simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://update-verify-information-myaccounts.flu.cc/
Effective URL:
http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Submission Tags: phishing malicious Search All
Submission: On October 31 via api (October 31st 2020, 3:20:04 pm UTC) from US

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 9 countries across 17 domains to perform 100 HTTP transactions. The main IP is 45.79.244.12, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	72.52.179.174 72.52.179.174	32244 (LIQUIDWEB) (LIQUIDWEB)
8	45.79.244.12 45.79.244.12	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	2600:3c02::f0... 2600:3c02::f03c:91ff:fee2:5b0f	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17 17	74.208.47.230 74.208.47.230	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
31	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7 7	194.146.24.56 194.146.24.56	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
7 7	212.115.109.66 212.115.109.66	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::84	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
4	2.16.186.105 2.16.186.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	199.187.193.140 199.187.193.140	47043 (SMARTADSE...) (SMARTADSERVER)
6	2404:6800:400... 2404:6800:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
100	17

1 72.52.179.174 (Lansing, United States) 1 redirects

ASN32244 (LIQUIDWEB, US)

update-verify-information-myaccounts.flu.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.79.244.12 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c02::f03c:91ff:fee2:5b0f (United States)

ASN63949 (LINODE-AP Linode, LLC, US)

cadet.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 74.208.47.230 (Wayne, United States) 17 redirects

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: u22933970.onlinehome-server.com

img1.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a02:26f0:6c00::210:ba1a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 194.146.24.56 (None, ) 7 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img2.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.115.109.66 (London, United Kingdom) 7 redirects

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

img4.smartsearch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::84 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

37a645bc206a4a98a513200eae007cef.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.105 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.187.193.140 (Canada)

ASN47043 (SMARTADSERVER, CA)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4001:80f::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	akamaized.net img-s-msn-com.akamaized.net	3 MB
31	smartsearch.me 31 redirects img1.smartsearch.me img2.smartsearch.me img.smartsearch.me img4.smartsearch.me	6 KB
20	doubleclick.net securepubads.g.doubleclick.net	256 KB
12	googlesyndication.com 37a645bc206a4a98a513200eae007cef.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	24 KB
8	simcast.com simcast.com	102 KB
6	gstatic.com csi.gstatic.com	622 B
6	googletagservices.com www.googletagservices.com	169 KB
4	smartadserver.com prg8.smartadserver.com	1 KB
4	sascdn.com ced.sascdn.com	44 KB
2	google.com adservice.google.com www.google.com	832 B
2	cloudflare.com cdnjs.cloudflare.com	4 KB
1	google.nl adservice.google.nl	832 B
1	youtube.com www.youtube.com
1	parklogic.com cadet.parklogic.com	259 B
1	onesignal.com cdn.onesignal.com	3 KB
1	jquery.com code.jquery.com	30 KB
1	flu.cc 1 redirects update-verify-information-myaccounts.flu.cc	345 B
100	17

	Domain	Requested by
31	img-s-msn-com.akamaized.net	simcast.com
20	securepubads.g.doubleclick.net	simcast.com securepubads.g.doubleclick.net
12	img.smartsearch.me	12 redirects
8	simcast.com	simcast.com code.jquery.com
7	img4.smartsearch.me	7 redirects
7	img2.smartsearch.me	7 redirects
6	pagead2.googlesyndication.com	simcast.com securepubads.g.doubleclick.net
6	csi.gstatic.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	img1.smartsearch.me	5 redirects
4	prg8.smartadserver.com	ced.sascdn.com
4	ced.sascdn.com	securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	simcast.com
1	www.google.com	securepubads.g.doubleclick.net
1	37a645bc206a4a98a513200eae007cef.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	www.youtube.com	simcast.com
1	cadet.parklogic.com	simcast.com
1	cdn.onesignal.com	simcast.com
1	code.jquery.com	simcast.com
1	update-verify-information-myaccounts.flu.cc	1 redirects
100	23

This site contains no links.

