?h=100&w=100&x=1250&y=833.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

efe13864cb5889b5385f4f12228db6b2324a031a9040bb68b5322f43f27254b1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 9494bb4a-d790-49d4-9c63-83d44ae4533b
cache-control: public, max-age=411087
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uW22p?h=100&w=100&x=1250&y=833.5&m=5
expires: Tue, 03 Dec 2024 18:14:48 GMT
access-control-allow-origin: *
x-source-length: 546057
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 18:14:04 GMT
x-frame-options: DENY

GET
H2 200 AA12I8qo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
2 KB 263ms
59ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12I8qo.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

379bc8d28440a12ea8a540917610c7b6a2b865cda7275285ff922d69cf46b5e7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 4dc77e91-124b-412d-8bb0-5d2a716bfb85
cache-control: public, max-age=68077
timing-allow-origin: *
x-datacenter: northeu
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12I8qo
expires: Fri, 29 Nov 2024 18:57:58 GMT
access-control-allow-origin: *
x-source-length: 1287
content-length: 1287
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Wed, 20 Nov 2024 06:56:08 GMT
x-frame-options: deny

GET
H2 200 BB1lNlyN.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 111ms
99ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1lNlyN.img?h=100&w=100&x=779&y=199&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

63f3c08109a08ba5ecc1f9654a269dd9927d0bfc660603c652f688f692b6d0b6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: e7d88989-96bc-4524-a0c4-536bbe539991
cache-control: public, max-age=412150
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/BB1lNlyN?h=100&w=100&x=779&y=199&m=5
expires: Tue, 03 Dec 2024 18:32:31 GMT
access-control-allow-origin: *
x-source-length: 105712
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 18:32:49 GMT
x-frame-options: deny

GET
H2 200 AA1lLvot.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 71ms
66ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1lLvot.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fccb19f39dd8a2ab0b87b212a020b5b61ccc954505dc8df3799d9779382f0e4f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 8c2a9e7f-76d2-4ee9-a64c-652d9fbc007a
cache-control: public, max-age=58326
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1lLvot
expires: Fri, 29 Nov 2024 16:15:27 GMT
access-control-allow-origin: *
x-source-length: 3532
content-length: 3532
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Wed, 20 Nov 2024 04:14:57 GMT
x-frame-options: deny

GET
H2 200 AA1uV18U.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 78ms
73ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uV18U.img?h=100&w=100&x=1983&y=1487.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

50eef1f2ccddec17130928e62d1cfbde96bdc7bbadfec5d0e738de9cecef3f26

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: aa97bd74-d84f-4972-a02a-c0ed921f5eac
cache-control: public, max-age=390136
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uV18U?h=100&w=100&x=1983&y=1487.5&m=5
expires: Tue, 03 Dec 2024 12:25:37 GMT
access-control-allow-origin: *
x-source-length: 999456
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 12:24:54 GMT
x-frame-options: deny

GET
H2 200 AA1ngK0C.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 958 B
1 KB 70ms
65ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1ngK0C.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

f5b7233dc5f1ae8894d955d0383a69bb4f5109bf44ec00c1f1756b79a687f821

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 50a6e14e-7eaf-4512-b941-7cedd870f7a1
cache-control: public, max-age=417122
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1ngK0C
expires: Tue, 03 Dec 2024 19:55:23 GMT
access-control-allow-origin: *
x-source-length: 958
content-length: 958
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Tue, 19 Nov 2024 19:55:20 GMT
x-frame-options: DENY

GET
H2 200 AA1uTauD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 85ms
80ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uTauD.img?h=100&w=100&x=1910&y=736&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fc576f116b0784357fe41e1bd3a1d030914694005b2f8fa3e8ccb26ec6459821

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 4747e1f9-ea10-493e-abe1-700c0446710e
cache-control: public, max-age=356194
timing-allow-origin: *
x-datacenter: eastap
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uTauD?h=100&w=100&x=1910&y=736&m=5
expires: Tue, 03 Dec 2024 02:59:55 GMT
access-control-allow-origin: *
x-source-length: 1052904
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 03:00:21 GMT
x-frame-options: DENY

GET
H2 200 AAg0OiN.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 19 KB
19 KB 74ms
69ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAg0OiN.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

51ad6f27771508eacc67edc60db023c35efb5d62c222b8f73585595b47bc30c0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 39496335-3c43-4432-9d8f-3bd01062b691
cache-control: public, max-age=140933
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AAg0OiN
expires: Sat, 30 Nov 2024 15:12:14 GMT
access-control-allow-origin: *
x-source-length: 18952
content-length: 18952
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Thu, 21 Nov 2024 03:12:35 GMT
x-frame-options: DENY

GET
H2 200 AA1uVBIG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 256 KB
256 KB 88ms
83ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uVBIG.img?h=500&w=1000&x=600&y=400&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

26369b16768b9336eb33617396a36b1387c5c914041e4f1f73087311b526b1c7

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 9dbd1b22-1136-45be-8944-0699c3faab8d
cache-control: public, max-age=402967
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uVBIG?h=500&w=1000&x=600&y=400&m=2
expires: Tue, 03 Dec 2024 15:59:28 GMT
access-control-allow-origin: *
x-source-length: 314715
content-length: 262144
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 15:59:25 GMT
x-frame-options: DENY

GET
H2 200 AA1uWkrz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 115ms
110ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uWkrz.img?h=70&w=95&x=960&y=640&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

248e996c0a6c6eea0be0a79a73d2ee5c3ded0e83233d9a05602f1e5fa62a37d6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: c4e2391d-c4d9-41ee-845b-de08799b3acf
cache-control: public, max-age=426776
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uWkrz?h=70&w=95&x=960&y=640&m=5
expires: Tue, 03 Dec 2024 22:36:17 GMT
access-control-allow-origin: *
x-source-length: 327533
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 22:36:36 GMT
x-frame-options: DENY

GET
H2 200 BB1d0ujS.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
1 KB 73ms
68ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1d0ujS.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

f5b1b30384c129ed683ec4b26bdc18d8ea02b58155b816cc1b646abacff06e53

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 08da6521-370f-4fdc-ba4d-3cf6899c0b8c
cache-control: public, max-age=133612
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/BB1d0ujS
expires: Sat, 30 Nov 2024 13:10:13 GMT
access-control-allow-origin: *
x-source-length: 1113
content-length: 1113
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
last-modified: Fri, 11 Oct 2024 13:09:53 GMT
content-type: image/png
x-frame-options: DENY

GET
H2 200 AA1uVHcm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 73ms
69ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uVHcm.img?h=70&w=95&x=1905&y=779&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

244896012bb5cba65b750a4e337272944e4b6ecebe303f83fd2cba2e3aa9a3ad

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: a86d135b-8d18-4b10-a7e0-e73d294659b1
cache-control: public, max-age=405545
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uVHcm?h=70&w=95&x=1905&y=779&m=5
expires: Tue, 03 Dec 2024 16:42:26 GMT
access-control-allow-origin: *
x-source-length: 858731
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 16:42:28 GMT
x-frame-options: deny

GET
H2 200 AAVs9cU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
1 KB 74ms
70ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVs9cU.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

278af8db05b358d4a77c18906379f458402d3e0b4a905a51a5c8a05ca5a7fa6f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 2d07cd01-35ca-4c0e-9eca-51dd907dbda4
cache-control: public, max-age=85591
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVs9cU
expires: Fri, 29 Nov 2024 23:49:52 GMT
access-control-allow-origin: *
x-source-length: 1214
content-length: 1214
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Wed, 20 Nov 2024 11:46:19 GMT
x-frame-options: deny

GET
H2 200 AA1uVkuc.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 105ms
101ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uVkuc.img?h=70&w=95&x=400&y=225&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

3978ddbca201f9edd8f1755e07f37fcb8feb80c8b51254170057c1057fe7216e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 60bf45b4-6278-4f30-b13a-f89dd6911cf1
cache-control: public, max-age=410032
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uVkuc?h=70&w=95&x=400&y=225&m=5
expires: Tue, 03 Dec 2024 17:57:13 GMT
access-control-allow-origin: *
x-source-length: 51843
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 17:56:55 GMT
x-frame-options: deny

GET
H2 200 BB1r3UvN.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 75ms
70ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1r3UvN.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

a1c000eff427d0d05d9a75c60a7c3c0d16e49fa71ff15909db86f6f7a2f5deac

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 520951d6-fdd2-4bcf-b3c9-fd045fa34479
cache-control: public, max-age=402949
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/BB1r3UvN
expires: Tue, 03 Dec 2024 15:59:10 GMT
access-control-allow-origin: *
x-source-length: 3977
content-length: 3977
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Fri, 15 Nov 2024 03:56:18 GMT
x-frame-options: deny

GET
H2 200 AA1uW22p.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 106ms
102ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uW22p.img?h=70&w=95&x=1250&y=833.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

2a38dc544b8ecf33de2386040a0dffbb4e248e95de33510f349b99934de19f1a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: b8c99df5-fc6a-4d19-80f6-7b462b725687
cache-control: public, max-age=410864
timing-allow-origin: *
x-datacenter: northeu
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uW22p?h=70&w=95&x=1250&y=833.5&m=5
expires: Tue, 03 Dec 2024 18:11:05 GMT
access-control-allow-origin: *
x-source-length: 546057
content-length: 2048
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 18:10:37 GMT
x-frame-options: deny

GET
H2 200 AA1uVSE7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 75ms
71ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uVSE7.img?h=70&w=95&x=654.5&y=238.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

22f085cd210dbeafae6932128549fa6b7eda8ffa39be39bc1d90ca11d6bff070

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: c22f6ab4-5df5-497e-ba66-7177bc30b3c9
cache-control: public, max-age=410886
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uVSE7?h=70&w=95&x=654.5&y=238.5&m=5
expires: Tue, 03 Dec 2024 18:11:27 GMT
access-control-allow-origin: *
x-source-length: 140523
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 18:11:02 GMT
x-frame-options: DENY

GET
H2 200 AAMzyrj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 9 KB
9 KB 75ms
71ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAMzyrj.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

