simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Submission Tags: demotag1 demotag2 Search All
Submission: On November 06 via api (November 6th 2020, 3:04:34 pm UTC) from US

Summary HTTP 85 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 21 domains to perform 85 HTTP transactions. The main IP is 45.79.244.12, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1 1	72.52.178.23 72.52.178.23	32244 (LIQUIDWEB) (LIQUIDWEB)
8	45.79.244.12 45.79.244.12	63949 (LINODE-AP...) (LINODE-AP Linode)
1	209.197.3.24 209.197.3.24	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
1	2600:3c02::f0... 2600:3c02::f03c:91ff:fee2:5b0f	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	212.115.109.66 212.115.109.66	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
26	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 6	194.146.24.86 194.146.24.86	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
7 7	63.250.58.116 63.250.58.116	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
5 5	194.146.24.56 194.146.24.56	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
2 2	185.127.18.41 185.127.18.41	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2.16.186.105 2.16.186.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
85	21

2 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.52.178.23 (Lansing, United States) 1 redirects

ASN32244 (LIQUIDWEB, US)

damayanti.ngajleng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.79.244.12 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.24 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x018.map2.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c02::f03c:91ff:fee2:5b0f (United States)

ASN63949 (LINODE-AP Linode, LLC, US)

cadet.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.115.109.66 (London, United Kingdom) 6 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img4.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:26f0:6c00::210:ba20 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 194.146.24.86 (None, ) 6 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img0.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.250.58.116 (United States) 7 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img3.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 194.146.24.56 (None, ) 5 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img2.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.127.18.41 (London, United Kingdom) 2 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img1.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

056863389cf6370a2c680810f32afac5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.105 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	akamaized.net img-s-msn-com.akamaized.net	1 MB
26	smartsearch.me 26 redirects img4.smartsearch.me img0.smartsearch.me img3.smartsearch.me img2.smartsearch.me img1.smartsearch.me	6 KB
12	doubleclick.net securepubads.g.doubleclick.net	133 KB
11	googlesyndication.com 056863389cf6370a2c680810f32afac5.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	24 KB
8	simcast.com simcast.com	101 KB
5	googletagservices.com www.googletagservices.com	140 KB
3	smartadserver.com prg8.smartadserver.com	1 KB
3	sascdn.com ced.sascdn.com	33 KB
3	traffdaq.com traffdaq.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	4 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
2	speedflow.io speedflow.io	2 KB
1	google.com adservice.google.com	832 B
1	google.dk adservice.google.dk	832 B
1	youtube.com www.youtube.com
1	parklogic.com cadet.parklogic.com	931 B
1	onesignal.com cdn.onesignal.com	3 KB
1	jquery.com code.jquery.com	30 KB
1	ngajleng.com 1 redirects damayanti.ngajleng.com	350 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
85	21

	Domain	Requested by
26	img-s-msn-com.akamaized.net	simcast.com
12	securepubads.g.doubleclick.net	simcast.com securepubads.g.doubleclick.net speedflow.io
8	simcast.com	traffdaq.com simcast.com code.jquery.com
7	img3.smartsearch.me	7 redirects
6	img0.smartsearch.me	6 redirects
6	img4.smartsearch.me	6 redirects
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	img2.smartsearch.me	5 redirects
3	prg8.smartadserver.com	ced.sascdn.com
3	ced.sascdn.com	securepubads.g.doubleclick.net
3	traffdaq.com	speedflow.io traffdaq.com
2	img1.smartsearch.me	2 redirects
2	cdnjs.cloudflare.com	simcast.com
2	speedflow.io	speedflow.io
1	056863389cf6370a2c680810f32afac5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.dk	securepubads.g.doubleclick.net
1	www.youtube.com	simcast.com
1	cadet.parklogic.com	simcast.com
1	cdn.onesignal.com	simcast.com
1	code.jquery.com	simcast.com
1	damayanti.ngajleng.com	1 redirects
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
85	28

This site contains links to these domains. Also see Links.

Domain
www.afternic.com

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.parklogic.com COMODO RSA Domain Validation Secure Server CA	`2018-12-16` - `2020-12-29`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.dk GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh

This page contains 9 frames:

Primary Page: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Frame ID: 2540B8DFCD5BFC9E08FCF4F94F1B95AF
Requests: 58 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604675050217&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 8A5117546F32894E561C144BC404C8AC
Requests: 1 HTTP requests in this frame

Frame: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Frame ID: AE8644648848F222BB46A473B10B6008
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jmZlp9o9KQo
Frame ID: EF3F66FAD39C6C7CEE861C20836201F0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_-q1uOTJlI-T4DbErZzhJj8PL_9vHItnQCLFRM2SqOGB-GpuKWvg4EouM-iHVdqiuCqpFFb9woUmL4Ux4J5DZwg6WDoYjKO6IjOVWR05Bs39pIzVnk9L6Yx1XirY2AImFoLrMfwvgIXyrXQcqVQdecO2AbzM5ADvknte_lRwY8jETz2-6GVI7Mxr7p-wny4FJjy-5HE3z2D_GochsGQTPEA71ylXikxm2P9elYgQxBw0oMlY7ATs58FuqGtVPNtNFe_dyUw&sai=AMfl-YSr-S5fD0uq7pgiNh5oc0eH2fyAKns7TWMWaLfHYcdHZ1wrMH39sFnftXggr2IsNuh1e8qgec-3uEHYKv3TirD4Ho1lbFwGxglhwCQDB5j3Z4XxKolC7-rxNAVn11Y5&sig=Cg0ArKJSzC1HsNVvI8FtEAE&adurl=
Frame ID: AD8A923AA4A3197CEE7FCAB4A8D2DE06
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: DE85FF6F4BA3CD5D8462CD7A779CFC42
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupW9nYJfKwhMyQAfmS0bhJ9450dvcAq6zoestUiM0iVidhcgcFoAPB7jNbd77dZNaueT5Dw09rxFoSlFpvz01Ipn_yIQ8zCK4q6lMotxgpwzktMXUInT4OyhwuGstl7m9he9T9_dh__vrI3AgblLPXOS8gpp-ArbGBAsfmCJ1ytvNEiEPyqw7mZJIvVtuTyNhikr3ytjP7qWd-yy14GWyKCOTZ_4Sa6OpO3nbuAZpMgKG62_O7OPUzSYeshG1Qk1JJ4f7Cu2lzPX9MXt7xtw&sai=AMfl-YRraP04Uhjz0Ngm3etaw2qL6S0FV0Y9eTDdOwHxNRpa6dwgTAfvlHz8JShv4rTK0SkaTwT6IaB54z7LiBGJycQbo08qSSMJttHma9dDZnQK5RkADiYAfhUISws6-UIu&sig=Cg0ArKJSzMJSe-UaUApMEAE&urlfix=1&adurl=
Frame ID: 910A9B4A12B074D2767DF921BD5B786E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJyctJKU_CxY11R52m8zU0J7aTFK3hC6I8yK_qkgTK-LDKw49nsQVHINyX3PBcXw9kC-Hj0V3_8uqvutJ9IPeCJs_OhKmXBQcDA_9lsDBznNeG8qy4YS1BemzkFUVmj0XjAPG4ME2JBzqkkvIOgthoT-n8H4Soa8ScKusZkJMtaNWtbLBwjkDaByOwydu5uE9kgKIPbcmAjN2nXAeyW3an_xKnbWMyRny1eZ8g5FX6kO3kebQTP8xuzRFY3vb6FtjzGFmvLYsIgYfcE0CGEjI&sai=AMfl-YQYnsoXEtVR9B9jSZ1wV8thrbOvmUgxwfRnO0EApctEsWez5vFvrjTXqgmx9s1wtY0fZXB2kQnh8q4Gi60wRjFaTImPQyt50kJpTEAqBqxCNhZGXVbqnet9WuVCriYN&sig=Cg0ArKJSzJE35LiqJpTkEAE&urlfix=1&adurl=
Frame ID: 8B6EAB216F930E23325FB0B041F3FBBE
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgpdSsAXC0f3bi1lgOImqbzSE1KdxsVOR2X5LJcv_a9IV5YXgyrAsLggfJUdZJqta33MGJ9GWdGkJRAY63gPaTO4I1Kaew5bwTj523H_IOMWhYxd50KA0rOzXJN4DHZCY4r25UAWj5al7499mDR9gkus7gF5ECgz-5D-zHsS1ZrrKrblxxoOCyCwRlITIO1UVbuYy9YBY8aklnidWuhCQB_kFtGLKLP4TL69irZI702JK0Tm4Dc6uiFAVTSyUwe81Xdj3t-AtW2keXUPo-COo&sai=AMfl-YQKsSUu8KvBBidIK8QdiLXIO2ZspUX30WOiLxNYtt3UTEJKOqogkOn9S0J9K3UtZBGA7THdO7wOhmYJ5s9Rvexa875YKvlybgLq4bAYuqk7Jql3NjjMJy3UW5K_7awI&sig=Cg0ArKJSzOO3AQCG0qOOEAE&urlfix=1&adurl=
Frame ID: DB576B4A3CDE73729E7C5774DB912090
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
https://traffdaq.com/delivery/dl/47382?category=ebony Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpreU1PMmxJUFhWQ2MxdWsza0hnUVE9PSIsI... Page URL
http://damayanti.ngajleng.com/play.php?id=10625 HTTP 302
http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