Subject Issuer	Validity	Valid
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.parklogic.com COMODO RSA Domain Validation Secure Server CA	`2018-12-16` - `2020-12-29`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.nl GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Frame ID: 76B89F327D22BDFE5649E08EAD78AC09
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jmZlp9o9KQo
Frame ID: 206569EBB11947196CCCD1D7AD14A461
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCle9bf43a2KJ2WxI4Gsm0z4AcWRlPVZXd_QTza0WqQWsCP1RGSWnmH5u4wbrnuR3uCusdmY6yTuz0H2n2vn-tpmpYnAyeOLOJvNGqOo1Hjym0qaGUKnZOfcXlShiEBYRvPasgBYzaEqXth9jlTKJSoR4xhH9ZJeKT_8agegdXDFI-0gmGIxJRlD8ivbqATVFew9Flj8YueIBWS0EhHnAhIzl5gjGZaqlYtJRzY_Jgswwo3f5TEGlQSzyWX1-5-5SEF196lw&sai=AMfl-YQ0aVmAiI2_F_8kfvUBHfz9LiXx3-8StvlsJLUMy4OXfVBo9WgQ0LKI-AfcVMSX5rZfZMSquHGez9D8gVDSW3_iUwRdI3iPYxXUV0tgb9BrwxC0npw2xIWgboPFddM&sig=Cg0ArKJSzHFvgoVNXVn3EAE&adurl=
Frame ID: AACEF35B745051D0883E840D81D1E942
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEK6M_sf31aqb-eS1YgsfVJg8TlmDFJXii1gXPZT-9DWVv1H7lGSORCXp8IjWModSHe6VNaqew3jWK86qLIaiZI1Hnr_bxM0tkDmsZXj8xfNQT_nhGEodV9-I40DOznN6ptSgP6wYvm9VWBkw1Q6lVd2iEtoEytxG0AXtW9opDjmGN17eb8aLX_u_JhECyObbzWixYkXnE941lDxvN_EBD0WS1bZYxryuWG1xvjR85B5-A8YecIrpDpHMvK7TL2vbzojPsqKbRArv5KPTkzQ&sai=AMfl-YTCTu2ke4tZUeRBLhu4oAWkgD9nT7G0TBOXfBp805IqaWIEqGKpBNbjAhkJazNXS_Lm9eN_uWjKV9-nnNvNDziZjxDoECtumr5miuXgH2fm55EA7EBtQAxYgcuffEX9&sig=Cg0ArKJSzEOV9b_KpBn2EAE&urlfix=1&adurl=
Frame ID: 7EE6FF30AD34BEFD96D843CA5C7DD219
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6TY7VfeOPe3Ujmx4kKyuieRtaBm_L2jVKokPyQ7lkErsZldGZZj46rth3cdmxe_jmt9Iu3gCpoHXnUXvcEXlvOdb4IgqnpYhtYId5r_Z15nIBVSkXNMb1sKE6dS_MzTyHxQcmdTuUQoEDW1IBuyKEZaEN_MlUuLXBEJSsy1YkQ2UO-HIFUA-XGUG1y79Bh2Zs1GBV1CA631sKDbe6lsDDw2zos4dM0uZltGQxy8SwBC21iXiR6F4gPx-a0HewANlQ2ePDiolOIHleadGQcHqx&sai=AMfl-YQWIrn-Gy1n1CxwtvlJmkBwjEWYmYSwh5pnAUK8cEJ6eai3D4N9TfRIjn3RdrOu-r4CANwycVuuv_k3nUPhepcoFaHMz5pZT_P2rpj_Qioz1htcgGWkApB2r47GvlJn&sig=Cg0ArKJSzB_59Fjl5ZxGEAE&urlfix=1&adurl=
Frame ID: C4EB49DA8811AD4FBB2180E09E1A7034
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBJ5tAiHq1g_u71PwiR0m4X9T96NOaKY6gJ04Ui93WFZ0w_Qe3dGf4wsCJIMJBWqK7E0saQWqUm_sE-9ylrGxK3tPf00CiJSSip1G8xcBlpnuoCK1b_rmhRY08OacHgz8KccEjPIJ-96_8BIDlkswOq09kmZCagI6wRyrrLqHuyrf5QU6-5U1Kl07P06FmA5Y0eE_FNTfv7pEvIo02B-wDgdmmt3ZyusdVkfulqfGKDlQWbJqYxrUTUkX8FArUcxGAUOqlatDDIIJjCMBKUJE&sai=AMfl-YRFnmrk7qbD9vRLV02WXRObRpfpKIvG_9LYYcwgPYTE74Vw4Jo-V2ZmPieS1IfNvf5zXW7XJbxPQmUj-BAXQI7DUL_TOSJpxBYIdFwqV9jXf2-b5QK_vaWG14v8lajt&sig=Cg0ArKJSzOqZfmoBfPfmEAE&urlfix=1&adurl=
Frame ID: 384E9CA428B6318A22907631AEE76AF1
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJQHSXGKzjT3NZMpRndIfeGJCOq8E54MS8HfyvBlP2L35_nahurzNzj2-KhI1Hf9ApfhP8OnzEhgTDs_D0p2G1lAu5gRgGvPxeSOOidQOv2GkwwKA4VjLMZdklvW_KkA2XP4FvibrVvWDe-Y2SCAVcw4UcGbmInBXba9teFXEJ87q1PF2E3fDJgdKTEJnsVe5Kkxdvc71-OJUeLGh1Z6QpwiOh2E12ut5f-hXFYaqQ0U6bWZ4hx7zY2KB3nJdXXHY8WRQktmtdXhQ1Wt_rznU&sai=AMfl-YRO0IqjTG2SEjuZpPAMUKRWirYO5ilRddo0ZQJU28Pt4pWlryWeXMP2hmPcrSNPxnJF0dDZs_rf1jQtflQhNnljL7rt8vTCsUaevtIYhAkNNInIUEYed6gIhhrGspUV&sig=Cg0ArKJSzF-S65_27o5cEAE&urlfix=1&adurl=
Frame ID: 4FFA531454AE2BC6C57D3BA6C7B74B66
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 27037F167CAD1F72866E0505303B060B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://update-verify-information-myaccounts.flu.cc/ HTTP 302
http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327 Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