7aaa4c4484a5c5592b4976fb99a22555ff503bc18245de0a2e1aa7ee596bf421

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 235a4193-e27c-42a7-82c4-012396e545c3
cache-control: public, max-age=56630
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AAMzyrj
expires: Fri, 29 Nov 2024 15:47:11 GMT
access-control-allow-origin: *
x-source-length: 8734
content-length: 8734
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
last-modified: Sun, 24 Nov 2024 15:49:03 GMT
content-type: image/png
x-frame-options: DENY

GET
H2 200 AA1uV18U.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 84ms
80ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uV18U.img?h=70&w=95&x=1983&y=1487.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fa3d2831c124436c9806ca74076c0533f91021dc7a4627758d3132cc1b465709

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 7773a144-b5ff-4b2d-bfa7-d843f0fb3e84
cache-control: public, max-age=389669
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uV18U?h=70&w=95&x=1983&y=1487.5&m=5
expires: Tue, 03 Dec 2024 12:17:50 GMT
access-control-allow-origin: *
x-source-length: 999456
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 12:17:23 GMT
x-frame-options: DENY

GET
H2 200 BB1iAsQr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 107ms
103ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1iAsQr.img?h=70&w=95&x=753.5&y=272.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

bf5cc5cc3115d23d12a142596acaecccfb34a2e25e3d5f430e2263e7c989f119

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: e86244a5-7109-433d-b0b5-6a99dea30a46
cache-control: public, max-age=431236
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/BB1iAsQr?h=70&w=95&x=753.5&y=272.5&m=5
expires: Tue, 03 Dec 2024 23:50:37 GMT
access-control-allow-origin: *
x-source-length: 77181
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 23:51:36 GMT
x-frame-options: DENY

GET
H2 200 AA17hY4o.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
1 KB 80ms
77ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA17hY4o.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

544ebf6a2b3bdd2b92e20d4be00b8037382af79795b8abb4b5631aa83a6f2458

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: e8a6b2aa-a9a1-4c37-839a-787d5ac66cca
cache-control: public, max-age=69964
timing-allow-origin: *
x-datacenter: northeu
content-location: https://img.s-msn.com/tenant/amp/entityid/AA17hY4o
expires: Fri, 29 Nov 2024 19:29:25 GMT
access-control-allow-origin: *
x-source-length: 1121
content-length: 1121
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Wed, 20 Nov 2024 07:27:18 GMT
x-frame-options: deny

GET
H2 200 AA1uVnTI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 82ms
79ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uVnTI.img?h=70&w=95&x=1244&y=888&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

be7750523283e3fb606e467f6a099f5f096bd23898bed4f6c0849ce7adf74860

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 15c204a8-6a18-4a05-9fd4-0e6c36dafccc
cache-control: public, max-age=402794
timing-allow-origin: *
x-datacenter: eastus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uVnTI?h=70&w=95&x=1244&y=888&m=5
expires: Tue, 03 Dec 2024 15:56:35 GMT
access-control-allow-origin: *
x-source-length: 779617
content-length: 4096
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 15:57:02 GMT
x-frame-options: deny

GET
H2 200 AA1uVEv5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 81ms
77ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uVEv5.img?h=70&w=95&x=600&y=399.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

cf4702181191db8f7eb09a472baf896fad71afd967c0a24be01a509071f2be3d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: bf4305f8-68a9-4ead-bac6-919df158db79
cache-control: public, max-age=401601
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uVEv5?h=70&w=95&x=600&y=399.5&m=5
expires: Tue, 03 Dec 2024 15:36:42 GMT
access-control-allow-origin: *
x-source-length: 330824
content-length: 2048
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 15:36:52 GMT
x-frame-options: DENY

GET
H2 200 AA1uVHjQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 32 KB
32 KB 112ms
109ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uVHjQ.img?h=300&w=400&x=430&y=286&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

6cde7f02b8f58a13d8b0e8c2563536f16047f6e3cb8810c58d08e541e13028f6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 885dad0a-24bf-42c5-9e1e-47c309b715db
cache-control: public, max-age=404416
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uVHjQ?h=300&w=400&x=430&y=286&m=2
expires: Tue, 03 Dec 2024 16:23:37 GMT
access-control-allow-origin: *
x-source-length: 45749
content-length: 32768
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 16:23:14 GMT
x-frame-options: DENY

GET
H2 200 AA1uzN6r.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 32 KB
32 KB 107ms
104ms Image
image/jpeg 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1uzN6r.img?h=300&w=400&x=921&y=272&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

bc36f2070170e0e8b63f5fe3952bdae8fc8d9d5ba7ef71e547fb3c2b3b3a40e1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: e73f6d3c-b74d-462d-a7b0-d5a72a287c2d
cache-control: public, max-age=391377
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1uzN6r?h=300&w=400&x=921&y=272&m=2
expires: Tue, 03 Dec 2024 12:46:18 GMT
access-control-allow-origin: *
x-source-length: 111863
content-length: 32768
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/jpeg
last-modified: Thu, 28 Nov 2024 12:45:34 GMT
x-frame-options: DENY

GET
H/1.1 200
OK gdpr.css
simcast.com/widgets/gdpr/ 799 B
665 B 498ms
93ms Stylesheet
text/css 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/gdpr/gdpr.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Response headers

upgrade: h2
content-encoding: gzip
etag: "31f-5d2ab2d5f1580-gzip"
connection: Upgrade
accept-ranges: bytes
content-length: 351
date: Fri, 29 Nov 2024 00:03:21 GMT
last-modified: Wed, 08 Dec 2021 23:52:06 GMT
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)
content-type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 398ms
81ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d54ad215987b2b59d4ca73932f8e34f6d6c11ab64df82b5a9443f4f64b61d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 29 Nov 2024 00:03:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81432
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 scribe.php Show response
parking3.parklogic.com/page/ 46 B
169 B 320ms
151ms Fetch
text/html 2600:3c02::f03c:95ff:fe6e:3972
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://parking3.parklogic.com/page/scribe.php?pcId=56&domain=forensicaccount.com&pId=709&usid=null&utid=null&query=null&domainJs=simcast.com&path=/&ss=true&lp=1
Requested by: Host: parking3.parklogic.com
URL: https://parking3.parklogic.com/page/enhance.js?pcId=56&domain=forensicaccount.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c02::f03c:95ff:fe6e:3972 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: /
Resource Hash: b6fa63a8d047a9d58d869307948160fda18d897ce216aa44d4cab8d0345f3e5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Fri, 29 Nov 2024 00:03:21 GMT
content-type: text/html;charset=UTF-8

GET
H/1.1 200
OK fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 74 KB
74 KB 107ms
97ms Font
font/woff2 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://simcast.com
Referer: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css

Response headers

upgrade: h2
etag: "126b0-5d2a938b14180"
connection: Upgrade
accept-ranges: bytes
content-length: 75440
date: Fri, 29 Nov 2024 00:03:21 GMT
last-modified: Wed, 08 Dec 2021 21:32:06 GMT
content-type: font/woff2
server: Apache/2.4.38 (Debian)

GET
H2 200 AA12I8qo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
0 5ms
5ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12I8qo.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

379bc8d28440a12ea8a540917610c7b6a2b865cda7275285ff922d69cf46b5e7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 4dc77e91-124b-412d-8bb0-5d2a716bfb85
cache-control: public, max-age=68077
timing-allow-origin: *
x-datacenter: northeu
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12I8qo
expires: Fri, 29 Nov 2024 18:57:58 GMT
access-control-allow-origin: *
x-source-length: 1287
content-length: 1287
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Wed, 20 Nov 2024 06:56:08 GMT
x-frame-options: deny

GET
H2 200 AA1ngK0C.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 958 B
0 5ms
5ms Image
image/png 2600:141b:1c00:6::17df:d12b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1ngK0C.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d12b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

f5b7233dc5f1ae8894d955d0383a69bb4f5109bf44ec00c1f1756b79a687f821

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-activityid: 50a6e14e-7eaf-4512-b941-7cedd870f7a1
cache-control: public, max-age=417122
timing-allow-origin: *
x-datacenter: westus
content-location: https://img.s-msn.com/tenant/amp/entityid/AA1ngK0C
expires: Tue, 03 Dec 2024 19:55:23 GMT
access-control-allow-origin: *
x-source-length: 958
content-length: 958
date: Fri, 29 Nov 2024 00:03:21 GMT
x-resizerversion: 1.0
content-type: image/png
last-modified: Tue, 19 Nov 2024 19:55:20 GMT
x-frame-options: DENY

POST
H/1.1 200
OK / Show response
cat1.hbwrapper.com/ 15 B
256 B 421ms
129ms Fetch
text/html 134.122.30.244
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat1.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.122.30.244 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture1.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://simcast.com/

Response headers

Connection: close
Access-Control-Allow-Origin: https://simcast.com
Content-Length: 15
Date: Fri, 29 Nov 2024 00:03:22 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache
Access-Control-Allow-Credentials: true

GET
H3 200 trace Show response
cloudflare.com/cdn-cgi/ 310 B
415 B 289ms
102ms Fetch
text/plain 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c84ddc933636fd7e1e7d363ee24377bfac3b6a0e1f26c89ef0ff4c51efc2cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://simcast.com/

Response headers

cache-control: no-cache
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 8e9e558f196f0c96-EWR
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: *
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: text/plain
server: cloudflare
x-frame-options: DENY

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
33 KB 305ms
74ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fe0e4851fc25831776966ebeba7664d6d2acf51b7fdcab3d9793cabbc269e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 470 / 20056 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 00:03:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33916
x-xss-protection: 0
server: cafe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 385 KB
99 KB 198ms
115ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c8099e990188e4e7536415f0e13010872b2031a3fa9669c4ff49f78b5dd5915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 29 Nov 2024 00:03:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101291
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 232ms
14ms Fetch
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d95879fcab60d1d24bb811112a9daa0d857f1244517a4dc1f2c0836141658c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://simcast.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"638-Hdc0O29/OsSbcdlNyebRFIS2n+o"
age: 28947
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4566-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 812
x-jsd-version: 1.0.2253

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 434 KB
144 KB 161ms
161ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b78d297615e175f921ea0444a6d2e6b6f9f810c44acd35f48a278623fef3e677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 11944534632581548587
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 00:03:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147631
x-xss-protection: 0
server: cafe

GET
H2 200 cookiesEnabled.html
wrapperconsole.nyc3.cdn.digitaloceanspaces.com/ Frame E4E9 0
0 343ms
129ms Document
text/html 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wrapperconsole.nyc3.cdn.digitaloceanspaces.com/cookiesEnabled.html