85
Requests

87 %
HTTPS

42 %
IPv6

21
Domains

28
Subdomains

21
IPs

7
Countries

1957 kB
Transfer

2672 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.afternic.com/forsale/ngajleng.com?utm_campaign=TDFS_Site&traffic_id=gddy&traffic_type=gddy
Title: Click here to find out or call +1-866-284-4125

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
https://traffdaq.com/delivery/dl/47382?category=ebony Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpreU1PMmxJUFhWQ2MxdWsza0hnUVE9PSIsInZhbHVlIjoiUjdKc2RhVm15Y2xaMjdJSjZJVzJjT1ZpVHpcL3p1ZVFnUjFkK1ViUFFRR0JySjdOXC9zdU5XcVdWcDdtSFRXUWpweHJQNHNYN3B6WkFucG5cLzJxVUV4T1hWcUVkSmxLSHZOYTZTUmlaTWxTVHd0XC8xTWJ6VTZVVjZxRXQrMDk0OVVuMlwva2J3dGhcLzF0c1VHUzNpMlwvNjZZd1pyaTBLcnZRR09LM2tsXC8zMVYzd1FEMU1pZG5iMU1NZmZJWlpvb05CWmZ6UFlQNzJiMjNtazFJSTFiSFwvQkc5aU9rRERnUGpFMGtIUUJLNFdZTm1WcmdyVWoyVXFBdmhwMVlhWlVMYlwvckc2QlM1ZUxHUjgwMExBUVRvM3J6NXk5ODA0SUNsTVpaTzdyUTdZa1lMSGRzWXY5VWVcL3pzUnVBeE85VFpSXC8xcHIiLCJtYWMiOiJkNzJhNjA1Y2ZmOWQzNmJjNzI4ZDRmNmI2NDcyYjNkZTE4NzRlMjE0ZTI4Y2M4Mzc5OTA3NTI5MjIzODE2YmNmIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
http://damayanti.ngajleng.com/play.php?id=10625 HTTP 302
http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFhSS3B2MVZkdWg4WHJNZDVGMkdqYzRpeGhYZGFKR2tVU0dNbXMzTHRIb1NEOG1tN0trQUZyUmtCSzFxZUxoMnY= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLeXg.img?m=4&w=800&h=800

Request Chain 20

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFhTOXlNSHNPY3JGUFg4VWdqSG50UzJQVnFydXBmSzN2TStuNW40N0IvM05PODBTRjg1V0FuQ0VsK2FoODZqb1A= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLanl.img?m=4&w=800&h=800

Request Chain 21

https://img0.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Request Chain 22

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEtQRjVsZEgwQ2hIcEYwejBzUVYxSEVmWGdRbWREYWUzY0MwWFUxWEU0M2tIYVk4VktldVJ2cnRocUF0ZUdvZE8= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL6Vd.img?m=4&w=800&h=800

Request Chain 23

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHlJU2xLclo0ZHNvM3huOWhYREgvaUMrSU83Sitram9lbE55ZGdScTZhZTJTVlZuS3lWUEM1WG5zcXg2anBEZXY= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLo2N.img?m=4&w=800&h=800

Request Chain 24

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Request Chain 25

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFd2YXlBMW8wRFY0c2tZLy9RNTZwOUpmdHJvQkN3Y2VMaDhJa2h4ak8wL0MwZjJ4NXU5MlM0RExjVldTYkp3eVU= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLc1m.img?m=4&w=800&h=800

Request Chain 26

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHpzeUxFOHl3TDdPdmdYZi9NYVRvYWlrS0ZkY2YxazBMdmJHSTUxd3VCek9JYlVwR2dMNnAxMDVkNXMyT2pva0k= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZlt.img?m=4&w=800&h=800

Request Chain 27

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGNDYWRYdUgxOGcwRDQ5MlRZNGJ1b3JWZHlobjQ1aVZlMTBERGN1ZGFRMlZ6Q1FpcWlzb05UVFJGU0pzanlsZk4= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL5kz.img?m=4&w=800&h=800

Request Chain 28

https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Request Chain 30

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGRxRVhFa3Q0TXd0dGwwR0dzeGR4QW5rc1lYSCtkczhSYmZ4TzNQcVN3OXlXRDRWdzFlaXNVemVwaEdJTUFjelo= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLfp6.img?m=4&w=800&h=800

Request Chain 31

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdERyMnAzbWN4THhOaXoyN0xKblZOT05DSzMzZnUweFp0NDRQTUI0bXc0SkNwVC9rZnJ5bzUvbzV3ZjRqNGVFMmk= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL1n4.img?m=4&w=800&h=800

Request Chain 32

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Request Chain 33

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdExUM1QyZWJnMmZuajlETTVRVlgwTXE1ZjVZRkpVcTc0R0xPZGJWT2l3SEFKMVVleFIyc2tZVTNTbTdJdlRVckQ= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLgtP.img?m=4&w=800&h=800

Request Chain 34

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEpvOFRMTEUyUE1WSlZ6a1BSMWZCWXdPd0N2UVdMTmJRZlZCdFpIZEYvYzRrckprc0ZpRG9XNk1Nd21heldiTDE= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZkP.img?m=4&w=800&h=800

Request Chain 35

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZPRk1vZzdGOXRUbXNQTUJacHpBQ2J3bTFMcDlvMVZNQ1JaWC8yNEhRa3R3Z2hQbVI4cGdhVHhBbmZxeG9TSUk= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKXZh.img?m=4&w=800&h=800

Request Chain 36

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGErUFlHQkNzbzZpMjdzOWxKMTBPSHZodlc0L1Q4dWZRNTdpWWkydzFndWtRUjNYTjhpNUMvQVo3blNKTHZjSWs= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8QS.img?m=4&w=800&h=800

Request Chain 37

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGcrM0RsZGZPV1BId2lNSXVwOVlNZ2V3YWp0K3Z2Z1F3c0FVTTZWTUVVOEE9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBWgYzd.img

Request Chain 38

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFpzTXJQWndFTEJVV1lIeldmZ3pjT3o2cHFzOERwVGFiRWRpcTVXb1VoTDZPeHVjaEw0TFJVS0RyYzhNY0tHMzQ= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKUIU.img?m=4&w=800&h=800

Request Chain 39

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdE5uZmR5dll6WWs5SlRFS3RseUJkRGxYZGwrQmZObElKMCtOZ0ZUQUVEVzFZY1A0RFoxVDNPZHlOUC9xQkRzNmE= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKNme.img?m=4&w=800&h=800

Request Chain 40

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdZa1I5V0dvaEJjT0R1UWdJMFBNa2MxVDB6RTNmbjlRRHZuR1FpblpGQlR0V2FsVWxqSDFZRXl4TkZ3MzJDbjg= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKKl3.img?m=4&w=800&h=800

Request Chain 41

https://img1.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEFFdTczK3FBem1oVGg5T2d5OU83K3R1MXFvWWRSMnFnRGJCd013ZWFERDdsYmdkdjFOaXdtYnBwbWxlb2ZPUkE= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8ZX.img?m=4&w=800&h=800

Request Chain 42

https://img1.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Request Chain 43

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFE5N292dkVud05SSDlOa2szd1M5ZDRURHVMWXdLODBFclBJWUZzRkxVbGQvQUozejl6dUkzTlpwVGZGbit0Tkg= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKLPK.img?m=4&w=800&h=800

Request Chain 44

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZiWUF6VmNSdHdxTFhCV3pMb2NlL2U4bGc4SVVLMXNlSzlDS0x4Qm9lUk91ZlNxWnNGc04zbHFjRHNISSs5NHk= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKuGS.img?m=4&w=800&h=800

Request Chain 45

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZKOVRNK0pRU2dNbnd5Qnh1QklqL2oxOG5STHFEL2ZKNjVmVkxrMEdIQmN4TDRYVHpTTUh6MDRLaVBJM0lWdE0= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKDj1.img?m=4&w=800&h=800

85 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 984 B
1 KB 389ms
371ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 2fc396b97b4d65fc1bf8f372ef079f0f5ea1c02f89d8f0ec451e7a9baa5afce7

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Fri, 06 Nov 2020 15:04:10 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Fri, 06-Nov-2020 22:59:00 GMT; Max-Age=28490; path=/ time_start=1604675050.093; expires=Fri, 06-Nov-2020 22:59:00 GMT; Max-Age=28490; path=/ ip=82.102.20.211 mobile=0 country=PT visits_todayi=0; expires=Fri, 06-Nov-2020 22:59:00 GMT; Max-Age=28490; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 517
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 30ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:10 GMT
Content-Encoding: gzip
X-HW: 1604675050.dop135.fr8.t,1604675050.cds217.fr8.shn,1604675050.cds217.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 8A51 0
0 93ms
73ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604675050217&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Fri, 06 Nov 2020 15:04:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa565ea42d3c5.335521823679570043%22%3B%7D; expires=Sun, 06 Nov 2022 15:04:10 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 404
Not Found %3C
speedflow.io/adult/ Frame AE86 315 B
460 B 199ms
198ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache /
Resource Hash