100
Requests

90 %
HTTPS

60 %
IPv6

17
Domains

23
Subdomains

17
IPs

9
Countries

3348 kB
Transfer

4305 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://update-verify-information-myaccounts.flu.cc/ HTTP 302
http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://img1.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZRcUpad2xtVWtuZ2lOZ1BhNzh4eXp1MGtnTXlOeHJFcnJMeFVTV3hWaHg0aUZGbVA4R3dkeUVPRmRyQ3pFMFU= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azyHH.img?m=4&w=800&h=800

Request Chain 11

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJBemRWTFVMSXRFZzk0SnpkQ05GOVVvRCt0NWhuWi9PMkNzQlBIUDluM1M1eDdnN1NMenZJUVh0UkxHVXJ3cVM= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azwNK.img?m=4&w=800&h=800

Request Chain 12

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Request Chain 13

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHVkUlFWU2kwdVBEVlpmRmplcG1TaHdNSjNvODEvQ1VST3lvdUk4U0tiUHpVemUrQjdWQ0JZMHpERUpZeFdieko= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azigr.img?m=4&w=800&h=800

Request Chain 14

https://img.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Request Chain 15

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFR4bHhVblF3Z3lUSTJlTis2ZGF4T0IyNWpDaGJSYXRYQU1ETVR5NHZqbDdHQ1Z4MWp1YS9GWnB6amEyVHkyQnQ= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjHq.img?m=4&w=800&h=800

Request Chain 16

https://img.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGYzMFNzWTlINUVvU2VENlZKdEswT0ZkSUVUL3BoUjJuNHZMZjEwN2JDajA9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn.img

Request Chain 17

https://img1.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdENLZytkeFIvamhTWG4zenVvK3g5NXFKZVczQnJ6NXVwNXpPQ0Yyd01mVTM4NDdjQ3NIcVl1NDBKQVBxWTFIR2g= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az86V.img?m=4&w=800&h=800

Request Chain 18

https://img1.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Request Chain 19

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdE4rcTdDZE5mdDJlVTBodGl1WVFDWHZlUUpmNVRZUVJmTjBZSkI0elozMmlXUk1LZmtHZ1o0WjV6aUhoNXhaKzI= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azfAA.img?m=4&w=800&h=800

Request Chain 20

https://img.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Request Chain 21

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFlEMnd5OWE1blF3NXY4TlFyaEM0UEFPQ2lUcTk4cERVR2Nwck4xZXlLbkV3ODNuTDYrWlVJZlpTMzExMGd4K1U= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aza89.img?m=4&w=800&h=800

Request Chain 22

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Request Chain 24

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEpOK1RJZUYwRkdHV0xubkVIZlorU1FsZzFNc29Xa3A3WmxQMVBDdCszcmpyVVFZbDhkeCtwdXYyaEtsR2Nmd2M= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjrH.img?m=4&w=800&h=800

Request Chain 25

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Request Chain 26

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDJla0FtbFFtRExOU2lGeXZzR0pkTXpYWVBvclNCeVhEajFLT2VMTVVwdWJZTWxGanBUcFI4RlFBYkhwUGg0anE= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHQA5w.img?m=4&w=800&h=800

Request Chain 27

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVjSUdKRE4vcmlVK29TbGRtMjFIR3J5Sktsci85ZjF5Ujl5aEhKcHlFMFFmZTI2YXpMM21jSFhBVTdpSXVzT04= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azo5P.img?m=4&w=800&h=800