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1074
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 8e9e55907f6741e1-EWR
content-encoding: gzip
content-type: text/html
date: Fri, 29 Nov 2024 00:03:22 GMT
last-modified: Wed, 04 Sep 2024 04:53:30 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx0000056446d5073b929da-00673f710a-19f909d7-nyc3d
x-do-cdn-uuid: 9a191ecb-c35d-46ce-a26c-0bae59400ae4
x-envoy-upstream-healthchecked-cluster
x-rgw-object-type: Normal

GET
H2 200 gcid_s.min.js Show response
p.gcprivacy.com/t/ 18 KB
19 KB 301ms
69ms Script
text/javascript 13.33.252.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.gcprivacy.com/t/gcid_s.min.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.simcast.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.252.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-252-92.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70c58e9663116f10ab79f34fe49933096a291431d508567698859495d9b4d62b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-amz-version-id: dxLdP7095o6nIV210482OIK9QxSX3v8v
etag: "3fab79021723f9e512c616b50e6f134b"
age: 9537
via: 1.1 2bfd6688fc2f119397b69ac2ba4187b8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 18615
x-amz-cf-id: 7g8CAcqgpVjGiKfLCV1ekhYl8BHjka5gx6VrSAJcLthlJxFVdWuQYw==
date: Thu, 28 Nov 2024 21:24:26 GMT
content-type: text/javascript
last-modified: Wed, 27 Nov 2024 21:24:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P10
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK ajaxjs.php Show response
simcast.com/widgets/ms/ 4 B
363 B 252ms
62ms XHR
text/html 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01

Response headers

upgrade: h2
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
connection: Upgrade
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 24
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Apache/2.4.38 (Debian)

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 288
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 23:58:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 28 Nov 2024 23:58:34 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
96 KB 67ms
66ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RFSL1NPH34&l=dataLayer&cx=c&gtm=457e4bk0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c88f178382b8cc541d8a0c5d73dea233316beb29a1d9d4c44074d164c758f482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 29 Nov 2024 00:03:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98659
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 280ms
60ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
age: 5381
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 00:33:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 22:33:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 305ms
87ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "mLYq618hJoRcW1Crupr2OQ=="
expires: Fri, 06 Dec 2024 00:03:22 GMT
accept-ranges: bytes
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 loader.js Show response
static.anonymised.io/light/ 472 B
850 B 278ms
62ms Script
text/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a152910ba3aff9671dbf925d17fdf511c3b45c3a772b41df66306fed31522cc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-goog-metageneration: 3
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=bDdPCA==, md5=xP6RdzF7KGZriAMnzO7Z3w==
etag: "c4fe9177317b28666b880327cceed9df"
age: 2961
x-goog-stored-content-encoding: gzip
expires: Fri, 29 Nov 2024 00:14:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 324
date: Thu, 28 Nov 2024 23:14:01 GMT
last-modified: Tue, 26 Nov 2024 14:48:18 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5wzYu1zGQobfVdMEPTS-T7YhUW2zUpI35Gwms8_sVAuArJ5nPMk4xPLVTSRGplM5NN4L8
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732632498695726
content-length: 324
server: UploadServer

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 5471 0
0 211ms
42ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 23:30:05 GMT
etag: 17661348622971093804
expires: Thu, 12 Dec 2024 23:30:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 57ms
56ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=gdpr-block&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 29 Nov 2024 00:03:22 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
57ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 29 Nov 2024 00:03:22 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9D92 0
0 206ms
67ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&abgtt=1&lmt=1732838602&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aipaq=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732838602006&bpp=5&bdt=903&idt=355&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=613098847893&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95335246%2C95345967&oid=2&pvsid=4085003714973237&tmod=1687385967&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fforensicaccount.com%2F&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=394

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 00:03:22 GMT
expires: Fri, 29 Nov 2024 00:03:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync Show response
p2.gcprivacy.com/v2/ 670 B
1 KB 374ms
147ms XHR
application/json 44.210.209.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=b881f842-4f86-4d0b-8678-bc2cb05a4d2c&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&h=simcast.com&ref=https%3A%2F%2Fforensicaccount.com%2F&ids=sharedid%2Cb881f842-4f86-4d0b-8678-bc2cb05a4d2c%7C&v=v4.0.33.3
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.209.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-209-12.compute-1.amazonaws.com
Software: /
Resource Hash: 804d4f0828b9ed44fe7f760f4f1f6cc99929ca23e7a02174004d6a11f0a8b3ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://simcast.com
content-length: 670
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/json
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max

GET
H2 200 22181265 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 260ms
96ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22181265?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ec8209193b9b5f43794a49871269662792a7ef04f05b02b795061f7272d408c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BToNS7ZdQiBMfjAmP4HbjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIDZUuMTqDMSORZdYPYFYtecSqzkQ3193ifU5EM84f5l1ARAXSVxhbQFihq9XWDmAWIiH41Tnkl1sAjOOPTzHpKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGhoqWdgGF9gAADmWEKq"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BToNS7ZdQiBMfjAmP4HbjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 85ms
84ms Fetch
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RFSL1NPH34&gtm=45je4bk0v9124667839za200&_p=1732838601883&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=478626503.1732838603&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732838602&sct=1&seg=0&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&dr=https%3A%2F%2Fforensicaccount.com%2F&dt=Simcast%20News%20portal.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2697
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RFSL1NPH34&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://simcast.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 bundle.js Show response
static.anonymised.io/light/ 132 KB
37 KB 39ms
38ms Script
text/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/bundle.js?v=0.3.19
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a23d7e6d00020944c75f7bfdc455bd7f5ee847f2269292297f432311a5e1bc37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=oTwnQg==, md5=qDaPH5/xFj4/BHRbYiz69g==
etag: "a8368f1f9ff1163e3f04745b622cfaf6"
age: 2953
x-goog-stored-content-encoding: gzip
expires: Sat, 28 Dec 2024 23:14:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 37113
date: Thu, 28 Nov 2024 23:14:09 GMT
last-modified: Tue, 26 Nov 2024 14:48:17 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6KCMOKx2-I88xOMgSgUG-UY0z853Z14AolJ1cG03hSVyo9mtfK67NoqWqghUrkT7hDP_4
cache-control: public,max-age=2592000
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732632497087786
content-length: 37113
server: UploadServer

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
304 B 58ms
55ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=961094449&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&dr=https%3A%2F%2Fforensicaccount.com%2F&ul=en-ca&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=133467144&gjid=1489792447&cid=478626503.1732838603&tid=UA-205158314-1&_gid=1031913795.1732838603&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=1523734433

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://simcast.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 rules-p-WFJsXCa9VD158.js Show response
rules.quantcount.com/ 160 B
636 B 327ms
96ms Script
application/javascript 2600:9000:21dd:4a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:4a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

etag: "8451e96214684fb5c6ec4f91dde0548e"
age: 741
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: KUAy0YxaTdB_FUy8DbxmBXjFQl84whxzE99A4FJapLIvP5tDAbbeMg==
date: Thu, 28 Nov 2024 23:51:39 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 19:39:28 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 configs
material.anonymised.io/v3/tag/ Frame 0
0 318ms
132ms Preflight 34.117.250.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://material.anonymised.io/v3/tag/configs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 57.250.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anon-app-version,content-type
Access-Control-Request-Method: GET
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: anon-app-version,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
allow: OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-request-id: IaXRIeHJkbfhmWvqEthuXrFaiBpuuBNO

OPTIONS
H2 204 health
aegis.anonymised.io/ Frame 0
0 734ms
136ms Preflight
text/html 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.anonymised.io/health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anon-app-version,content-type
Access-Control-Request-Method: GET
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: anon-app-version,content-type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://simcast.com
allow: OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 29 Nov 2024 00:03:23 GMT
server: Google Frontend
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 6f6ef7fec9bc6d8620ea75326b187170
x-request-id: MqWzqizYvCVmLNwqckZGdsstZAKQQNst

GET
H2 200 configs Show response
material.anonymised.io/v3/tag/ 3 B
144 B 132ms
125ms Fetch
application/json 34.117.250.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://material.anonymised.io/v3/tag/configs
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 57.250.117.34.bc.googleusercontent.com
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Anon-App-Version: 0.3.19

Response headers

x-request-id: HMbGjIplEIhIzsKPMfNOBFdxEXpAhknk
content-encoding: gzip
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/json
vary: Accept-Encoding,Origin

GET
H2 200 health Show response
aegis.anonymised.io/ 2 B
136 B 152ms
122ms Fetch
text/plain 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.anonymised.io/health
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Anon-App-Version: 0.3.19

Response headers

x-request-id: HZMiBQrceiIEtTyoqmxvSPMPYOcsLamj
via: 1.1 google
access-control-allow-origin: https://simcast.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: text/plain; charset=UTF-8
vary: Origin
server: Google Frontend
x-cloud-trace-context: b885e2af9e8bcfa129a8b7100ec5fc78

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
2 KB 254ms
76ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bc895ce31272ac601c1fed2533915a479cff00320007e09de47a3c9de92ecb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 00:03:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 28 Nov 2024 23:37:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxV7ri0I7d-T4O_M7YMUMT5Prx7YF87VveC0MACnesJ_KR0TLIJU0Bt5loix9a2fwJ0QTM1T7PE0CHFvzBXuTUIoPfrVjnEe7YFrY2AWOCefuFCQygwvd_p3zqdeNWYLZ8C1jWLi Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 73ms
71ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV7ri0I7d-T4O_M7YMUMT5Prx7YF87VveC0MACnesJ_KR0TLIJU0Bt5loix9a2fwJ0QTM1T7PE0CHFvzBXuTUIoPfrVjnEe7YFrY2AWOCefuFCQygwvd_p3zqdeNWYLZ8C1jWLi?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyODM4NjAyLDgzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zaW1jYXN0LmNvbS8iLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c046e372f2835c006de4f9e2d07ab3d6d55acdcfc5da2b936d7e550160f5c7da