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ip=82.102.20.211; mobile=0; country=PT; visits_todaya=1; time_start=1604675050.093; visits_todayi=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Fri, 06 Nov 2020 15:04:10 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/dl/ 3 KB
2 KB 609ms
251ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=ebony
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 0aa92818481308f8aadd5b112482e79d859f99a793bb5704316021a7f3199eb4

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Fri, 06 Nov 2020 15:04:10 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK eyJpdiI6Ikh3UTNxYnp0WlJDV3pzcE54d01IQlE9PSIsInZhbHVlIjoiZ3ZFYUgycGpScEdhQW8yZkt3UXlsT3BudjhcL0FXM0ZEYWtHVVVsblVrcEJrWHVaMkFEVm9xXC9MTktSa2FvaHc4YWpDdUVlUm9PdmhLSjdMNndkb1AzZz09IiwibWFjIjoiYmZkZjNjM...
traffdaq.com/users/track/ 0
856 B 631ms
396ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6Ikh3UTNxYnp0WlJDV3pzcE54d01IQlE9PSIsInZhbHVlIjoiZ3ZFYUgycGpScEdhQW8yZkt3UXlsT3BudjhcL0FXM0ZEYWtHVVVsblVrcEJrWHVaMkFEVm9xXC9MTktSa2FvaHc4YWpDdUVlUm9PdmhLSjdMNndkb1AzZz09IiwibWFjIjoiYmZkZjNjMGE2ZDQxNmRlMDNlNGY5M2U4ZGZiNzZhNTgzN2U4ZDBjZDk4ODFmYzQyZWY3OGU4NWQxMTU5YThmZiJ9
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=ebony
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:11 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 112ms
52ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa565eaa0d03&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=ebony

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 15:04:10 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 20ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=ebony

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 759039
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4068-HHN
date: Fri, 06 Nov 2020 15:04:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382
traffdaq.com/delivery/directlink/ 2 KB
1 KB 2512ms
2278ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpreU1PMmxJUFhWQ2MxdWsza0hnUVE9PSIsInZhbHVlIjoiUjdKc2RhVm15Y2xaMjdJSjZJVzJjT1ZpVHpcL3p1ZVFnUjFkK1ViUFFRR0JySjdOXC9zdU5XcVdWcDdtSFRXUWpweHJQNHNYN3B6WkFucG5cLzJxVUV4T1hWcUVkSmxLSHZOYTZTUmlaTWxTVHd0XC8xTWJ6VTZVVjZxRXQrMDk0OVVuMlwva2J3dGhcLzF0c1VHUzNpMlwvNjZZd1pyaTBLcnZRR09LM2tsXC8zMVYzd1FEMU1pZG5iMU1NZmZJWlpvb05CWmZ6UFlQNzJiMjNtazFJSTFiSFwvQkc5aU9rRERnUGpFMGtIUUJLNFdZTm1WcmdyVWoyVXFBdmhwMVlhWlVMYlwvckc2QlM1ZUxHUjgwMExBUVRvM3J6NXk5ODA0SUNsTVpaTzdyUTdZa1lMSGRzWXY5VWVcL3pzUnVBeE85VFpSXC8xcHIiLCJtYWMiOiJkNzJhNjA1Y2ZmOWQzNmJjNzI4ZDRmNmI2NDcyYjNkZTE4NzRlMjE0ZTI4Y2M4Mzc5OTA3NTI5MjIzODE2YmNmIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=ebony
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=ebony
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=ebony

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Fri, 06 Nov 2020 15:04:13 GMT
Content-Encoding: gzip

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
simcast.com/
Redirect Chain

http://damayanti.ngajleng.com/play.php?id=10625
http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

43 KB
8 KB

1013ms
994ms

Document
text/html

45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpreU1PMmxJUFhWQ2MxdWsza0hnUVE9PSIsInZhbHVlIjoiUjdKc2RhVm15Y2xaMjdJSjZJVzJjT1ZpVHpcL3p1ZVFnUjFkK1ViUFFRR0JySjdOXC9zdU5XcVdWcDdtSFRXUWpweHJQNHNYN3B6WkFucG5cLzJxVUV4T1hWcUVkSmxLSHZOYTZTUmlaTWxTVHd0XC8xTWJ6VTZVVjZxRXQrMDk0OVVuMlwva2J3dGhcLzF0c1VHUzNpMlwvNjZZd1pyaTBLcnZRR09LM2tsXC8zMVYzd1FEMU1pZG5iMU1NZmZJWlpvb05CWmZ6UFlQNzJiMjNtazFJSTFiSFwvQkc5aU9rRERnUGpFMGtIUUJLNFdZTm1WcmdyVWoyVXFBdmhwMVlhWlVMYlwvckc2QlM1ZUxHUjgwMExBUVRvM3J6NXk5ODA0SUNsTVpaTzdyUTdZa1lMSGRzWXY5VWVcL3pzUnVBeE85VFpSXC8xcHIiLCJtYWMiOiJkNzJhNjA1Y2ZmOWQzNmJjNzI4ZDRmNmI2NDcyYjNkZTE4NzRlMjE0ZTI4Y2M4Mzc5OTA3NTI5MjIzODE2YmNmIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 397a8f30632ea15bdd7d41bc1ba5ebfb6a1396ea44159ac9a45514324277162d

Request headers

Host: simcast.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpreU1PMmxJUFhWQ2MxdWsza0hnUVE9PSIsInZhbHVlIjoiUjdKc2RhVm15Y2xaMjdJSjZJVzJjT1ZpVHpcL3p1ZVFnUjFkK1ViUFFRR0JySjdOXC9zdU5XcVdWcDdtSFRXUWpweHJQNHNYN3B6WkFucG5cLzJxVUV4T1hWcUVkSmxLSHZOYTZTUmlaTWxTVHd0XC8xTWJ6VTZVVjZxRXQrMDk0OVVuMlwva2J3dGhcLzF0c1VHUzNpMlwvNjZZd1pyaTBLcnZRR09LM2tsXC8zMVYzd1FEMU1pZG5iMU1NZmZJWlpvb05CWmZ6UFlQNzJiMjNtazFJSTFiSFwvQkc5aU9rRERnUGpFMGtIUUJLNFdZTm1WcmdyVWoyVXFBdmhwMVlhWlVMYlwvckc2QlM1ZUxHUjgwMExBUVRvM3J6NXk5ODA0SUNsTVpaTzdyUTdZa1lMSGRzWXY5VWVcL3pzUnVBeE85VFpSXC8xcHIiLCJtYWMiOiJkNzJhNjA1Y2ZmOWQzNmJjNzI4ZDRmNmI2NDcyYjNkZTE4NzRlMjE0ZTI4Y2M4Mzc5OTA3NTI5MjIzODE2YmNmIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

Date: Fri, 06 Nov 2020 15:04:14 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=jj2rsc968ohuj0vvjcd8he87c6; expires=Sat, 07-Nov-2020 15:04:14 GMT; Max-Age=86400; path=/ NB_SRVID=srv8226217; path=/
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8132
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 06 Nov 2020 15:04:13 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 392ms
30ms Script
application/javascript 209.197.3.24
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.197.3.24 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x018.map2.ssl.hwcdn.net
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: http://simcast.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:15 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
status: 200
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1604675055.dop002.sk1.t,1604675055.cds202.sk1.hn,1604675055.cds201.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 13 KB
3 KB 251ms
233ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Sep 2020 04:24:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "34cd-5af8edec19a40-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2953

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 250ms
232ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 03:45:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "daa3-58d2345dc71c0-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 12209

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 45ms
14ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:15 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2466
etag: W/"af07e3bccd7885748057bb532c526ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 5edfb4b93b7c05e4-FRA
cf-request-id: 063faf47c8000005e4d3afa000000001
expires: Sat, 07 Nov 2020 03:04:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
18 KB 157ms
54ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

sffe /

Resource Hash

61b83f09e4cc3c4ac8114f4f6902adafc74030ee6012535cf09020a49473ee36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "685 / 111 of 1000 / last-modified: 1604664848"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18241
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:15 GMT

GET
H/1.1 200
OK enhance.js Show response
cadet.parklogic.com/page/ 665 B
931 B 430ms
108ms Script
text/javascript 2600:3c02::f03c:91ff:fee2:5b0f
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://cadet.parklogic.com/page/enhance.js?pcId=56&domain=ngajleng.com
Requested by: Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02::f03c:91ff:fee2:5b0f , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: 6399aff36855ff3e7cdfc3c419e04c9e139eb84d7c5c61b082121cc86c106010

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: Keep-Alive
X-Powered-By: PHP/5.5.38
Content-Length: 665
Keep-Alive: timeout=5, max=100
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 252ms
229ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:15 GMT
Last-Modified: Wed, 26 Feb 2020 07:27:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "527-59f758988fec0"
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 42ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 42863
x-via: cfworker/kv
status: 200
content-length: 1399
cf-request-id: 063faf47ae00002b4da2007000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z%2Biv5yz9A%2FQeDVUUfcbGD4E4m%2BRMmaK0aDPKi56de64RstmtNIHx0ogZGq1NhyY8b61xWUwrcP7JsuZ2fGkERCcQhiLR6F%2Fs1RT5cP6I4wxbV%2BsYyYV3cUdieOF7D9MmRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5edfb4b918ba2b4d-FRA
expires: Wed, 27 Oct 2021 15:04:15 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 28ms
22ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 668272
x-via: cfworker/kv
status: 200
content-length: 1541
cf-request-id: 063faf47af00002b4dda035000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vcluxqSJ9MNAPfoTxo3ICVhTcp2vw6jP7je%2FG8b82tDp6z3yrO2gVreONtMnsBzOY%2FyMkwwBCezGgut1gKMh0tdKle3TlNz3S2heq%2FslV4Op2yJH9Rltp9ZCPEGw%2BTZZOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5edfb4b918bd2b4d-FRA
expires: Wed, 27 Oct 2021 15:04:15 GMT