Request Chain 28

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEMvYnRGYVdRT2hyYTR0dnpaZUdqWWFjeE1FSEszQjhJS3FscHl4cHFGT0dZdGF0UXR0UlkyelEzSTB5VVhBVXk= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az0wx.img?m=4&w=800&h=800

Request Chain 29

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFhzVGNoMWYzV1dDNTlPMkxEZlg5RElaNFYxR2JuYTNpZnYyejNEWFVVQnlNbURraVM3eEZaSHk0ZmpVWFR4N1o= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az9xF.img?m=4&w=800&h=800

Request Chain 30

https://img.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Request Chain 31

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdERhTFNFZnZNeHZabEJvR0U2OGZXVDhBdmJ1eEp1MlFuTlo3M1g3YzJIcFZSOHk1OU03MTVrNGViOVJjYWkzaGg= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aySct.img?m=4&w=800&h=800

Request Chain 32

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Request Chain 33

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHUvdVVHODRlaFk1SU5MNDMwc25mdTU0NFZaS2lQL0g2aG9qWXlheUhLemN5aDFvckVya2ZQVEtIR1NsUHU3OGk= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1avK5e.img?m=4&w=800&h=800

Request Chain 34

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Request Chain 35

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1rS0RERTZwUEpzOW1neTd1cGJUZUhnbXhjWko0RE5EUmt1OVFjUVlNWW5nRTJFamdJWWFxRkQ0M2dsUTNBR1Y= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayV4o.img?m=4&w=800&h=800

Request Chain 36

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJHQVRGOEMwTjlZZHRncndzS1MzNkg4dFcvcXFCRHl1RGFrZThnVEMwUnJaZEExSmJ2QWdoYWZZYUpoZVdKN2g= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayZEX.img?m=4&w=800&h=800

Request Chain 37

https://img1.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1ZNDBKY0gvbEdyeUNGSE9CZUlOSWovVmpkTml1bGRjeGR1bDFEMkdua285MUpTZURvejBsQjlBYUdjVVMrSE0= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azbg9.img?m=4&w=800&h=800

Request Chain 38

https://img1.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGYzMFNzWTlINUVvU2VENlZKdEswT0ZkSUVUL3BoUjJuNHZMZjEwN2JDajA9 HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn.img

Request Chain 39

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDV5WGpRR1BaRjR0ZnFhb3BMczNsdXZJSUt1TnV3V0ZQd0RyRVFjWTZnYkhrNmFiU1UrazBhRXlJQWJ1OHluUjk= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayRAP.img?m=4&w=800&h=800

Request Chain 40

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGxxTDVTK2dGaUZaeThQUTFMUGp1ZE56WEF2MkRqM2tvQlhiVy8weFJlelFJVkQrSEc5anBaTWxEaEJxYllFcE4= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aztQU.img?m=4&w=800&h=800

Request Chain 41

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFVxUHlNbzB3VC9odmlKWE1KQXNoL2Z3RHFRQlpodVpBYU5MM3F5QXp6N3VjSW1QZ3p6OUpQL3NjZXRGV2NBME8= HTTP 301
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az64N.img?m=4&w=800&h=800

100 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
simcast.com/
Redirect Chain

http://update-verify-information-myaccounts.flu.cc/
http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

44 KB
9 KB

918ms
900ms

Document
text/html

45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: d6b84db9f0b802a8484ddaa5a51cff1e1bc138d87e8abbb0063b0c35bd48d46e

Request headers

Host: simcast.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:41 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=m47p6q7r39jkrqvruidic8j5pa; expires=Sun, 01-Nov-2020 15:19:41 GMT; Max-Age=86400; path=/ NB_SRVID=srv8226215; path=/
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8753
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 31 Oct 2020 15:19:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 1518ms
14ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: http://simcast.com
Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
status: 200
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1604157584.dop137.fr8.t,1604157584.cds259.fr8.hc,1604157584.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 13 KB
3 KB 235ms
220ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Sep 2020 04:24:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "34cd-5af8edec19a40-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2953

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 230ms
216ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 03:45:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "daa3-58d2345dc71c0-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 12209

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 30ms
13ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3539
etag: W/"af07e3bccd7885748057bb532c526ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 5eae5b21e9302c56-FRA
cf-request-id: 0620d7492d00002c567a2b7000000001
expires: Sun, 01 Nov 2020 03:19:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
18 KB 86ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5ce057490b0bf6b6af30c955ec6b7f43c964705b57f9ce459ab5cf822cafff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "679 / 460 of 1000 / last-modified: 1604098483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17897
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:43 GMT