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4L3IYDd4qAPxYFHZgfKIiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfjVOeSXWwCM1oPLWVW0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0NLTUMzCMLzAAAM01PQs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4L3IYDd4qAPxYFHZgfKIiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame E5C2 0
0 442ms
41ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 23:21:06 GMT
expires: Fri, 29 Nov 2024 00:11:06 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 561ms
75ms Script
text/javascript 2600:9000:2511:7000:a:e047:754:f4a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:7000:a:e047:754:f4a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
Age: 63512
Connection: keep-alive
Via: 1.1 b33e91c066f49dc7c18162b9a344e266.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3181
X-Amz-Cf-Id: X_PAzYnpFvrsqdcx9gNgrRu0HhTNIjqzjDB-xcYEuN2ZxzkPMsnK_A==
Date: Thu, 28 Nov 2024 06:24:52 GMT
Content-Type: text/javascript
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK euidSecureSignal.js Show response
cdn.prod.euid.eu/ 3 KB
4 KB 559ms
74ms Script
text/javascript 2600:9000:28b2:8c00:1e:e2c6:2e54:f4c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.euid.eu/euidSecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:28b2:8c00:1e:e2c6:2e54:f4c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eaf017ee92a51927a7e56b30403cd20185f871d57eb83a68ad05584eeabe1d0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-amz-version-id: aXUkIeK3OG2vWqHaN.wseqCASdrVzIET
ETag: "549432e640fecb45ef3bc57acd7556c3"
Age: 62699
Connection: keep-alive
Via: 1.1 eea48723a858e610f4ce8d4f4093fc88.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3181
X-Amz-Cf-Id: BnwpualcLmtfLldQfn4HG0F2760lQcaPpMWn3lc4LTwsjNhXNJtCng==
Date: Thu, 28 Nov 2024 06:38:25 GMT
Content-Type: text/javascript
Last-Modified: Wed, 31 Jul 2024 16:30:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK52-P8
x-amz-server-side-encryption: AES256

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 560ms
72ms Script
application/javascript 2600:9000:24f1:1800:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f1:1800:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

etag: "faa388a163b1b6d0377ee77a861591e5"
age: 1904
x-cache: Hit from cloudfront
x-amz-cf-id: 6z0hob6ZBNo2zu_cuAH0e3dN6c4BLSYiTxtgyV12O-M36Rd4Nun1fQ==
date: Thu, 28 Nov 2024 23:31:40 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 18:18:45 GMT
x-amz-expiration: expiry-date="Mon, 23 Apr 2029 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
content-security-policy: default-src 'self'
cache-control: max-age=3600
via: 1.1 25c8a58d4773aeef98fa0f0f950689bc.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8729
x-amz-cf-pop: JFK50-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 556ms
70ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Sat, 30 Nov 2024 00:03:23 GMT
access-control-allow-origin: *
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 556ms
70ms Script
application/javascript 104.18.29.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7174-43df"
age: 220273
cf-ray: 8e9e5596fb81abcd-YYZ
expires: Mon, 02 Dec 2024 00:03:23 GMT
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 514ms
29ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 602810
x-goog-stored-content-encoding: gzip
expires: Sat, 22 Nov 2025 00:36:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Fri, 22 Nov 2024 00:36:33 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC6BCWb1YtEVjplkbuCbbEMGRs9vFoASnJOKkDgRqtr7T-nAiCWsaccAysi58ZCYRYkc9mM
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 471ms
61ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age: 1780
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4570-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 439
x-jsd-version: master

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 554ms
72ms Script
text/javascript 108.138.128.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-124.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 52723
via: 1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ygcBIyRPCcPUYzg5U6eaRCeu21bu7pCMehlexS3fbtBkcr-vVAtRGA==
date: Thu, 28 Nov 2024 09:24:41 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
29 KB 555ms
74ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

x-amz-id-2: 94QWLJAOIGitDPZM7RsiAUgJ5lfyeKuRzrwiUkk8V/ZcOupy4aWR46PLR/EvaJVV7rHlAojrbNo=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"a7da20199e9cb2cd9232f608481d0778"
age: 2541
x-amz-request-id: Y066K2QKACGJ7R7M
cf-ray: 8e9e55970a6132fa-EWR
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 619ms
141ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

etag: 96161c00fc10ad819c09e1314f0ae5b4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 17:54:21 GMT
server: Google Frontend
x-cloud-trace-context: 5605eb056b28641145534e715a681ee5

GET
H/1.1

200
OK

set Show response
id.a-mx.com/
Redirect Chain

https://id.a-mx.com/sync/
https://c3.a-mo.net/b?uid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&sh=id.a-mx.com&
https://id.a-mx.com/set?oid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&uid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&

99 B
606 B

62ms
57ms

Fetch
application/json

121.127.42.98
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/set?oid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&uid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Server: 121.127.42.98 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-121-127-42-98.datapacket.com
Software: /
Resource Hash: d58812169834ea7e4750bc986fd31add7ff07adb318f3dd946d941008bbb59ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

access-control-allow-origin: null
content-length: 99
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/json
access-control-allow-credentials: true

Redirect headers

access-control-allow-origin: null
location: https://id.a-mx.com/set?oid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&uid=a1c1d664-4bc6-41cb-95ad-560c7e306e51&
content-length: 0
date: Fri, 29 Nov 2024 00:03:23 GMT
access-control-allow-credentials: true

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
317 B 593ms
121ms Fetch
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?_it=prebid&t=1&src=id&partner_id=788
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
allow: POST, OPTIONS, GET
cf-ray: 8e9e55970f405e66-EWR
access-control-allow-origin: *
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 438ms
69ms Script
text/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&ref=https%3A%2F%2Fforensicaccount.com%2F&_it=tag&partner_id=788&ha=ha
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: public, max-age=432000
content-encoding: br
cf-cache-status: HIT
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
age: 24
x-amz-request-id: 83KA2CS27FNRDB7M
expires: Wed, 04 Dec 2024 00:03:23 GMT
cf-ray: 8e9e5597098f7293-EWR
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: text/javascript
last-modified: Wed, 27 Nov 2024 17:12:10 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: bZwMoh7JvKM6qWHkK4Rj29b1Q1aruKPQyGtZ9Cv2LC0tD+J8UjSgM3cttPjjOsLwnBMf9hI5goY=

GET
H2 200 788 Show response
a.ad.gt/api/v1/u/matches/ 8 KB
4 KB 371ms
192ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/788?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&ref=https%3A%2F%2Fforensicaccount.com%2F
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fb198949ae4476567bf1fe49a93500857e9ba0e84984904987c331e12acda9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
cf-ray: 8e9e55991dc58cc0-EWR
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 00:03:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 id Show response
id.crwdcntrl.net/ 151 B
897 B 609ms
140ms Fetch
application/json 35.173.157.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?&c=17228
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.157.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-157-167.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fde397581d2919c5b7d8168ef81e5765184ae459a63b2cffd94c6495d3eeaba9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://simcast.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 151
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.8.159
server: Jetty(9.4.38.v20210224)

GET
H2

200

xandr
p2.gcprivacy.com/v3/id/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fpid%3D6CP1D%26id%3D%24UID%26gcid%3D51ec1e9f-da9f-424b-9e91-7799b2ad3f0c
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fpid%253D6CP1D%2526id%253D%2524UID%2526gcid%253D51ec1e9f-da9f-424b-9e91-7799b2ad3f0c
https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=4395001207402931055&gcid=51ec1e9f-da9f-424b-9e91-7799b2ad3f0c

0
37 B

72ms
53ms

Image
text/plain

44.210.209.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=4395001207402931055&gcid=51ec1e9f-da9f-424b-9e91-7799b2ad3f0c
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Server: 44.210.209.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-209-12.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

date: Fri, 29 Nov 2024 00:03:24 GMT
content-length: 0

Redirect headers

cache-control: no-store, no-cache, private
location: https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=4395001207402931055&gcid=51ec1e9f-da9f-424b-9e91-7799b2ad3f0c
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 166.0.205.43; 166.0.205.43; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 912eca9c-814f-4e2e-9ec9-a5d998dd124d
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 29 Nov 2024 00:03:24 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 AGSKWxVXCvHQHDJtXq84-KIa1jF3K_2rf2LUbNzWij20rgT95lpLdB9X_86u0Fhs68P_kvCGV1DaNJoCHEK7I1tjt3V1HZrn_aokMq4J0A_cbC5em7O-w_ATQ-_jgA2l_b97bLekM51K Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 91ms
88ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVXCvHQHDJtXq84-KIa1jF3K_2rf2LUbNzWij20rgT95lpLdB9X_86u0Fhs68P_kvCGV1DaNJoCHEK7I1tjt3V1HZrn_aokMq4J0A_cbC5em7O-w_ATQ-_jgA2l_b97bLekM51K?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyODM4NjAyLDkzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc2ltY2FzdC5jb20vIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a3d8a882c702ad40dc894fed96a691f9b2395b442f3ac76199014ccd8d12368

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--iw_Cjqodx-FkO-DFJEwqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:22 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfjVOeSXWwCK2Y-uMmspJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJoaGipZ2AYX2AAAOA3PX4"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--iw_Cjqodx-FkO-DFJEwqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 pixel;r=1252889590;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0;ref=https%3A%2F%2Fforensicaccount.com%2F;ns=0;ce=1;qj...
pixel.quantserve.com/ 35 B
455 B 72ms
46ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1252889590;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0;ref=https%3A%2F%2Fforensicaccount.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;dst=1;et=1732838602981;tzo=480;ogl=;ses=9dc943c4-e910-4e7a-b6b3-b4268eddd882;d=simcast.com;uht=2;fpan=1;fpa=P0-855890211-1732838602983;pbc=;gdpr=0;mdl=

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Fri, 29 Nov 2024 00:03:23 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type: image/gif

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 199ms
59ms Fetch
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://simcast.com/

Response headers

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 121 B
276 B 57ms
52ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=tag&partner_id=788&sync=0&domain=simcast.com&url=https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&ref=https%3A%2F%2Fforensicaccount.com%2F&_it=tag&partner_id=788&ha=ha
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 079cf5999f5833c8019934d208ef3883100bdb80dd3877fa52b29305e4f05b9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://simcast.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
debug: NON-OPTIONS
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
cf-ray: 8e9e559868bd5e66-EWR
access-control-allow-origin: *
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