GET
H/1.1 200
OK modal.css
simcast.com/widgets/modal/ 577 B
633 B 253ms
229ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/modal/modal.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Aug 2020 23:13:02 GMT
Server: Apache/2.4.38 (Debian)
ETag: "241-5acb6544e5b80-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 272

GET
H2

200

BB1aLeXg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFhSS3B2MVZkdWg4WHJNZDVGMkdqYzRpeGhYZGFKR2tVU0dNbXMzTHRIb1NEOG1tN0trQUZyUmt...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLeXg.img?m=4&w=800&h=800

55 KB
56 KB

288ms
252ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLeXg.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a918a5992db9d73e73104768df49a56baacaa4ae114082d44024badab78fa963

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aLeXg
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 615887
status: 200
x-activityid: 11c5ba3d-e98c-4423-8985-d8f402586a26
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 56420
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 15:04:15 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=432000
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLeXg?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 15:04:15 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLeXg.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aLanl.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFhTOXlNSHNPY3JGUFg4VWdqSG50UzJQVnFydXBmSzN2TStuNW40N0IvM05PODBTRjg1V0FuQ0V...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLanl.img?m=4&w=800&h=800

87 KB
87 KB

55ms
20ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLanl.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

035183c3a317c8b968754c2cd63205750cd7c333be777c9319142bca02ca716c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aLanl
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 356400
status: 200
x-activityid: 00da9951-8208-47f1-9152-d76a6b278b93
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 88852
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 14:29:03 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=429855
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLanl?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 14:28:30 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLanl.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1BkT9.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img0.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

489 B
883 B

75ms
41ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f0e1c3f7cb0b4e29d66083e574c9f991fe2e2e3222eb1422117dd9327ebde42f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1BkT9
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 489
status: 200
x-activityid: 68e04b9d-5879-4cb3-b2dd-038ffc817739
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 489
last-modified: Mon, 02 Nov 2020 10:22:17 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=69423
timing-allow-origin: *
x-akamai-path-stats: [1:142:4294967154]
expires: Sat, 07 Nov 2020 10:21:18 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aL6Vd.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEtQRjVsZEgwQ2hIcEYwejBzUVYxSEVmWGdRbWREYWUzY0MwWFUxWEU0M2tIYVk4VktldVJ2cnR...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL6Vd.img?m=4&w=800&h=800

67 KB
67 KB

233ms
198ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL6Vd.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f5b2e60170deda823772db9bc59fd7ffacc494161364fa73a313b24bfca97862

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aL6Vd
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 231769
status: 200
x-activityid: 18635166-3966-472f-9637-f4181b918743
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 68117
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 15:04:15 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431950
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL6Vd?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 15:03:25 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL6Vd.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aLo2N.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHlJU2xLclo0ZHNvM3huOWhYREgvaUMrSU83Sitram9lbE55ZGdScTZhZTJTVlZuS3lWUEM1WG5...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLo2N.img?m=4&w=800&h=800

133 KB
134 KB

464ms
430ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLo2N.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e8b3bcbf20cd95603e07ddaa5a2ab76f5db5043b4a8945d42b7972c775a9c00e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aLo2N
date: Fri, 06 Nov 2020 15:04:16 GMT
x-source-length: 3870389
status: 200
x-activityid: a37a3e70-f208-477a-9b25-ad3985275c60
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 136405
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 15:04:16 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=432000
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLo2N?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 15:04:16 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLo2N.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1BkT9.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

489 B
883 B

75ms
42ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f0e1c3f7cb0b4e29d66083e574c9f991fe2e2e3222eb1422117dd9327ebde42f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1BkT9
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 489
status: 200
x-activityid: 68e04b9d-5879-4cb3-b2dd-038ffc817739
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 489
last-modified: Mon, 02 Nov 2020 10:22:17 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=69423
timing-allow-origin: *
x-akamai-path-stats: [1:142:4294967154]
expires: Sat, 07 Nov 2020 10:21:18 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aLc1m.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFd2YXlBMW8wRFY0c2tZLy9RNTZwOUpmdHJvQkN3Y2VMaDhJa2h4ak8wL0MwZjJ4NXU5MlM0REx...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLc1m.img?m=4&w=800&h=800

59 KB
59 KB

59ms
26ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLc1m.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9f16ef7ed224b22811a1a96aeefb8494d95207b562ed0bce23430d589d05a09a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aLc1m
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 262715
status: 200
x-activityid: 8b0680d3-d87a-44bf-98e2-d35d178c5d72
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 60104
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 14:13:15 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=428873
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLc1m?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 14:12:08 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLc1m.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKZlt.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHpzeUxFOHl3TDdPdmdYZi9NYVRvYWlrS0ZkY2YxazBMdmJHSTUxd3VCek9JYlVwR2dMNnAxMDV...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZlt.img?m=4&w=800&h=800

79 KB
80 KB

13ms
13ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZlt.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

435a6f07900e55058b131c5cbf4d94db05760df60525ab9cdfdeee43e6257ba6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKZlt
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 318010
status: 200
x-activityid: 7c3de91a-0971-4f37-871b-816756712341
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 81229
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 13:43:09 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427152
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZlt?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 13:43:27 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZlt.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aL5kz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGNDYWRYdUgxOGcwRDQ5MlRZNGJ1b3JWZHlobjQ1aVZlMTBERGN1ZGFRMlZ6Q1FpcWlzb05UVFJ...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL5kz.img?m=4&w=800&h=800

48 KB
49 KB

17ms
15ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL5kz.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

789f59ca918264b48165e18396e599cd788725e984c6f26697b7ee952aff98f4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aL5kz
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 764422
status: 200
x-activityid: ca428437-d8b0-434f-9fdd-121dffa4712d
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 49646
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 14:26:21 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=429831
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL5kz?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 14:28:06 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL5kz.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1BkT9.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

489 B
883 B

8ms
6ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f0e1c3f7cb0b4e29d66083e574c9f991fe2e2e3222eb1422117dd9327ebde42f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1BkT9
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 489
status: 200
x-activityid: 68e04b9d-5879-4cb3-b2dd-038ffc817739
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 489
last-modified: Mon, 02 Nov 2020 10:22:17 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=69423
timing-allow-origin: *
x-akamai-path-stats: [1:142:4294967154]
expires: Sat, 07 Nov 2020 10:21:18 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK login.js Show response
simcast.com/widgets/login/ 931 B
574 B 253ms
230ms Script
application/javascript 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/login/login.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Aug 2019 05:50:21 GMT
Server: Apache/2.4.38 (Debian)
ETag: "3a3-59071ea59a140-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 199

GET
H2

200

BB1aLfp6.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGRxRVhFa3Q0TXd0dGwwR0dzeGR4QW5rc1lYSCtkczhSYmZ4TzNQcVN3OXlXRDRWdzFlaXNVemV...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLfp6.img?m=4&w=800&h=800

88 KB
89 KB

335ms
335ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLfp6.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b378f7377d18ef4e2fc9b90e6094f06bc0da1b15c914a903585ee8b327596edb

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aLfp6
date: Fri, 06 Nov 2020 15:04:16 GMT
x-source-length: 1527351
status: 200
x-activityid: 977c1918-f60b-4034-900c-91c0ac22c542
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 90575
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 15:04:16 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=432000
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLfp6?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 15:04:16 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLfp6.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aL1n4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdERyMnAzbWN4THhOaXoyN0xKblZOT05DSzMzZnUweFp0NDRQTUI0bXc0SkNwVC9rZnJ5bzUvbzV...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL1n4.img?m=4&w=800&h=800

47 KB
47 KB

36ms
34ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL1n4.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

28d37e0ed0d568ff65e8c35be7cb11aeaa96d732b8c18c9d2237b0b650440b42

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aL1n4
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 2349059
status: 200
x-activityid: 70ffaac2-c1ac-4205-8087-0039fac3c92d
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 47931
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 13:43:09 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427073
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL1n4?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 13:42:08 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL1n4.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1BkT9.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

489 B
883 B

10ms
9ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f0e1c3f7cb0b4e29d66083e574c9f991fe2e2e3222eb1422117dd9327ebde42f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1BkT9
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 489
status: 200
x-activityid: 68e04b9d-5879-4cb3-b2dd-038ffc817739
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 489
last-modified: Mon, 02 Nov 2020 10:22:17 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=69423
timing-allow-origin: *
x-akamai-path-stats: [1:142:4294967154]
expires: Sat, 07 Nov 2020 10:21:18 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aLgtP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdExUM1QyZWJnMmZuajlETTVRVlgwTXE1ZjVZRkpVcTc0R0xPZGJWT2l3SEFKMVVleFIyc2tZVTN...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLgtP.img?m=4&w=800&h=800