GET
H/1.1 200
OK enhance.js Show response
cadet.parklogic.com/page/ 0
259 B 430ms
107ms Script
text/html 2600:3c02::f03c:91ff:fee2:5b0f
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://cadet.parklogic.com/page/enhance.js?pcId=56&domain=flu.cc
Requested by: Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02::f03c:91ff:fee2:5b0f , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:43 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: Keep-Alive
X-Powered-By: PHP/5.5.38
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 240ms
227ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:43 GMT
Last-Modified: Wed, 26 Feb 2020 07:27:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "527-59f758988fec0"
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 157181
x-via: cfworker/kv
status: 200
content-length: 1399
cf-request-id: 0620d7472c00002c19a285b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Suu8jL3et%2F2axq9ppnoqkIhc228bv5JpvtLfSaEpXsoBCM9VFxRiGWYcUh5%2B0BVwHSRVABSQRvEMP0rDT1Rd1FTJPLcYjqR4kScCBQUgf9Izgng%2FFtKtZ9ql%2FEH6vTDxIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5eae5b1eae562c19-FRA
expires: Thu, 21 Oct 2021 15:19:43 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 11ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 150800
x-via: cfworker/kv
status: 200
content-length: 1541
cf-request-id: 0620d7473900002c1953b33000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1fpTeiKJUQOnYZ43uT%2BtkQ5BJz84r0FYs7h9W4Pk%2Bs%2FrOnQFFJ1Yq7YD4l1Feo2jGp0ulJkMO3eL37xvFHJ8Prr6764CLVikKnmTqCNRvibM1t%2F5BESyZ6baTAk6sY27Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5eae5b1ece962c19-FRA
expires: Thu, 21 Oct 2021 15:19:43 GMT

GET
H/1.1 200
OK modal.css
simcast.com/widgets/modal/ 577 B
633 B 234ms
217ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/modal/modal.css
Requested by: Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Aug 2020 23:13:02 GMT
Server: Apache/2.4.38 (Debian)
ETag: "241-5acb6544e5b80-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 272

GET
H2

200

BB1azyHH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img1.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFZRcUpad2xtVWtuZ2lOZ1BhNzh4eXp1MGtnTXlOeHJFcnJMeFVTV3hWaHg0aUZGbVA4R3dkeUV...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azyHH.img?m=4&w=800&h=800

119 KB
120 KB

17ms
16ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azyHH.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b2933c9fe632c27eb256332bf2850bd65ba7cf55aa6d33c15b44b3b46a37ecec

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1azyHH
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 700818
status: 200
x-activityid: 92c3b2b3-6e46-4878-a705-0e00c8da1dbe
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 122270
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:02:11 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430967
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azyHH?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:02:35 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:48 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azyHH.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

BB1azwNK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJBemRWTFVMSXRFZzk0SnpkQ05GOVVvRCt0NWhuWi9PMkNzQlBIUDluM1M1eDdnN1NMenZJUVh...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azwNK.img?m=4&w=800&h=800

69 KB
69 KB

371ms
314ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azwNK.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

133924998fda2e60ca2693518f1cc9a47211e5e7bd05c2adf0696a5230b3e775

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1azwNK
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 1431034
status: 200
x-activityid: 151b1621-2388-4626-9bc3-c47beb8be132
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 70333
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:19:44 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=432000
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azwNK?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:19:44 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:42 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azwNK.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

1 KB
2 KB

67ms
11ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXFkn
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 1198
status: 200
x-activityid: 79153a5b-aea4-465a-a6dc-d5b97e1f04b4
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1198
last-modified: Fri, 30 Oct 2020 11:50:18 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=333027
timing-allow-origin: *
expires: Wed, 04 Nov 2020 11:50:11 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:42 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1azigr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHVkUlFWU2kwdVBEVlpmRmplcG1TaHdNSjNvODEvQ1VST3lvdUk4U0tiUHpVemUrQjdWQ0JZMHpE...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azigr.img?m=4&w=800&h=800

68 KB
68 KB

18ms
16ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azigr.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

2cd26443b286d0a94d6df05d2c68b0d662ace3cc1cec00a96118a24c8c312393

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1azigr
date: Sat, 31 Oct 2020 15:19:47 GMT
x-source-length: 260016
status: 200
x-activityid: be7914ff-a4c9-49a4-a159-82c9d568f561
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 69405
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:02:11 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430902
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azigr?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:01:29 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azigr.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