GET
H2 200 syncframe
gum.criteo.com/ Frame 6A3D 0
0 586ms
90ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simcast.com&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 00:03:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 344838
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 233 B
606 B 114ms
97ms XHR
application/json 35.173.157.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.157.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-157-167.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a420ff9a7989ddf1859ac85fe10d513f41c73522ba31a49152b3b579b28bd8cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://simcast.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://simcast.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 233
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.55.134
server: Jetty(9.4.38.v20210224)

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 285 B
550 B 573ms
143ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: df9d8284470b8f04035864b798e840ff31e4802c44fe3aa310488040635b3ea4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: application/json
x-cloud-trace-context: d42d9569f06f5ed0fd2dc4bc1884e070
server: Google Frontend
access-control-allow-headers: X-Requested-With

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 56ms
55ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=tag&partner_id=788&sync=0&domain=simcast.com&url=https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8e9e5598086b5e66-EWR
content-length: 0
content-type: application/json
date: Fri, 29 Nov 2024 00:03:23 GMT
debug: OPTIONS block
expires: Sat, 29 Nov 2025 00:03:23 GMT
server: cloudflare

GET
H2 200 788 Show response
a.ad.gt/api/v1/u/matches/ 8 KB
4 KB 105ms
88ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/788?_it=tag
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&ref=https%3A%2F%2Fforensicaccount.com%2F&_it=tag&partner_id=788&ha=ha
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fb198949ae4476567bf1fe49a93500857e9ba0e84984904987c331e12acda9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 84
cross-origin-resource-policy: cross-origin
cf-ray: 8e9e55991dc88cc0-EWR
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 00:01:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 788 Show response
p.ad.gt/api/v1/p/ 41 KB
15 KB 587ms
78ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/788
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/788?_it=tag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a341b20ee319aebd7e9025eb87be9873af516408785c3f37d45fe7ecb286fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 88
cf-ray: 8e9e559cfa28c3ff-EWR
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: application/javascript
vary: accept-encoding
server: cloudflare
last-modified: Thu, 28 Nov 2024 23:57:15 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
170 B 659ms
152ms Image
image/gif 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&halo_id=060ixe9ju6a65kihgfc676faj6hbef6ekceupn6xj1f1yyvsroj120pfw0sgmp1mz
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559cf80b42b0-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 ip_match
ids4.ad.gt/api/v1/ 0
193 B 783ms
266ms Image
text/html 35.162.65.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids4.ad.gt/api/v1/ip_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.65.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-65-214.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-length: 0
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: text/html; charset=utf-8
server: nginx/1.27.1

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&adnxs_id=4395001207402931055&gdpr=0

43 B
94 B

438ms
198ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&adnxs_id=4395001207402931055&gdpr=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559cf80e42b0-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&adnxs_id=4395001207402931055&gdpr=0
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 166.0.205.43; 166.0.205.43; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 8231f9ee-6bbd-4168-83b2-d3426e159880
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 29 Nov 2024 00:03:24 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T%26auid%3DAU...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T%26auid...
https://ids.ad.gt/api/v1/openx?openx_id=1da8a4c3-588c-4992-87d6-2da238cb7a48&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&auid=AU1D-0100-001732838604-RVU1N8NZ-OG4T

43 B
95 B

200ms
200ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=1da8a4c3-588c-4992-87d6-2da238cb7a48&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&auid=AU1D-0100-001732838604-RVU1N8NZ-OG4T
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559d689642b0-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
server: cloudflare

Redirect headers

location: https://ids.ad.gt/api/v1/openx?openx_id=1da8a4c3-588c-4992-87d6-2da238cb7a48&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&auid=AU1D-0100-001732838604-RVU1N8NZ-OG4T
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T
https://ids.ad.gt/api/v1/pbm_match?pbm=44000BDC-DB08-46E4-BA8C-D43C5DE2A682&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T

43 B
95 B

140ms
139ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=44000BDC-DB08-46E4-BA8C-D43C5DE2A682&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559e096142b0-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/pbm_match?pbm=44000BDC-DB08-46E4-BA8C-D43C5DE2A682&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 29 Nov 2024 00:03:24 GMT
server: nginx

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
1 KB 555ms
62ms Image
text/plain 69.173.146.5
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001732838604-RVU1N8NZ-OG4T&gdpr=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4581d8330ee81d8f36e15dba6d5b7f41
Pragma: no-cache

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001732838604-RVU1N8NZ-OG4T&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001732838604-RVU1N8NZ-OG4T&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=619f44f3-b53d-458a-8e72-f443243af5a4&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T

43 B
95 B

137ms
136ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=619f44f3-b53d-458a-8e72-f443243af5a4&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559df93b42b0-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
server: cloudflare

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=619f44f3-b53d-458a-8e72-f443243af5a4&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T
content-length: 259
date: Fri, 29 Nov 2024 00:03:24 GMT
server: Kestrel

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001732838604...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001732...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=51b5747a-ddf1-4893-a491-7d8ded6e53d2%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=619f44f3-b53d-458a-8e72-f443243af5a4&ttd_puid=51b5747a-ddf1-4893-a491-7d8ded6e53d2%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&tapad_id=51b5747a-ddf1-4893-a491-7d8ded6e53d2

43 B
95 B

135ms
129ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&tapad_id=51b5747a-ddf1-4893-a491-7d8ded6e53d2
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559f5ae842b0-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&tapad_id=51b5747a-ddf1-4893-a491-7d8ded6e53d2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Fri, 29 Nov 2024 00:03:24 GMT
server: Jetty(11.0.13)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 482ms
107ms Image
image/png 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 29 Nov 2024 00:03:24 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001732838604-RVU1N8NZ-OG4T
https://ids.ad.gt/api/v1/amo_match?turn_id=2347860620208296863&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T

43 B
95 B

211ms
207ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=2347860620208296863&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559fbb6442b0-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location: https://ids.ad.gt/api/v1/amo_match?turn_id=2347860620208296863&id=AU1D-0100-001732838604-RVU1N8NZ-OG4T
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 0
pragma: no-cache
date: Fri, 29 Nov 2024 00:03:23 GMT

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&uid=6e0781c1-2951-4d44-9769-076be29b002f&gdpr=0

43 B
95 B

195ms
188ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&uid=6e0781c1-2951-4d44-9769-076be29b002f&gdpr=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559fbb6242b0-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, private
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T&uid=6e0781c1-2951-4d44-9769-076be29b002f&gdpr=0
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 29 Nov 2024 00:03:24 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-5-94
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001732838604-RVU1N8NZ-OG4T
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMjgzODYwNC1SVlUxTjhOWi1PRzRU

170 B
232 B

121ms
101ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMjgzODYwNC1SVlUxTjhOWi1PRzRU

Requested by

Host: simcast.com
URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Protocol

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 29 Nov 2024 00:03:24 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cf-ray: 8e9e559d88bc42b0-EWR
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMjgzODYwNC1SVlUxTjhOWi1PRzRU
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: text/html; charset=utf-8
server: cloudflare

GET
H3 200 ads. Show response
fundingchoicesmessages.google.com/f/AGSKWxVAfPU3YF-CsmfGkjiaSDm64J8NmHRzJAb-iOPKnBsQcfnbhEdPWLpaJ0zpdivd1G_pO_HV_-M9_rLrX-fy49Sq1BDIQIdQs3TQ4MIwbrM5uiSCGw9twa0YnMRWrQaOMzPx9fQw2tdKG0VdzcK9L4zew0jEh... 54 B
109 B 82ms
76ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAfPU3YF-CsmfGkjiaSDm64J8NmHRzJAb-iOPKnBsQcfnbhEdPWLpaJ0zpdivd1G_pO_HV_-M9_rLrX-fy49Sq1BDIQIdQs3TQ4MIwbrM5uiSCGw9twa0YnMRWrQaOMzPx9fQw2tdKG0VdzcK9L4zew0jEhauEPzdnsN-brWRyyCUAVEXbRFt-O_o=/_/rcom-ads./ad_300250./adlabel_/exoclick./digest/ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

beb0597e925c8f2db433bebebcb5c7b7a5e421fc06bd3eabbb6d3ce32b3b5e24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nW3ysm4CyZVIuyQbIcAeKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIDZUuMTqDMSORZdYPYFYtecSqzkQ3193ifU5EM84f5l1ARAXSVxhbQFihq9XWDmAWIiH43Tnkl1sAhv-Nu1iVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDS01DMwjC8wAADaH0J9"
content-security-policy: script-src 'report-sample' 'nonce-nW3ysm4CyZVIuyQbIcAeKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 51ms
46ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
etag: 2157040660662159465
age: 1945
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 00:30:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 28 Nov 2024 23:30:58 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15113
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWtWmoLBqO2NMl0SiBkUtH81GzjXsT1gbF3kRbb4L1h-7KWB-tewZy_vfC6nG73WWfcO_7ZZ6XWD87juyqCzUfyGP4wmL4coYSmmj7C_gmvdHkBowtjOuO61Yp4bImHirzOR7ZW Show response
fundingchoicesmessages.google.com/el/ 0
28 B 227ms
99ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWtWmoLBqO2NMl0SiBkUtH81GzjXsT1gbF3kRbb4L1h-7KWB-tewZy_vfC6nG73WWfcO_7ZZ6XWD87juyqCzUfyGP4wmL4coYSmmj7C_gmvdHkBowtjOuO61Yp4bImHirzOR7ZW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZpPm7QL5vJ4ybdGT4AZU_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoExAxfr7ByALEQN8eZziW72ARm9L8RVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhoaGlnoGpvEFBgDQtSVo"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZpPm7QL5vJ4ybdGT4AZU_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://simcast.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWtWmoLBqO2NMl0SiBkUtH81GzjXsT1gbF3kRbb4L1h-7KWB-tewZy_vfC6nG73WWfcO_7ZZ6XWD87juyqCzUfyGP4wmL4coYSmmj7C_gmvdHkBowtjOuO61Yp4bImHirzOR7ZW Show response
fundingchoicesmessages.google.com/el/ 0
28 B 110ms
103ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWtWmoLBqO2NMl0SiBkUtH81GzjXsT1gbF3kRbb4L1h-7KWB-tewZy_vfC6nG73WWfcO_7ZZ6XWD87juyqCzUfyGP4wmL4coYSmmj7C_gmvdHkBowtjOuO61Yp4bImHirzOR7ZW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RlI0jqYA8QN6MVqpwE94Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBicEqfwRoExAxfr7ByALEQN8eZziW72ARWPJ0grOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0NLfUMTOMLDADU8CV1"
content-security-policy: script-src 'report-sample' 'nonce-RlI0jqYA8QN6MVqpwE94Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://simcast.com
content-length: 0
x-xss-protection: 0
server: ESF