133 KB
134 KB

30ms
28ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLgtP.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e8b3bcbf20cd95603e07ddaa5a2ab76f5db5043b4a8945d42b7972c775a9c00e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aLgtP
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 3870389
status: 200
x-activityid: 5d0d9e7b-c79d-40b4-828f-1472af9edb04
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 136405
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 14:29:03 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=429821
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLgtP?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 14:27:56 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aLgtP.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKZkP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEpvOFRMTEUyUE1WSlZ6a1BSMWZCWXdPd0N2UVdMTmJRZlZCdFpIZEYvYzRrckprc0ZpRG9XNk1...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZkP.img?m=4&w=800&h=800

94 KB
95 KB

28ms
27ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZkP.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b8406092298ee5dd161e054c188f52d8526817da211f59f6220d151efe30fa25

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKZkP
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 1557188
status: 200
x-activityid: bb8ef024-d753-4b88-a18d-6276515ee85b
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 96709
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 13:43:09 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427237
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZkP?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 13:44:52 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKZkP.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKXZh.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZPRk1vZzdGOXRUbXNQTUJacHpBQ2J3bTFMcDlvMVZNQ1JaWC8yNEhRa3R3Z2hQbVI4cGdhVHh...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKXZh.img?m=4&w=800&h=800

31 KB
31 KB

14ms
14ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKXZh.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

d5b8bd9dfe0b7cead9660002fe33614af8663306d156638eaed87d13c376aaea

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKXZh
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 482237
status: 200
x-activityid: d27a4c98-cf98-441d-8cae-b1186596a4a4
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 31271
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 13:43:09 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427128
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKXZh?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 13:43:03 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKXZh.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aL8QS.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGErUFlHQkNzbzZpMjdzOWxKMTBPSHZodlc0L1Q4dWZRNTdpWWkydzFndWtRUjNYTjhpNUMvQVo...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8QS.img?m=4&w=800&h=800

114 KB
115 KB

22ms
21ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8QS.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

690b218f14243f7df22e08417bdf123d271006e3261de0d148f32fa0dc59f83e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aL8QS
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 215912
status: 200
x-activityid: 4a1a45e9-3132-4abd-aac9-ac96aa3b0335
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 117133
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 13:43:10 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427093
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8QS?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 13:42:28 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8QS.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BBWgYzd.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGcrM0RsZGZPV1BId2lNSXVwOVlNZ2V3YWp0K3Z2Z1F3c0FVTTZWTUVVOEE9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBWgYzd.img

1 KB
1 KB

13ms
12ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBWgYzd.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1f2852371738b4c28f74a164593ca5fe11fe449fd4470d6852a969095fa9d5ef

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBWgYzd
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 1096
status: 200
x-activityid: b5bd9251-c13b-468c-9915-c720a18237a0
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBWgYzd
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1096
last-modified: Tue, 03 Nov 2020 06:13:45 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=140922
timing-allow-origin: *
expires: Sun, 08 Nov 2020 06:12:57 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBWgYzd.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKUIU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFpzTXJQWndFTEJVV1lIeldmZ3pjT3o2cHFzOERwVGFiRWRpcTVXb1VoTDZPeHVjaEw0TFJVS0R...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKUIU.img?m=4&w=800&h=800

54 KB
55 KB

37ms
37ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKUIU.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ad4491fdc66aa48079bf085304ef0b03e21113f3d1a1460f241c6dff4b0c2b5b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKUIU
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 200860
status: 200
x-activityid: 56809dc3-cfe4-4169-bd4e-02c1cbd077d5
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 55530
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 12:28:11 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422678
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKUIU?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 12:28:53 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKUIU.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKNme.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdE5uZmR5dll6WWs5SlRFS3RseUJkRGxYZGwrQmZObElKMCtOZ0ZUQUVEVzFZY1A0RFoxVDNPZHl...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKNme.img?m=4&w=800&h=800

56 KB
57 KB

19ms
18ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKNme.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

28eddc37d85d80769e27e3a40535029be708397c979440a624e3b7de1dd0db2a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKNme
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 238637
status: 200
x-activityid: 7e9c1baa-886e-4080-aa06-d885e38915b4
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 57357
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 12:28:12 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422691
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKNme?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 12:29:06 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKNme.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKKl3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img0.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHdZa1I5V0dvaEJjT0R1UWdJMFBNa2MxVDB6RTNmbjlRRHZuR1FpblpGQlR0V2FsVWxqSDFZRXl...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKKl3.img?m=4&w=800&h=800

50 KB
51 KB

34ms
34ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKKl3.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8cc4c7f427fdcf51e8d037464e83d27cc9121afb99ca18c29f32eca2a26ac9bc

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKKl3
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 212046
status: 200
x-activityid: 1511d035-62dc-4648-a8b9-8362d4d078cc
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 51347
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 12:28:12 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422635
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKKl3?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 12:28:10 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKKl3.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aL8ZX.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img1.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEFFdTczK3FBem1oVGg5T2d5OU83K3R1MXFvWWRSMnFnRGJCd013ZWFERDdsYmdkdjFOaXdtYnB...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8ZX.img?m=4&w=800&h=800

40 KB
41 KB

16ms
16ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8ZX.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a7ca8a1b0a176abcf76e870973f41ad5b5a3cbb8c59e25eafb8fd7008bd5d85a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aL8ZX
date: Fri, 06 Nov 2020 15:04:16 GMT
x-source-length: 141082
status: 200
x-activityid: 11356bc6-bde1-42e1-8688-a9a3f279f115
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 41297
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 13:43:09 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427218
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8ZX?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 13:44:34 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aL8ZX.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1BkT9.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img1.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVOTUhLWVpidTJrb293NGJrV0hRZmxiNncvZ2pibi9HTG56QWVuaWJkQlk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

489 B
883 B

7ms
6ms

Image
image/png

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f0e1c3f7cb0b4e29d66083e574c9f991fe2e2e3222eb1422117dd9327ebde42f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1BkT9
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 489
status: 200
x-activityid: 68e04b9d-5879-4cb3-b2dd-038ffc817739
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 489
last-modified: Mon, 02 Nov 2020 10:22:17 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=69423
timing-allow-origin: *
x-akamai-path-stats: [1:142:4294967154]
expires: Sat, 07 Nov 2020 10:21:18 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1BkT9.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKLPK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFE5N292dkVud05SSDlOa2szd1M5ZDRURHVMWXdLODBFclBJWUZzRkxVbGQvQUozejl6dUkzTlp...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKLPK.img?m=4&w=800&h=800

36 KB
37 KB

25ms
25ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKLPK.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

91f115d63e59fff951fb713f2dd36b76c2350576c8c263fe1528b2a4ab9aa745

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKLPK
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 146951
status: 200
x-activityid: 02e0ea67-e285-4d3f-ac52-848e80a3ff3b
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 37283
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 11:49:32 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=420374
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKLPK?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 11:50:29 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKLPK.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKuGS.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHZiWUF6VmNSdHdxTFhCV3pMb2NlL2U4bGc4SVVLMXNlSzlDS0x4Qm9lUk91ZlNxWnNGc04zbHF...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKuGS.img?m=4&w=800&h=800

94 KB
95 KB

20ms
20ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKuGS.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

6c17b4b6a416bc5e99fd1672ce9e6ddeeef24a937f5ddeaf4f1725fae67287f9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKuGS
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 366813
status: 200
x-activityid: 65a50cd6-57e7-4246-be3f-5344b43cc600
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 96402
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 11:49:33 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=420356
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKuGS?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 11:50:11 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKuGS.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1aKDj1.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img3.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZKOVRNK0pRU2dNbnd5Qnh1QklqL2oxOG5STHFEL2ZKNjVmVkxrMEdIQmN4TDRYVHpTTUh6MDR...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKDj1.img?m=4&w=800&h=800

85 KB
85 KB

29ms
29ms

Image
image/jpeg

2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKDj1.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

fedee761f2e2b4ed22d8145bb6a83af9c57e94a623a3977e18521137cb0e5f35

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aKDj1
date: Fri, 06 Nov 2020 15:04:15 GMT
x-source-length: 291836
status: 200
x-activityid: 86c877d8-6c5c-4b85-a0ca-e958b58f91e9
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 86599
timing-allow-origin: *
last-modified: Fri, 06 Nov 2020 11:49:33 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=420340
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKDj1?m=4&w=800&h=800
expires: Wed, 11 Nov 2020 11:49:55 GMT

Redirect headers

date: Fri, 06 Nov 2020 15:04:15 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aKDj1.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3-Q050 200 pubads_impl_2020110501.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 115ms
66ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

sffe /

Resource Hash

572b80b324a4dd4a4178975a04f619f4381e4ebdebd6da2abce7f77f91283630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99552
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 09:43:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Nov 2020 15:04:15 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 74 KB
74 KB 245ms
228ms Font
font/woff2 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: simcast.com
URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Origin: http://simcast.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:15 GMT
Last-Modified: Mon, 08 Jul 2019 03:51:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "126b0-58d235a3ef340"
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: font/woff2
Content-Length: 75440