660 B
1 KB

7ms
6ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXuBZ
date: Sat, 31 Oct 2020 15:19:47 GMT
x-source-length: 660
status: 200
x-activityid: 3e6ba6d2-ef77-4d59-942f-5374522d56af
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 660
last-modified: Thu, 29 Oct 2020 19:20:18 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=273617
timing-allow-origin: *
x-akamai-path-stats: [1:453:11547]
expires: Tue, 03 Nov 2020 19:20:04 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
content-type: text/html; charset=UTF-8

GET
H2

200

BB1azjHq.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFR4bHhVblF3Z3lUSTJlTis2ZGF4T0IyNWpDaGJSYXRYQU1ETVR5NHZqbDdHQ1Z4MWp1YS9GWnB6...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjHq.img?m=4&w=800&h=800

68 KB
69 KB

37ms
36ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjHq.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e20d84b77b00cb0ade09ad893484081e0c4dd06fed5bfe0ad15604bb91eb442b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1azjHq
date: Sat, 31 Oct 2020 15:19:47 GMT
x-source-length: 156820
status: 200
x-activityid: 256a71e7-199b-4801-9583-ade2050a8430
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 69903
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:02:11 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430908
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjHq?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:01:35 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjHq.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

BBENKEn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGYzMFNzWTlINUVvU2VENlZKdEswT0ZkSUVUL3BoUjJuNHZMZjEwN2JDajA9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn.img

18 KB
18 KB

15ms
13ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

4f27c2274f3172315349e405e68dbc5ee6f349c3ef1c7c2ea0d049f1bfc29719

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBENKEn
date: Sat, 31 Oct 2020 15:19:47 GMT
x-source-length: 18270
status: 200
x-activityid: 9a995cc0-8eda-4fdc-994d-5bba30cfc2f1
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 18270
last-modified: Wed, 28 Oct 2020 19:17:29 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=186986
timing-allow-origin: *
expires: Mon, 02 Nov 2020 19:16:13 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn.img
content-type: text/html; charset=UTF-8

GET
H2

200

BB1az86V.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img1.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdENLZytkeFIvamhTWG4zenVvK3g5NXFKZVczQnJ6NXVwNXpPQ0Yyd01mVTM4NDdjQ3NIcVl1NDB...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az86V.img?m=4&w=800&h=800

90 KB
90 KB

15ms
15ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az86V.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

394e402b29ce9c667899cfecd61ea13b8c5def16a2e97a1bdd41fc9ca4bfa4e5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1az86V
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 127989
status: 200
x-activityid: 3be017b3-6f39-4135-b3f9-c23697b73048
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 91857
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:02:11 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430998
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az86V?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:03:06 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:48 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az86V.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img1.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

1 KB
2 KB

6ms
5ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXFkn
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 1198
status: 200
x-activityid: 79153a5b-aea4-465a-a6dc-d5b97e1f04b4
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1198
last-modified: Fri, 30 Oct 2020 11:50:18 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=333023
timing-allow-origin: *
expires: Wed, 04 Nov 2020 11:50:11 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:48 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
content-type: text/html; charset=UTF-8

GET
H2

200

BB1azfAA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdE4rcTdDZE5mdDJlVTBodGl1WVFDWHZlUUpmNVRZUVJmTjBZSkI0elozMmlXUk1LZmtHZ1o0WjV6...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azfAA.img?m=4&w=800&h=800

48 KB
48 KB

44ms
42ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azfAA.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

5f8175a6c175ca41e79bf587d073a9051d6215016f7bc842aadf5a5dd43aecc6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1azfAA
date: Sat, 31 Oct 2020 15:19:47 GMT
x-source-length: 90779
status: 200
x-activityid: 27aa7104-11e3-44c3-8e3f-db3b1bd42318
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 49056
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:02:05 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430901
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azfAA?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:01:28 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azfAA.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

195 B
555 B

7ms
6ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBj0TsQ
date: Sat, 31 Oct 2020 15:19:47 GMT
x-source-length: 195
status: 200
x-activityid: 17616a1f-9930-4616-8093-8a0f8e189681
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 195
last-modified: Thu, 29 Oct 2020 08:45:30 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=235570
timing-allow-origin: *
expires: Tue, 03 Nov 2020 08:45:57 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
content-type: text/html; charset=UTF-8

GET
H2

200

BB1aza89.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFlEMnd5OWE1blF3NXY4TlFyaEM0UEFPQ2lUcTk4cERVR2Nwck4xZXlLbkV3ODNuTDYrWlVJZlp...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aza89.img?m=4&w=800&h=800

77 KB
78 KB

20ms
19ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aza89.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8cdb1c94d3ccde3688f34116fa95dc6e175d5e812fd33e964e133e286cf8f086