GET bounce
id5-sync.com/ 0
0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
283 B 776ms
238ms Fetch
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

13223775aec0c024c2c1c2c9127fbe7ec26f7f5a3c4ad2fe074da266b52d06a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://simcast.com
date: Fri, 29 Nov 2024 00:03:23 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H3 204 AGSKWxWtWmoLBqO2NMl0SiBkUtH81GzjXsT1gbF3kRbb4L1h-7KWB-tewZy_vfC6nG73WWfcO_7ZZ6XWD87juyqCzUfyGP4wmL4coYSmmj7C_gmvdHkBowtjOuO61Yp4bImHirzOR7ZW Show response
fundingchoicesmessages.google.com/el/ 0
28 B 95ms
56ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWtWmoLBqO2NMl0SiBkUtH81GzjXsT1gbF3kRbb4L1h-7KWB-tewZy_vfC6nG73WWfcO_7ZZ6XWD87juyqCzUfyGP4wmL4coYSmmj7C_gmvdHkBowtjOuO61Yp4bImHirzOR7ZW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yoATeALvi7G-l52OfKPDFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BicEqfwRoExAxfr7ByALEQN8eZziW72AQO3FzhrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0NLfUMTOMLDADs6yXK"
content-security-policy: script-src 'report-sample' 'nonce-yoATeALvi7G-l52OfKPDFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://simcast.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWtWmoLBqO2NMl0SiBkUtH81GzjXsT1gbF3kRbb4L1h-7KWB-tewZy_vfC6nG73WWfcO_7ZZ6XWD87juyqCzUfyGP4wmL4coYSmmj7C_gmvdHkBowtjOuO61Yp4bImHirzOR7ZW Show response
fundingchoicesmessages.google.com/el/ 0
28 B 89ms
61ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWtWmoLBqO2NMl0SiBkUtH81GzjXsT1gbF3kRbb4L1h-7KWB-tewZy_vfC6nG73WWfcO_7ZZ6XWD87juyqCzUfyGP4wmL4coYSmmj7C_gmvdHkBowtjOuO61Yp4bImHirzOR7ZW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KkUacjlolYV0zUId1cy9Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0gDi9BmsQUDM8PUKKwcQC3FznOlcsotN4MOea85KLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTQ0NBSz8A0vsAAAP3aJgc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KkUacjlolYV0zUId1cy9Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://simcast.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVxvQgInkdS3CjEuFDyJ8RypCEG88Vr2Ov7kCFWDjXgyqz7zNr8R8DYveIMWk2_x_w2qgHCY8MmUrbiLc2iuqbypVwzVClP2LLrwSEPajjQ-aooXovB3g_FWbTSRFNIcDloMTN4 Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 105ms
85ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVxvQgInkdS3CjEuFDyJ8RypCEG88Vr2Ov7kCFWDjXgyqz7zNr8R8DYveIMWk2_x_w2qgHCY8MmUrbiLc2iuqbypVwzVClP2LLrwSEPajjQ-aooXovB3g_FWbTSRFNIcDloMTN4?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyODM4NjA0LDc3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3NpbWNhc3QuY29tLyIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85f20ad7e4c32eb4c6239cbcc8b966b3b01cfdea9156d532fdb5a0337a81583e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rspCJm3XTQ_J5gqqkLNwQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiJvjTOeSXWwCP-b2uStpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoaWuoZGMYXGAAAnc089A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rspCJm3XTQ_J5gqqkLNwQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXViPgXgADMT7HgV6PoAQ6Q_ftkAQIIYc7_yAKFsReSpZh9318gIZjK79-wMgjHqDMKF9tVNMgKjPGbBtbpZS4W6M_2YpKJcNxjZ_UzHEhqeHfz2oYL4MHNLxp9ygi6X-Yt6Flz Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
57ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXViPgXgADMT7HgV6PoAQ6Q_ftkAQIIYc7_yAKFsReSpZh9318gIZjK79-wMgjHqDMKF9tVNMgKjPGbBtbpZS4W6M_2YpKJcNxjZ_UzHEhqeHfz2oYL4MHNLxp9ygi6X-Yt6Flz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dtX44LNKl6L-B85xxrnclQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://simcast.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoExAxfr7ByALEQD8eZziW72ARmbF88hVHJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAAPjHJcs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dtX44LNKl6L-B85xxrnclQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://simcast.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
95 KB 59ms
58ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/788

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa34b26ae070dfab2b74f22962a16cdd9b4d460a47d41a68294efc0e1c82d992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 29 Nov 2024 00:03:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96971
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
112 B 210ms
208ms XHR
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559d9b148cc0-EWR
access-control-allow-origin: https://simcast.com
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
88 B 417ms
170ms Script
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=c00e13265049a1269f7ba06798f9868a&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dforensicaccount.com%26pcid%3D50%26rid%3D201%26a%3D0&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e559fbe624392-EWR
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:24 GMT
server: cloudflare

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 408 B
232 B 159ms
158ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d895042c35fa86fcb66332826ba8389634bec698911e60e8cd6e4d016654107

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://simcast.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8e9e559fead70cc2-EWR
access-control-allow-origin: *
date: Fri, 29 Nov 2024 00:03:24 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: cloudflare

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 377ms
155ms Preflight 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8e9e559f19ed0cc2-EWR
date: Fri, 29 Nov 2024 00:03:24 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

POST v3
id5-sync.com/gm/ 0
0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 237ms
66ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71c2b923459a2977a2f101b57667c1e2f9c777e6152ff004810f0a038d3bd714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13164
date: Fri, 29 Nov 2024 00:03:25 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 timeme.min.js Show response
cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/ 6 KB
2 KB 51ms
50ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/timeme.min.js

Requested by

Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.19

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03cf2-163a"
age: 108336
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0kit1QW2%2Bq562hCfux8p15ixWedU5v4h9e%2FCIbWRvr0BtowCCC9xLTg9RR1eDhKJ1Rsmpsmecw%2BV99qd%2Fl6OKHPz46bS1kiuQuou0IyXErNJn7yEAAjIhVwvkzXt4llUiGIOF%2B34fkk9MBWsgSeF2aqi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 00:03:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 00:03:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:04:02 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e9e55a1be7b2369-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1532
server: cloudflare

POST
H3 200 interest-scores Show response
material.anonymised.io/v3/anon/ 25 B
65 B 390ms
388ms Fetch
application/json 34.117.250.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://material.anonymised.io/v3/anon/interest-scores
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 57.250.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 30fab0220fdc6ddc52aa4c7281eef5a63d25c2834aee1cd88ed7dae77170e1ac

Request headers

Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Anon-App-Version: 0.3.19

Response headers

x-request-id: TFVHSiZBbCkzhrguYGRghjVGcSVNkDJx
content-encoding: gzip
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
date: Fri, 29 Nov 2024 00:03:25 GMT
content-type: application/json
vary: Accept-Encoding,Origin

OPTIONS
H3 204 interest-scores
material.anonymised.io/v3/anon/ Frame 0
0 131ms
128ms Preflight 34.117.250.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://material.anonymised.io/v3/anon/interest-scores
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 57.250.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anon-app-version,content-type
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: anon-app-version,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
allow: OPTIONS, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:25 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-request-id: DOSDUMuODtYSPpdICvKSAhZtMyAWHOzF

GET
H2 200 join-ad-interest-groups.html
proton.ad.gt/ Frame 7D18 0
0 217ms
57ms Document
text/html 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proton.ad.gt/join-ad-interest-groups.html
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
ad-auction-allowed: true
age: 2175
apigw-requestid: B-ZiJgoPPHcEJUQ=
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 8e9e55a2eea643cd-EWR
content-encoding: br
content-type: text/html
date: Fri, 29 Nov 2024 00:03:25 GMT
last-modified: Thu, 28 Nov 2024 20:43:57 GMT
server: cloudflare
supports-loading-mode: fenced-frame
vary: Accept-Encoding

GET
H/1.1 200
OK favicon.png
simcast.com/templates/simcast/ 486 B
749 B 299ms
99ms Other
image/png 45.79.244.12
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-244-12.ip.linodeusercontent.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7962c200b80de04b6cd4fc25e4745f01c475bee72990d2933733140a3c26caba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0

Response headers

upgrade: h2
etag: "1e6-5d2abe70a3640"
connection: Upgrade
accept-ranges: bytes
content-length: 486
date: Fri, 29 Nov 2024 00:03:25 GMT
last-modified: Thu, 09 Dec 2021 00:44:01 GMT
content-type: image/png
server: Apache/2.4.38 (Debian)

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 257ms
77ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://simcast.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 00:03:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 00:03:25 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 195ms
193ms XHR
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://simcast.com/

Response headers

cf-ray: 8e9e55a5cfbec46d-EWR
access-control-allow-origin: https://simcast.com
cf-cache-status: DYNAMIC
date: Fri, 29 Nov 2024 00:03:25 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 360ms
187ms Preflight
text/html 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://simcast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://simcast.com
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8e9e55a4aec3c46d-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 29 Nov 2024 00:03:25 GMT
server: cloudflare
vary: Origin

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D54C 0
0 201ms
50ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 23:30:07 GMT
expires: Fri, 29 Nov 2024 00:20:07 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame CC7E 0
0 229ms
62ms Document
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-urtg6svhORwD9jdCi07FZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-urtg6svhORwD9jdCi07FZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 00:03:25 GMT
expires: Fri, 29 Nov 2024 00:03:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: id5-sync.com
URL: https://id5-sync.com/bounce