GET
H2 200 jmZlp9o9KQo
www.youtube.com/embed/ Frame EF3F 0
0 126ms
96ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jmZlp9o9KQo

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jmZlp9o9KQo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Response headers

status: 200
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-security-policy-report-only: base-uri 'self'; default-src 'self' https: blob:; font-src https: data:; img-src https: data: android-webview-video-poster:; media-src blob: https:; object-src 'none'; report-uri https://www.youtube.com/csp_204?t=strict-csp; script-src 'strict-dynamic' 'unsafe-inline' https: 'report-sample' 'nonce-UhcqbBKEFE/ZqKeAx7J5bg=='; style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
content-length: 20068
cache-control: no-cache
x-content-type-options: nosniff
date: Fri, 06 Nov 2020 15:04:15 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=7R4ul6Vb8Ek; path=/; domain=.youtube.com; secure; expires=Wed, 05-May-2021 15:04:15 GMT; httponly; samesite=None YSC=P1cO0kBzlwE; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 06-Nov-2020 15:34:15 GMT VISITOR_INFO1_LIVE=7R4ul6Vb8Ek; path=/; domain=.youtube.com; secure; expires=Wed, 05-May-2021 15:04:15 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK js.php Show response
simcast.com/widgets/ms/ 1 B
367 B 324ms
306ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/ms/js.php?fra=0&ip=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: */*
Referer: http://speedflow.io/adult/a=rr
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Nov 2020 15:04:16 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8
Content-Length: 21
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 109 B
832 B 37ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 37ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
7 KB 738ms
738ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1489591092274864&correlator=4161574105204819&output=ldjh&impl=fifs&eid=21067994%2C21068478%2C21065112%2C21066995%2C21068418&vrg=2020110501&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201106&iu_parts=51855962%2Csimcast%2Csimcast_970x250%2Csimcast_728x90%2Csimcast_728x90_2%2Csimcast_728x90_3%2CSimcast_300x250%2Csimcast_300x600%2Csimcast_320x50&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=970x250%7C728x90%2C728x90%2C728x90%2C728x90%2C300x250%2C300x600%2C320x50&cust_params=sub_id%3Dngajleng.com&cookie_enabled=1&bc=23&abxe=1&lmt=1604675055&dt=1604675055964&dlt=1604675055088&idt=839&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C10%2C20%2C-9%2C1255%2C36%2C-9&adys=-9%2C110%2C262%2C-9%2C499%2C1655%2C-9&adks=1580246415%2C330538255%2C2731548126%2C101588295%2C2408052046%2C1831785291%2C2541982844&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dngajleng.com%26s%3Dbone%26sw%3D18%26tr%3D7909242221&dssz=19&icsg=2723&std=0&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C1580x90%7C761x90%7C0x-1%7C300x250%7C1544x600%7C0x-1&msz=0x-1%7C1580x90%7C761x90%7C0x-1%7C300x250%7C1544x600%7C0x-1&ga_vid=2102263208.1604675056&ga_sid=1604675056&ga_hid=16746025&fws=2%2C0%2C0%2C2%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b34e7f37f0b1c77f03af7882c3137060941d74973a5938e0177fa5df2e4ca5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7213
x-xss-protection: 0
google-lineitem-id: 5407969853,5407969853,-2,-2,5407965551,5407966307,5418436725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315358029,138316814226,-2,-2,138326105106,138326105124,138316693941
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
056863389cf6370a2c680810f32afac5.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 46ms
14ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://056863389cf6370a2c680810f32afac5.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 89ms
89ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c4184b928a203ebaafe5332b9fdec6393f0b14f09d1674440627029cda022006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9487
x-xss-protection: 0
google-lineitem-id: 5399501512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314905801
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD8A 0
0 52ms
52ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_-q1uOTJlI-T4DbErZzhJj8PL_9vHItnQCLFRM2SqOGB-GpuKWvg4EouM-iHVdqiuCqpFFb9woUmL4Ux4J5DZwg6WDoYjKO6IjOVWR05Bs39pIzVnk9L6Yx1XirY2AImFoLrMfwvgIXyrXQcqVQdecO2AbzM5ADvknte_lRwY8jETz2-6GVI7Mxr7p-wny4FJjy-5HE3z2D_GochsGQTPEA71ylXikxm2P9elYgQxBw0oMlY7ATs58FuqGtVPNtNFe_dyUw&sai=AMfl-YSr-S5fD0uq7pgiNh5oc0eH2fyAKns7TWMWaLfHYcdHZ1wrMH39sFnftXggr2IsNuh1e8qgec-3uEHYKv3TirD4Ho1lbFwGxglhwCQDB5j3Z4XxKolC7-rxNAVn11Y5&sig=Cg0ArKJSzC1HsNVvI8FtEAE&adurl=

Requested by

Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201104/r20110914/ Frame AD8A 17 KB
8 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201104/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d971faef455d9653104c2727df1cc48f8655a26299234963886bd4afe799afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 18:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7215
x-xss-protection: 0
server: cafe
etag: 6708353294733735086
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 18:03:46 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201104/r20110914/client/ Frame AD8A 3 KB
1 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201104/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 18:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1336
x-xss-protection: 0
server: cafe
etag: 4033927919502905291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 18:03:46 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD8A 74 KB
28 KB 65ms
43ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b02913ca2b2fb97bb14badfd6b686b196486281c5ffa56677b6a7bf60a49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604602186333881"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28769
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
H2 200 2364309221291099109
tpc.googlesyndication.com/simgad/ Frame AD8A 807 B
1011 B 28ms
7ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2364309221291099109

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:34:15 GMT
x-content-type-options: nosniff
age: 12601
x-dns-prefetch-control: off
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 807
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 05:45:21 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Nov 2021 11:34:15 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 53ms
38ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c83f33217668ea0cf73f32254a7c4f618eb2cd59e17de4f545eae13aaf269b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604602186333881"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27601
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
DATA 200
OK truncated
/ Frame AD8A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a58b154684b13cbf800b29df4920c2204f79ac2f6635e302f5213b360e50ac02

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD8A 0
21 B 51ms
51ms Image
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDEhpI41zbsmPc7hkhx272IIVYGwNw9Pv6v6gkBtnsSuSCVfPQPIhYrq8QfXRJRws0b_rp7j7_0em8a6oBmyw2-js6tYHC6VPujh3bm5SlDVlIa6LW__FAHo7TKQnGMzBDoCVX-I4Er0kX5lE3C9USY82TGBvVoA7kLIU82DivgNxj5zRA4F3ogelZ-2Jwr4Q-S1PQ-Hj5a1jgf-rBze09xPDfF245IjViHaYMxfZ7mVHbZ_fc6DRjvorMXaLIIX0z6Ys2im9A&sai=AMfl-YSVOQ3eZuaRfFqpdNHAPCmpFWuM1WALweyHZp7OSCqAbMJ0LIW_M14cEzxnNzr8qskPLiDCWLBzLu6MdrxDeZtwshrJF0mc4nWp_baAOZSsslv5RzjO6T3PYT5sUyGA&sig=Cg0ArKJSzGc6hhZyOSl1EAE&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 48ms
27ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020110501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2c5622577ade034d29e6632c377613a4025609022159a57ec0e3d2f8990402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6524
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 72ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame DE85 0
0 8ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://simcast.com/?d=ngajleng.com&s=bone&sw=18&tr=7909242221