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aza89
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 142589
status: 200
x-activityid: 456945a8-d3e8-4b85-9277-6076d42fe28b
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 78980
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 12:41:33 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422462
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aza89?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 12:40:46 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aza89.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

195 B
556 B

7ms
6ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBj0TsQ
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 195
status: 200
x-activityid: 17616a1f-9930-4616-8093-8a0f8e189681
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 195
last-modified: Thu, 29 Oct 2020 08:45:30 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=235573
timing-allow-origin: *
expires: Tue, 03 Nov 2020 08:45:57 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK login.js Show response
simcast.com/widgets/login/ 931 B
574 B 234ms
221ms Script
application/javascript 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/login/login.js
Requested by: Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Aug 2019 05:50:21 GMT
Server: Apache/2.4.38 (Debian)
ETag: "3a3-59071ea59a140-gzip"
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: max-age=3024000, public
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 199

GET
H2

200

BB1azjrH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEpOK1RJZUYwRkdHV0xubkVIZlorU1FsZzFNc29Xa3A3WmxQMVBDdCszcmpyVVFZbDhkeCtwdXY...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjrH.img?m=4&w=800&h=800

175 KB
176 KB

58ms
38ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjrH.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1aae491aa4439bdc25e52186532e840244aa22fab3355c973124157b18cea6ee

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1azjrH
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 699799
status: 200
x-activityid: 0f8fa2bf-9457-40a7-810a-925d1e44d04a
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 179533
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:02:17 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430964
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjrH?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:02:28 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:42 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azjrH.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXuBZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtHenB2dWx6UThBdmlaZUVxMmFtNFlYcTAvd0hON2lkMXBkTUVRM3ZCTTA9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

660 B
1021 B

53ms
34ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXuBZ
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 660
status: 200
x-activityid: 3e6ba6d2-ef77-4d59-942f-5374522d56af
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 660
last-modified: Thu, 29 Oct 2020 19:20:18 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=273620
timing-allow-origin: *
expires: Tue, 03 Nov 2020 19:20:04 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:42 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXuBZ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAHQA5w.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDJla0FtbFFtRExOU2lGeXZzR0pkTXpYWVBvclNCeVhEajFLT2VMTVVwdWJZTWxGanBUcFI4RlF...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHQA5w.img?m=4&w=800&h=800

59 KB
60 KB

15ms
14ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHQA5w.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

01c55db052bc27ef8d7f791fe564fba8d3fdcd3ba046d3f8806191016ea9e98e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAHQA5w
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 101241
status: 200
x-activityid: 99034db6-c078-4a76-af09-df5c66dd39bb
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 60421
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 12:41:33 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422570
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHQA5w?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 12:42:34 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHQA5w.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1azo5P.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGVjSUdKRE4vcmlVK29TbGRtMjFIR3J5Sktsci85ZjF5Ujl5aEhKcHlFMFFmZTI2YXpMM21jSFhB...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azo5P.img?m=4&w=800&h=800

91 KB
92 KB

23ms
22ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azo5P.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

27225f967ce383ead0dc66a294a1eee76fd0208b1b85569cd01fd8c6b5a77632

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1azo5P
date: Sat, 31 Oct 2020 15:19:47 GMT
x-source-length: 404412
status: 200
x-activityid: e8605c76-c5da-4ea3-b8ff-037433112447
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 93507
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:02:03 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430867
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azo5P?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:00:54 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azo5P.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

BB1az0wx.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdEMvYnRGYVdRT2hyYTR0dnpaZUdqWWFjeE1FSEszQjhJS3FscHl4cHFGT0dZdGF0UXR0UlkyelE...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az0wx.img?m=4&w=800&h=800

74 KB
75 KB

70ms
50ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az0wx.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

113c9d39f93868c3e6b94c55c1aab1d891c2684bb04076bde65d073f910fd561

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1az0wx
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 1641356
status: 200
x-activityid: f40813a0-c85e-470d-8e4e-2e6d498c6a5e
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 76003
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 12:41:36 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422490
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az0wx?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 12:41:14 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:42 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az0wx.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1az9xF.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFhzVGNoMWYzV1dDNTlPMkxEZlg5RElaNFYxR2JuYTNpZnYyejNEWFVVQnlNbURraVM3eEZaSHk0...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az9xF.img?m=4&w=800&h=800

57 KB
58 KB

9ms
9ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az9xF.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

7a1849ddeaab7ba08ed6085ef47e5275b7cff23f3ece61085077081be682a8f6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1az9xF
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 37967
status: 200
x-activityid: f7efcef5-0a2b-4238-b293-7b68f6866dd2
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 58617
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 11:50:07 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=419454
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az9xF?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 11:50:42 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az9xF.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