Domain: id5-sync.com
URL: https://id5-sync.com/gm/v3

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=4085003714973237&bg=!SkmlSQbNAAaIaF9IqGg7ADQBe5WfOIbPSIFYq_HySdOoIuwSyidR4p5c9IoUyxznRDRcBS4e8q2I5mAFPtGaJw7BnM1TAgAAAPtSAAAAA2gBB34ANiQ5SeRJqE1Z24hwXRoxr9MU19qCsXDSSWgvYQSMH9T8oFgB3j3M1lNUCSlUxfcN6G96gK_9fZkCp4-73TAYVma6Gx3KMbPHmrEAA9U20iZFEgg5y7h7IkzClfvNEzQwZv8iwBrAY_vS3ElWmX9f-ZWoEKGxIfap6-V5ix1Gd1C8fq6OEEuDiQDW3f2_gT8pOri5ORBim5tYRrB15TY78xs9vmlJ3ml8re8wekXmWUv_FdYetdAvwR8HMKLWOTZQWrMYvHsAWWZ8e2bD9-UOyoVQ4rKOR4UtLDAoWKKyufsszLOeSSe6M_uWNi6qZSoi37ncibZq0HOwRDYEGXyu5Q3Y5Spd5a2JEhn16O-Pv6X40ToJiAV94yNeXXvrWyH79qj2Ld7Qa26UpEXwctYzicqqS7T-1BcNQgVYHIIrwESk7u9Exvw3umQJb-0sRYGyayTSA4S-nrlD-yJQ68tvwla7sgmmFDXMyZWhfIyoJOGa_uW3fXZ4UsZcHylt-30cerQGZOKQziUvaQWghEhJoJct3wFn_4S5_BKG7oR0T7Tjk-BgA17pIuFaWBeRpAXXbCH44Pcr3ZdiOaf5aT4uCRVMXHeLZWMunkVv8yTxoROnxA-fT2QMyqBJtrxlUnxeMlDRL7YjN-TPZJNphbSRMikk-avE55kFnJaVMYk3ds89_kQcu2tc83UU5Haai5_QRNj6AHNfOKDaUijuU2HDCh3GfsTswiHxsWBwfo7756vToxYBIQSmrwZT1Bk660KvHvrNdOaTVBNtDvPluf6MGTqDffPxnZoITFX_EO2xkTCgaTtdjFzFlLGTbIEQN8Qxm4UnFVEcCoNdOVY222W1KsSf_Kd6_GxtJtnPV9RhfXSRnq2zqy3wk8ph2BFOSUuvKZhcxkSLUtFp9sp7Wnw9UQdsd9JFJdxfwyygLX4vfcGvP8oLAEfRz0ybpvlPeq0RaOPPTa9FHjQN5p0B5Ha5ehk

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
simcast.com/	1970-01-21 01:20:39	Name: PHPSESSID Value: tnokebembfk197ap450dgb0jmg
simcast.com/	1970-01-21 02:03:50	Name: uidinfer Value: 285716653
simcast.com/	1970-01-21 01:20:42	Name: _lr_retry_request Value: true
simcast.com/	1970-01-21 02:03:50	Name: _lr_env_src_ats Value: false
simcast.com/	1969-12-31 23:59:59	Name: mess Value: 1
.simcast.com/	1970-01-21 10:56:38	Name: _ga_RFSL1NPH34 Value: GS1.1.1732838602.1.0.1732838602.0.0.0
.doubleclick.net/	1970-01-21 01:20:39	Name: test_cookie Value: CheckForPermission
.simcast.com/	1970-01-21 10:56:38	Name: _ga Value: GA1.2.478626503.1732838603
.simcast.com/	1970-01-21 01:22:05	Name: _gid Value: GA1.2.1031913795.1732838603
.simcast.com/	1970-01-21 01:20:38	Name: _gat_gtag_UA_205158314_1 Value: 1
p2.gcprivacy.com/	1970-01-21 03:30:14	Name: gcid Value: 51ec1e9f-da9f-424b-9e91-7799b2ad3f0c
simcast.com/	1970-01-21 03:30:14	Name: gcid_first Value: 51ec1e9f-da9f-424b-9e91-7799b2ad3f0c
.a-mx.com/	1970-01-21 10:06:14	Name: amdt_t Value: g::1732838603422
.a-mx.com/	1970-01-21 10:06:14	Name: amuid2 Value: a1c1d664-4bc6-41cb-95ad-560c7e306e51
.crwdcntrl.net/	1970-01-21 07:49:26	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 07:49:26	Name: _cc_id Value: 99ac9044798b53c44e32b04c3d6271f
.crwdcntrl.net/	1970-01-21 07:49:26	Name: _cc_cc Value: "ACZ4nGOQt7RMTLY0MDExt7RIMjVONjFJNTZKMjBJNk4xMzI3TGMAgnRPltMMCAAAMaoJow%3D%3D"
.crwdcntrl.net/	1970-01-21 07:49:26	Name: _cc_aud Value: "ABR4nGNgYGBI92Q5zQAHABJSAYA%3D"
.quantserve.com/	1970-01-21 10:50:53	Name: mc Value: 674904cb-82573-55a81-8c682
.simcast.com/	1970-01-21 10:45:07	Name: __qca Value: P0-855890211-1732838602983
.simcast.com/	1970-01-21 07:49:26	Name: _cc_id Value: 99ac9044798b53c44e32b04c3d6271f
.simcast.com/	1970-01-21 01:30:43	Name: panoramaId_expiry Value: 1733443403587
.simcast.com/	1970-01-21 01:30:43	Name: panoramaId Value: aba07b0d8727ea8dbfeac9117eb2185ca02c9de82a7cf695c1fcaee8f3954bca
.simcast.com/	1970-01-21 01:30:43	Name: panoramaIdType Value: panoDevice
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.simcast.com/	1970-01-21 10:06:14	Name: _au_1d Value: AU1D-0100-001732838604-RVU1N8NZ-OG4T
.adnxs.com/	1970-01-21 10:56:38	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:30:14	Name: XANDR_PANID Value: svRrhvQ4yqP-JEyjKMSkbaFOwZdLq1uGFF40LVcVq7vMq8C_B7AwctCZPzh1cDDbF05JOMtpBsPY2u4nyl0O9VKWpkRizczPbM1ZwKQkBL0.
.adnxs.com/	1970-01-21 03:30:14	Name: uuid2 Value: 4395001207402931055
.a-mo.net/	1970-01-21 10:06:14	Name: amdt_t Value: p::1732838603923
.a-mo.net/	1970-01-21 10:06:14	Name: amdt_t Value: p::1732838603923
.a-mo.net/	1970-01-21 10:06:14	Name: amuid2 Value: a1c1d664-4bc6-41cb-95ad-560c7e306e51
.a-mo.net/	1970-01-21 10:06:14	Name: amuid2 Value: a1c1d664-4bc6-41cb-95ad-560c7e306e51
.criteo.com/	1970-01-21 10:42:14	Name: uid Value: a1a28379-ef3d-444a-907d-573a5e9343d0
.criteo.com/	1970-01-21 10:42:14	Name: receive-cookie-deprecation Value: 1
.simcast.com/	1970-01-21 10:06:14	Name: FCNEC Value: %5B%5B%22AKsRol_SMDt1OK-RE-ixtXpnkKWxwpspw7wNIax8oLUeZOL7YCadgExomuGb2oMrjU_ZbGjfVV3iSC2BHR-BCmEA5dlBiI94GPtb71OyiNAaeYjzJGIWo8DHbhFdAO2U3Rz1M-Vj4gwvDuAeJR6DIYDam0DfXImeHg%3D%3D%22%5D%5D
.openx.net/	1970-01-21 10:06:14	Name: i Value: e74482ff-7887-4999-8efb-f11a4b9386b1\|1732838604
.rubiconproject.com/	1970-01-21 10:06:14	Name: audit_p Value: 1\|SOBXPEFc2UuEEWOs867N+qAg/kf84x/cxzluhXgPolObyR+hvQt5L6f1kP4VsCx9C2axreXdQg7yUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnXpIGdo9fcY8aUwc8mkiJCgMUv86saHQHqp3Ae8KecuRYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.rubiconproject.com/	1970-01-21 10:06:14	Name: khaos Value: M41ZD4B0-R-128O
.rubiconproject.com/	1970-01-21 10:06:14	Name: khaos_p Value: M41ZD4B0-R-128O
.rubiconproject.com/	1970-01-21 10:06:14	Name: audit Value: 1\|SOBXPEFc2UuEEWOs867N+qAg/kf84x/cxzluhXgPolObyR+hvQt5L6f1kP4VsCx9C2axreXdQg7yUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnXpIGdo9fcY8aUwc8mkiJCgMUv86saHQHqp3Ae8KecuRYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.tapad.com/	1970-01-21 02:47:02	Name: TapAd_TS Value: 1732838604315
.tapad.com/	1970-01-21 02:47:02	Name: TapAd_DID Value: 51b5747a-ddf1-4893-a491-7d8ded6e53d2
.adsrvr.org/	1970-01-21 10:06:14	Name: TDID Value: 619f44f3-b53d-458a-8e72-f443243af5a4
.pubmatic.com/	1970-01-21 03:30:14	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-21 10:06:14	Name: KADUSERCOOKIE Value: 44000BDC-DB08-46E4-BA8C-D43C5DE2A682
.ad.gt/	1970-01-21 10:06:14	Name: au_id Value: AU1D-0100-001732838604-RVU1N8NZ-OG4T
.adsrvr.org/	1970-01-21 10:06:14	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjkmefr6ITIPRAFGAEgASgCMgsI0o_qmP-EyD0QBTgBWgV0YXBhZGAC
.tapad.com/	1970-01-21 02:47:02	Name: TapAd_3WAY_SYNCS Value: 1!8016
.go.sonobi.com/	1970-01-21 10:06:14	Name: __uis Value: 6e0781c1-2951-4d44-9769-076be29b002f
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8594\|Z0kEz
.turn.com/	1970-01-21 05:39:50	Name: uid Value: 2347860620208296863
simcast.com/	1970-01-21 10:06:14	Name: idw-fe-id Value: e906b15c-f7bd-4dd2-9ad7-bb45a1fa5911
.simcast.com/	1970-01-21 10:42:14	Name: cto_bundle Value: -rudEl92anhKOGxKdFpVRjVJZCUyRlRaMkVaNCUyQiUyQkRxaThwTmQ2cTJ6bk1Ya0NmaW04NSUyQk9aRTh2UGNoMTkyeDNoN2NHNTZCaTdHTmdEb2E3Tk9zQkEwZU1LZ2ZJaURYaiUyQkMwSTZBMEVneFlCbldFTGFjc2clMkZ1M2kzUlVJbHA3d1dyNkVIJTJCeEt6OXFPY0pBJTJGNEpJVUl4dzJvWE13JTNEJTNE