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 06 Nov 2020 14:34:13 GMT
expires: Sat, 06 Nov 2021 14:34:13 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1803
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 41ms
41ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020110501&jk=1489591092274864&bg=!kZKlkrLNAAXuKKZk7lgfSHSUwtkKxgIAAABjUgAAAAxoAQcKAYUfjeKmjrMRXyArpUrOyi4LA2U0Q-bJgGWpwS33ZUr6SeUbPLOf4nkgQTvTSsKn2V-1KdVFlGAoaPjDu3KnUQ5x-7nkaopfADNEHSl9MdkXv3BF01mrr4BCvcRlb1YCOVyknuchwCggC6cmNGSjLnMB1XLh9cVN207f0RrFEmRo0yALCX5Ei52fnod1bdqe5R-nVxPfYY59KN_phdPZnPqHgVILw4IQz2fo47PCqE4SMUyBvzunxqjAtx5vGOlWRLqjyJeFijokchs3qHaH5Es0mwPjc4cyjvVp3tlJMWgAjrOf4I4gRus_XkE1kDtjnbrVN3faHuoMcVMvnVW-TLWEziE6psfLLx57X1IwZ_etOjLAaP37c_aH1LpmEtZT7aL7-BG3HIKptQ8re7JCbs2dg4I6Yn3P2x5PTycVo82E8tKjo2RE3TQO03jPxoZcT7FLXYaPYC3w8x5EaAhS_MpadRLqaF-5nmceOqora9RTlFrDhgqOlYOCD8x-NG7zFn7xccrHUpkBs-8zcoBtv9CT6DK4Q3ka8QbxUC_AMTjpE_slcXQx2xElba7DZXPZepZuP2DlyqMad9oQRaiTnK9X_5bX3MG8_dDUeqBwl3Z4U5sge1zL2eV64ONbkKHXRNdAmLNfMM3hC8uJ7LIGQDUDqtP68KDjA29bB9GeIdDYi_OF4MPTm6fFYndDJbbVDTLeO68gHbjEnCIkL-DMM6pBCo-kpyAHS_pyn-L9Wmc90fmGjQB9d0SoyqxyOL8uS276JIWNVcqi790j5bw3YD-Yx_Fco0VCqE6LviRLMZNOY2S1V3-extsdH-K0SjQzYsmtYJHi43K4CaNHgBj7SCh6ALxE1fwOmoUl9ymfLqrjDJsw6k4l4CKAiu1YCi1H1uiqgXQO-V8_gkk9MMKHltHPcTzj1XshbuZjLzse_IsyvbETi8HA3rp1MvAm7hiu0fXB8Qs5aekTZOxSBj-P45NjWTYCz0gGNdWILM4jBezknWp-7JJbJ6MjoIgB8TT-NocplCTrnPGOGNSx4Van6V4wZCce_e-OuDWHQf_jMmpspvXnWztf2ilkj3vz7Yw4qdpBE_0SEhf5IWbnOQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
173 B 39ms
38ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1489591092274864&r=300x600&w=300&h=600&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 910A 0
0 52ms
51ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupW9nYJfKwhMyQAfmS0bhJ9450dvcAq6zoestUiM0iVidhcgcFoAPB7jNbd77dZNaueT5Dw09rxFoSlFpvz01Ipn_yIQ8zCK4q6lMotxgpwzktMXUInT4OyhwuGstl7m9he9T9_dh__vrI3AgblLPXOS8gpp-ArbGBAsfmCJ1ytvNEiEPyqw7mZJIvVtuTyNhikr3ytjP7qWd-yy14GWyKCOTZ_4Sa6OpO3nbuAZpMgKG62_O7OPUzSYeshG1Qk1JJ4f7Cu2lzPX9MXt7xtw&sai=AMfl-YRraP04Uhjz0Ngm3etaw2qL6S0FV0Y9eTDdOwHxNRpa6dwgTAfvlHz8JShv4rTK0SkaTwT6IaB54z7LiBGJycQbo08qSSMJttHma9dDZnQK5RkADiYAfhUISws6-UIu&sig=Cg0ArKJSzMJSe-UaUApMEAE&urlfix=1&adurl=

Requested by

Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3702/ Frame 910A 31 KB
11 KB 121ms
31ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3702/smart.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:16 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=193
Content-Length: 11025
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 910A 74 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b02913ca2b2fb97bb14badfd6b686b196486281c5ffa56677b6a7bf60a49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604602186333881"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28769
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B6E 0
0 52ms
51ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJyctJKU_CxY11R52m8zU0J7aTFK3hC6I8yK_qkgTK-LDKw49nsQVHINyX3PBcXw9kC-Hj0V3_8uqvutJ9IPeCJs_OhKmXBQcDA_9lsDBznNeG8qy4YS1BemzkFUVmj0XjAPG4ME2JBzqkkvIOgthoT-n8H4Soa8ScKusZkJMtaNWtbLBwjkDaByOwydu5uE9kgKIPbcmAjN2nXAeyW3an_xKnbWMyRny1eZ8g5FX6kO3kebQTP8xuzRFY3vb6FtjzGFmvLYsIgYfcE0CGEjI&sai=AMfl-YQYnsoXEtVR9B9jSZ1wV8thrbOvmUgxwfRnO0EApctEsWez5vFvrjTXqgmx9s1wtY0fZXB2kQnh8q4Gi60wRjFaTImPQyt50kJpTEAqBqxCNhZGXVbqnet9WuVCriYN&sig=Cg0ArKJSzJE35LiqJpTkEAE&urlfix=1&adurl=

Requested by

Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3702/ Frame 8B6E 31 KB
11 KB 133ms
48ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3702/smart.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:16 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=193
Content-Length: 11025
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B6E 74 KB
28 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b02913ca2b2fb97bb14badfd6b686b196486281c5ffa56677b6a7bf60a49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604602186333881"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28769
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DB57 0
0 52ms
51ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgpdSsAXC0f3bi1lgOImqbzSE1KdxsVOR2X5LJcv_a9IV5YXgyrAsLggfJUdZJqta33MGJ9GWdGkJRAY63gPaTO4I1Kaew5bwTj523H_IOMWhYxd50KA0rOzXJN4DHZCY4r25UAWj5al7499mDR9gkus7gF5ECgz-5D-zHsS1ZrrKrblxxoOCyCwRlITIO1UVbuYy9YBY8aklnidWuhCQB_kFtGLKLP4TL69irZI702JK0Tm4Dc6uiFAVTSyUwe81Xdj3t-AtW2keXUPo-COo&sai=AMfl-YQKsSUu8KvBBidIK8QdiLXIO2ZspUX30WOiLxNYtt3UTEJKOqogkOn9S0J9K3UtZBGA7THdO7wOhmYJ5s9Rvexa875YKvlybgLq4bAYuqk7Jql3NjjMJy3UW5K_7awI&sig=Cg0ArKJSzOO3AQCG0qOOEAE&urlfix=1&adurl=

Requested by

Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3702/ Frame DB57 31 KB
11 KB 128ms
48ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3702/smart.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 15:04:16 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=193
Content-Length: 11025
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB57 74 KB
28 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js?21068478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b02913ca2b2fb97bb14badfd6b686b196486281c5ffa56677b6a7bf60a49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604602186333881"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28769
x-xss-protection: 0
expires: Fri, 06 Nov 2020 15:04:16 GMT

GET
DATA 200
OK truncated
/ Frame 910A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5efc0f193243373b7130c415a01f089408797347177c4200b521e98e2175e226

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8B6E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaba0ad20cba4ca6ac0a0dc3b82f6a454afd51813084768339cf015502a2e636

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DB57 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb0097458c6c7ae6dc4e1f1bdf23291b111387e00e1ab019268d982d7699a7a

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame 910A 22 B
348 B 143ms
57ms Script
application/javascript 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=3702&siteid=358318&pgid=1257598&fmtid=92360&async=1&visit=m&tmstp=1621725045&tag=sas_92360&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fsimcast.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3702/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 57a6203d5b9412524e523bf64b90e03563827cf711954df6c241b2f03039e913

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b6%3b94
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame 8B6E 22 B
349 B 133ms
49ms Script
application/javascript 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=3702&siteid=358318&pgid=1257598&fmtid=92359&async=1&visit=m&tmstp=5579188049&tag=sas_92359&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fsimcast.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3702/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: bd840982ca25d7aade402d31059e55c1732ced3f95d15023e6c3e4303f26f50d

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b12%3b78
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame DB57 22 B
353 B 136ms
54ms Script
application/javascript 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=3702&siteid=358318&pgid=1257598&fmtid=92361&async=1&visit=m&tmstp=7539221424&tag=sas_92361&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fsimcast.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3702/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 15c05b6dfd93b48d24d08f0876f5ad0ef1dd811098041a9322b85f43d815f90b

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 15:04:16 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b5%3b79
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 910A 0
44 B 51ms
50ms Image
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstF-EDuRT2RO0oPrwILbG_ryy8FqVLGFOxJvH6mRKAufT3AvKqd6yfnXiW5CFCXbpS1wpxpfgUR2iKDC0GFsBkSBUYsuShfs6UFMDoKjRZPNYf2XMRmFk3hLWbI9Fl9uvOzF-V3LtmHhip2GSWZnCkc-t5ybNDP41Gzslo0GiS7lpqEmJypbKiqu-WDiGgX7Kplia19ujp-Pr3SuP9d3pBSVWSXapx6by3O3DaoJEBRR1UUXPGQESE7Vlg28FNQWq_mR3xqgD4ZYQ0lY8pxCc-J&sai=AMfl-YS1hlCDOf7LgAonMqDVICFMREHMTJLNhP8HzoOEYCgP_f0IPZJLmXWNzTLvOyHgRDO0CST_J9kSBREGOMsu-UZLphCZG7zl61rWl-KsjUmJF74q4_Ltnv5MaIxML_G3&sig=Cg0ArKJSzH5pEqRw58T1EAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:17 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B6E 0
21 B 51ms
51ms Image
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJXR0M-bGl0lwlY2w1prTiQuptsAX8NJau-V2gg-IvU9vprTM36VDzrRl_z-5l2-IT73O5rxM9J3bXKCW3bQII8Mrqwq_D4oF-zcX-myDYUJyWaWkqKKUoLiPVnzNgjPFFjLdJfL-OLkdWKg9tkmiyq-G2Dfwrzggt4e2c8i_zc9LRUPP2F-wJhxwjeb-fphZLTaWrgcNvnTM_M59uvtEb3zppGnQ89zFmyXCklbzh00LUfBWC3oHnn99s1tv31cDaVX8lVyL5GAwIzt8e-6tPvQ&sai=AMfl-YQnl8lNusoAyC5kCDUnnuIKPIiJ8TVCa3BFjQ6cEebGFdjSpfgumF1s0f85IDZBuIegZCt8Jlc4otKgDswsIl2sMxpfOLTRD4IRBr206LCbrIVD9PsLsyNFEDPPBhiF&sig=Cg0ArKJSzJKo4YkkuJwyEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:17 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DB57 0
21 B 55ms
51ms Image
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO-aCBD9Hd0jriyn3aL5MacAnBz_CRAhsHqy2puk1Rf1EYwjCbzVrahk7XDZTi4jv-DsyNk4aqaWz8MN3tXU9kwGsKJnwcaM3aLsFIdjv6qn_Ussd-CC6bjG5i0P8LpJlSSiyMSq0tCLrSqBabsaqxMNSjddw3jAtdXc4Fc9Zg6_hKjdfidJOQehv-_bpc9jHajxO33Q67Aw51CFMR6OHPPUkRVw72KHeDehnAyMpc9EW2xV-2LkxZzRjLXb_4Is0qgKFN_DRgRXUCwlur13GI7A&sai=AMfl-YSA0HYAt3DOeIkKqw-HzwMAtKt-XHYTApLqdC8ls_0p4SlvMQ26DtzSOkKohS6cvmOJ6ybk7VnTMaA2jo-8i6S-2Bxs4og71bCibwQGi_xv96Fp2LgsiDOl9fKJj72L&sig=Cg0ArKJSzOftHuT7tibgEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 15:04:17 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 910A 42 B
93 B 40ms
40ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRHfgbjhnhQ0RUqMbBQQWjFqrjgLiXREpiXqbxOmAuOHcp80crHtorGq8hK78PioQRCpqWasPvvEjptFuO3JN-bZdaUNP9vHzEkRaPAec&sig=Cg0ArKJSzC-jaQTdMgMEEAE&adk=330538255&tt=-1&bs=1600%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=110,436,200,1164&mcvt=1010&rs=3&ht=0&tfs=337&tls=1347&mc=1&lte=-1&bas=0&bac=0&met=ce&avms=nio&niot_obs=234&niot_cbk=241&md=2&btr=0&cpmav=0&lm=2&rst=1604675056741&dlt&rpt=43&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C2457&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1347&is=728%2C90&iframe_loc=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dngajleng.com%26s%3Dbone%26sw%3D18%26tr%3D7909242221&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 15:04:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8B6E 42 B
65 B 39ms
39ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvv0Af37VoEKrB6priq6qxQOLgq2BFvk15U-8HvQ-ymd8OGaarJSSCcJH_UnJxyATWtcM9yu_da8b65AR8Zd3wj72AdsKgbHyegs6S4LE&sig=Cg0ArKJSzPEWgpqUo8a8EAE&adk=2408052046&tt=-1&bs=1600%2C1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&p=499,1255,749,1555&mcvt=1011&rs=3&ht=0&tfs=337&tls=1348&mc=1&lte=-1&bas=0&bac=0&met=ce&avms=nio&niot_obs=235&niot_cbk=241&md=2&btr=0&cpmav=0&lm=2&rst=1604675056742&dlt&rpt=46&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C2457&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1346&is=300%2C250&iframe_loc=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dngajleng.com%26s%3Dbone%26sw%3D18%26tr%3D7909242221&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 15:04:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 18:03:47	Name: VISITOR_INFO1_LIVE Value: 7R4ul6Vb8Ek
.simcast.com/	1970-01-19 23:06:11	Name: __gads Value: ID=eab5c259f83cf45a-223c752d27b9005e:T=1604675056:S=ALNI_MaPueSWfY7Nk82ku2y9s9zkn1wN3A
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: P1cO0kBzlwE
simcast.com/	1969-12-31 23:59:59	Name: NB_SRVID Value: srv8226217
simcast.com/	1970-01-19 13:46:01	Name: PHPSESSID Value: jj2rsc968ohuj0vvjcd8he87c6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

056863389cf6370a2c680810f32afac5.safeframe.googlesyndication.com
a.realsrv.com
adservice.google.com
adservice.google.dk
c.securepaths.com
cadet.parklogic.com
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
ced.sascdn.com
code.jquery.com
damayanti.ngajleng.com
img-s-msn-com.akamaized.net
img0.smartsearch.me
img1.smartsearch.me
img2.smartsearch.me
img3.smartsearch.me
img4.smartsearch.me
pagead2.googlesyndication.com
prg8.smartadserver.com
securepubads.g.doubleclick.net
simcast.com
speedflow.io
syndication.realsrv.com
tpc.googlesyndication.com
traffdaq.com
www.googletagservices.com
www.youtube.com
107.170.39.103
172.217.21.194
185.127.18.41
185.86.138.122
194.146.24.56
194.146.24.86
198.54.116.135
2.16.186.105
2001:4de0:ac19::1:b:1a
209.197.3.24
212.115.109.66
2600:3c02::f03c:91ff:fee2:5b0f
2606:4700::6810:125e
2606:4700::6812:e134
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:824::2001
2a02:26f0:6c00::210:ba20
2a04:4e42:1b::621
35.190.72.161
45.79.244.12
63.250.58.116
72.52.178.23
95.211.229.247
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
035183c3a317c8b968754c2cd63205750cd7c333be777c9319142bca02ca716c
0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aa92818481308f8aadd5b112482e79d859f99a793bb5704316021a7f3199eb4
14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70
15c05b6dfd93b48d24d08f0876f5ad0ef1dd811098041a9322b85f43d815f90b
1f2852371738b4c28f74a164593ca5fe11fe449fd4470d6852a969095fa9d5ef
28d37e0ed0d568ff65e8c35be7cb11aeaa96d732b8c18c9d2237b0b650440b42
28eddc37d85d80769e27e3a40535029be708397c979440a624e3b7de1dd0db2a
2fc396b97b4d65fc1bf8f372ef079f0f5ea1c02f89d8f0ec451e7a9baa5afce7
397a8f30632ea15bdd7d41bc1ba5ebfb6a1396ea44159ac9a45514324277162d
435a6f07900e55058b131c5cbf4d94db05760df60525ab9cdfdeee43e6257ba6
4d971faef455d9653104c2727df1cc48f8655a26299234963886bd4afe799afe
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
572b80b324a4dd4a4178975a04f619f4381e4ebdebd6da2abce7f77f91283630
57a6203d5b9412524e523bf64b90e03563827cf711954df6c241b2f03039e913
5efc0f193243373b7130c415a01f089408797347177c4200b521e98e2175e226
61b83f09e4cc3c4ac8114f4f6902adafc74030ee6012535cf09020a49473ee36
6399aff36855ff3e7cdfc3c419e04c9e139eb84d7c5c61b082121cc86c106010
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
690b218f14243f7df22e08417bdf123d271006e3261de0d148f32fa0dc59f83e
6c17b4b6a416bc5e99fd1672ce9e6ddeeef24a937f5ddeaf4f1725fae67287f9
789f59ca918264b48165e18396e599cd788725e984c6f26697b7ee952aff98f4
86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8cc4c7f427fdcf51e8d037464e83d27cc9121afb99ca18c29f32eca2a26ac9bc
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
91f115d63e59fff951fb713f2dd36b76c2350576c8c263fe1528b2a4ab9aa745
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
9f16ef7ed224b22811a1a96aeefb8494d95207b562ed0bce23430d589d05a09a
a58b154684b13cbf800b29df4920c2204f79ac2f6635e302f5213b360e50ac02
a7ca8a1b0a176abcf76e870973f41ad5b5a3cbb8c59e25eafb8fd7008bd5d85a
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a918a5992db9d73e73104768df49a56baacaa4ae114082d44024badab78fa963
aaba0ad20cba4ca6ac0a0dc3b82f6a454afd51813084768339cf015502a2e636
ad4491fdc66aa48079bf085304ef0b03e21113f3d1a1460f241c6dff4b0c2b5b
b34e7f37f0b1c77f03af7882c3137060941d74973a5938e0177fa5df2e4ca5a6
b378f7377d18ef4e2fc9b90e6094f06bc0da1b15c914a903585ee8b327596edb
b8406092298ee5dd161e054c188f52d8526817da211f59f6220d151efe30fa25
bd840982ca25d7aade402d31059e55c1732ced3f95d15023e6c3e4303f26f50d
bf2c5622577ade034d29e6632c377613a4025609022159a57ec0e3d2f8990402
c4184b928a203ebaafe5332b9fdec6393f0b14f09d1674440627029cda022006
c83f33217668ea0cf73f32254a7c4f618eb2cd59e17de4f545eae13aaf269b2d
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9
d5b8bd9dfe0b7cead9660002fe33614af8663306d156638eaed87d13c376aaea
d9b02913ca2b2fb97bb14badfd6b686b196486281c5ffa56677b6a7bf60a49d6
dbb0097458c6c7ae6dc4e1f1bdf23291b111387e00e1ab019268d982d7699a7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b3bcbf20cd95603e07ddaa5a2ab76f5db5043b4a8945d42b7972c775a9c00e
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e1c3f7cb0b4e29d66083e574c9f991fe2e2e3222eb1422117dd9327ebde42f
f5b2e60170deda823772db9bc59fd7ffacc494161364fa73a313b24bfca97862
fedee761f2e2b4ed22d8145bb6a83af9c57e94a623a3977e18521137cb0e5f35
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

87 %HTTPS

42 %IPv6

21 Domains

28 Subdomains

21 IPs

7 Countries

1957 kBTransfer

2672 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

87 %
HTTPS

42 %
IPv6

21
Domains

28
Subdomains

21
IPs

7
Countries

1957 kB
Transfer

2672 kB
Size

5
Cookies

85 HTTP transactions
4 data transactions