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	verbose	URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq)
recommendation	verbose	URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0 Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0 Message: Access to fetch at 'https://id5-sync.com/bounce' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://id5-sync.com/bounce Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://simcast.com/?d=forensicaccount.com&pcid=50&rid=201&a=0 Message: Access to XMLHttpRequest at 'https://id5-sync.com/gm/v3' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://id5-sync.com/gm/v3 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aegis.anonymised.io
api.rlcdn.com
bcp.crwdcntrl.net
c3.a-mo.net
cat1.hbwrapper.com
cdn-ima.33across.com
cdn.adapex.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.euid.eu
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connectid.analytics.yahoo.com
d.turn.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
esp.rtbhouse.com
fonts.googleapis.com
forensicaccount.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
ids4.ad.gt
image2.pubmatic.com
img-s-msn-com.akamaized.net
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
match.adsrvr.org
material.anonymised.io
oa.openxcdn.net
p.ad.gt
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
parking3.parklogic.com
pixel.quantserve.com
pixel.tapad.com
pixels.ad.gt
proton.ad.gt
rules.quantcount.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
seg.ad.gt
simcast.com
static.anonymised.io
static.criteo.net
sync.go.sonobi.com
tags.crwdcntrl.net
token.rubiconproject.com
u.openx.net
wrapperconsole.nyc3.cdn.digitaloceanspaces.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
api.rlcdn.com
ep1.adtrafficquality.google
id5-sync.com
104.18.29.101
108.138.128.124
121.127.42.98
13.33.252.92
134.122.30.244
138.199.41.120
142.251.32.98
162.19.138.120
2600:141b:1c00:6::17df:d12b
2600:3c02::f03c:95ff:fe6e:3972
2600:9000:21dd:4a00:6:44e3:f8c0:93a1
2600:9000:24f1:1800:10:dd8:5e40:93a1
2600:9000:2511:7000:a:e047:754:f4a1
2600:9000:28b2:8c00:1e:e2c6:2e54:f4c1
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:3038::6815:eab1
2606:4700:4400::ac40:911d
2606:4700::6810:84e5
2606:4700::6811:190e
2607:f350:3:2569:0:10:0:200d
2607:f8b0:4006:807::200e
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::200a
2620:100:a00b::12
2620:100:a00b::4
2620:112:f008:200::101
2620:116:800b:21:c1e8:5385:5098:6bf0
2a04:4e42:600::485
2a04:4e42:600::649
3.33.220.150
34.102.146.192
34.107.217.107
34.111.113.62
34.117.250.57
34.96.70.87
34.98.64.218
35.162.65.214
35.173.157.167
35.190.39.111
44.210.209.12
45.79.244.12
68.67.160.75
69.173.146.5
72.52.179.174
8.28.7.83
079cf5999f5833c8019934d208ef3883100bdb80dd3877fa52b29305e4f05b9e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8099e990188e4e7536415f0e13010872b2031a3fa9669c4ff49f78b5dd5915
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
13223775aec0c024c2c1c2c9127fbe7ec26f7f5a3c4ad2fe074da266b52d06a2
139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
22f085cd210dbeafae6932128549fa6b7eda8ffa39be39bc1d90ca11d6bff070
244896012bb5cba65b750a4e337272944e4b6ecebe303f83fd2cba2e3aa9a3ad
248e996c0a6c6eea0be0a79a73d2ee5c3ded0e83233d9a05602f1e5fa62a37d6
26369b16768b9336eb33617396a36b1387c5c914041e4f1f73087311b526b1c7
278af8db05b358d4a77c18906379f458402d3e0b4a905a51a5c8a05ca5a7fa6f
2a38dc544b8ecf33de2386040a0dffbb4e248e95de33510f349b99934de19f1a
2d895042c35fa86fcb66332826ba8389634bec698911e60e8cd6e4d016654107
2ec8209193b9b5f43794a49871269662792a7ef04f05b02b795061f7272d408c
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
30fab0220fdc6ddc52aa4c7281eef5a63d25c2834aee1cd88ed7dae77170e1ac
34b10757e7e6741cf29cc20df0bb4192d5f318523a9216dc3c9697c0b2f80a5f
379bc8d28440a12ea8a540917610c7b6a2b865cda7275285ff922d69cf46b5e7
3978ddbca201f9edd8f1755e07f37fcb8feb80c8b51254170057c1057fe7216e
3c84ddc933636fd7e1e7d363ee24377bfac3b6a0e1f26c89ef0ff4c51efc2cb9
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4bc895ce31272ac601c1fed2533915a479cff00320007e09de47a3c9de92ecb2
50eef1f2ccddec17130928e62d1cfbde96bdc7bbadfec5d0e738de9cecef3f26
51ad6f27771508eacc67edc60db023c35efb5d62c222b8f73585595b47bc30c0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
544ebf6a2b3bdd2b92e20d4be00b8037382af79795b8abb4b5631aa83a6f2458
55adc2486f4cda0fbbab5c30b939989939f0f240a9435d5b6568c83fdf645d4a
56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3
59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916
5a3d8a882c702ad40dc894fed96a691f9b2395b442f3ac76199014ccd8d12368
63f3c08109a08ba5ecc1f9654a269dd9927d0bfc660603c652f688f692b6d0b6
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cde7f02b8f58a13d8b0e8c2563536f16047f6e3cb8810c58d08e541e13028f6
70c58e9663116f10ab79f34fe49933096a291431d508567698859495d9b4d62b
71c2b923459a2977a2f101b57667c1e2f9c777e6152ff004810f0a038d3bd714
7962c200b80de04b6cd4fc25e4745f01c475bee72990d2933733140a3c26caba
7aaa4c4484a5c5592b4976fb99a22555ff503bc18245de0a2e1aa7ee596bf421
7ced8e609d152bc8c67a45817b81a140b5f76a71d416f09a6e1b6b6058b02de1
7fb198949ae4476567bf1fe49a93500857e9ba0e84984904987c331e12acda9f
7fe0e4851fc25831776966ebeba7664d6d2acf51b7fdcab3d9793cabbc269e8f
804d4f0828b9ed44fe7f760f4f1f6cc99929ca23e7a02174004d6a11f0a8b3ef
839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795
85f20ad7e4c32eb4c6239cbcc8b966b3b01cfdea9156d532fdb5a0337a81583e
87a341b20ee319aebd7e9025eb87be9873af516408785c3f37d45fe7ecb286fd
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
88905a4b891cc5c27cd26da4a13ea1df6c038bb56968e8d3059a31caa5ca9f42
8d54ad215987b2b59d4ca73932f8e34f6d6c11ab64df82b5a9443f4f64b61d0a
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39
a0668ba34f92cdd39f78d152645fcacd9cdca8bc1759a7d123124b655bdd4816
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a152910ba3aff9671dbf925d17fdf511c3b45c3a772b41df66306fed31522cc9
a1c000eff427d0d05d9a75c60a7c3c0d16e49fa71ff15909db86f6f7a2f5deac
a23d7e6d00020944c75f7bfdc455bd7f5ee847f2269292297f432311a5e1bc37
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a420ff9a7989ddf1859ac85fe10d513f41c73522ba31a49152b3b579b28bd8cf
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a72bb028bce20c10ceec49f52ef0c29d1e876f2825eefe14cfe9e748d45e10ec
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
aa34b26ae070dfab2b74f22962a16cdd9b4d460a47d41a68294efc0e1c82d992
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b6fa63a8d047a9d58d869307948160fda18d897ce216aa44d4cab8d0345f3e5b
b78d297615e175f921ea0444a6d2e6b6f9f810c44acd35f48a278623fef3e677
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bc36f2070170e0e8b63f5fe3952bdae8fc8d9d5ba7ef71e547fb3c2b3b3a40e1
be7750523283e3fb606e467f6a099f5f096bd23898bed4f6c0849ce7adf74860
beb0597e925c8f2db433bebebcb5c7b7a5e421fc06bd3eabbb6d3ce32b3b5e24
bf5cc5cc3115d23d12a142596acaecccfb34a2e25e3d5f430e2263e7c989f119
c046e372f2835c006de4f9e2d07ab3d6d55acdcfc5da2b936d7e550160f5c7da
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c88f178382b8cc541d8a0c5d73dea233316beb29a1d9d4c44074d164c758f482
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cf4702181191db8f7eb09a472baf896fad71afd967c0a24be01a509071f2be3d
d3353dd8a2af68a46996a078bdbeaf23d6ac9dbc1abff22af889f5a04625a232
d58812169834ea7e4750bc986fd31add7ff07adb318f3dd946d941008bbb59ea
d95879fcab60d1d24bb811112a9daa0d857f1244517a4dc1f2c0836141658c27
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9d8284470b8f04035864b798e840ff31e4802c44fe3aa310488040635b3ea4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67a87f3ff82836ca2907e0cf35c3c8e48fb548e04778f3dd2f457dd6607bda9
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eaf017ee92a51927a7e56b30403cd20185f871d57eb83a68ad05584eeabe1d0f
efe13864cb5889b5385f4f12228db6b2324a031a9040bb68b5322f43f27254b1
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
f5b1b30384c129ed683ec4b26bdc18d8ea02b58155b816cc1b646abacff06e53
f5b7233dc5f1ae8894d955d0383a69bb4f5109bf44ec00c1f1756b79a687f821
fa3d2831c124436c9806ca74076c0533f91021dc7a4627758d3132cc1b465709
fc576f116b0784357fe41e1bd3a1d030914694005b2f8fa3e8ccb26ec6459821
fccb19f39dd8a2ab0b87b212a020b5b61ccc954505dc8df3799d9779382f0e4f
fde397581d2919c5b7d8168ef81e5765184ae459a63b2cffd94c6495d3eeaba9
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

90 %HTTPS

56 %IPv6

46 Domains

66 Subdomains

47 IPs

3 Countries

1834 kBTransfer

4465 kBSize

54 Cookies

1 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

90 %
HTTPS

56 %
IPv6

46
Domains

66
Subdomains

47
IPs

3
Countries

1834 kB
Transfer

4465 kB
Size

54
Cookies

145 HTTP transactions
0 data transactions