1 KB
2 KB

9ms
8ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXFkn
date: Sat, 31 Oct 2020 15:19:47 GMT
x-source-length: 1198
status: 200
x-activityid: 79153a5b-aea4-465a-a6dc-d5b97e1f04b4
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1198
last-modified: Fri, 30 Oct 2020 11:50:18 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=333024
timing-allow-origin: *
expires: Wed, 04 Nov 2020 11:50:11 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
content-type: text/html; charset=UTF-8

GET
H2

200

BB1aySct.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdERhTFNFZnZNeHZabEJvR0U2OGZXVDhBdmJ1eEp1MlFuTlo3M1g3YzJIcFZSOHk1OU03MTVrNGV...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aySct.img?m=4&w=800&h=800

96 KB
96 KB

9ms
9ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aySct.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

31f83567154cc1bbb0a549f465b658b1cc9b71d73c1334fcdfb1df422c492935

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aySct
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 84233
status: 200
x-activityid: 504bf3bc-2f21-49d0-a9bf-ba6f5535233c
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 97849
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 10:40:35 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=415262
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aySct?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 10:40:46 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aySct.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

AAkXFkn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGtqeEt6L054V0gwMXlwNVVBOUR5eDFQY1ppbEt4Zm5NdzNzVm55VnFjVEU9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

1 KB
2 KB

11ms
11ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAkXFkn
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 1198
status: 200
x-activityid: 79153a5b-aea4-465a-a6dc-d5b97e1f04b4
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1198
last-modified: Fri, 30 Oct 2020 11:50:18 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=333027
timing-allow-origin: *
expires: Wed, 04 Nov 2020 11:50:11 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAkXFkn.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1avK5e.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdHUvdVVHODRlaFk1SU5MNDMwc25mdTU0NFZaS2lQL0g2aG9qWXlheUhLemN5aDFvckVya2ZQVEt...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1avK5e.img?m=4&w=800&h=800

107 KB
108 KB

34ms
15ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1avK5e.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

d88622cd4fa719ecee333a3fa40c0cd19a2a6968711a5de97808628015c1dac1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1avK5e
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 229276
status: 200
x-activityid: b76151b5-4e93-42cb-99cb-f1e5c359bbff
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 109577
timing-allow-origin: *
last-modified: Thu, 29 Oct 2020 13:28:48 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=252527
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1avK5e?m=4&w=800&h=800
expires: Tue, 03 Nov 2020 13:28:31 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:42 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1avK5e.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BBj0TsQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img2.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDN4TFp3bE9XM0ZBUjZqRFBvS1dpeXNUVlp3TzhxMWZJaFBFUlJyMDRWNkk9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

195 B
556 B

44ms
25ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBj0TsQ
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 195
status: 200
x-activityid: 17616a1f-9930-4616-8093-8a0f8e189681
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 195
last-modified: Thu, 29 Oct 2020 08:45:30 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=235573
timing-allow-origin: *
expires: Tue, 03 Nov 2020 08:45:57 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:42 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBj0TsQ.img
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1ayV4o.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1rS0RERTZwUEpzOW1neTd1cGJUZUhnbXhjWko0RE5EUmt1OVFjUVlNWW5nRTJFamdJWWFxRkQ0...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayV4o.img?m=4&w=800&h=800

72 KB
73 KB

18ms
17ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayV4o.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

52ec6239c576b0832def041974f0d5371c41aad68c2915ca7b7e59f23c1b9389

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1ayV4o
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 140807
status: 200
x-activityid: ceac1d7d-80f7-42fb-ae1b-5f06799d89f3
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 73859
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:02:17 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430950
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayV4o?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:02:18 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:48 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayV4o.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

BB1ayZEX.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFJHQVRGOEMwTjlZZHRncndzS1MzNkg4dFcvcXFCRHl1RGFrZThnVEMwUnJaZEExSmJ2QWdoYWZ...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayZEX.img?m=4&w=800&h=800

74 KB
75 KB

17ms
16ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayZEX.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9e989058c78e85335a0078ee042cf4bc6e4f294ae11d098a40e73d7ff5d1b748

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1ayZEX
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 297416
status: 200
x-activityid: 4db9ba9a-fe6c-4406-8603-38ea749be815
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 76027
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 10:40:34 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=415259
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayZEX?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 10:40:43 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayZEX.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1azbg9.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img1.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdG1ZNDBKY0gvbEdyeUNGSE9CZUlOSWovVmpkTml1bGRjeGR1bDFEMkdua285MUpTZURvejBsQjl...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azbg9.img?m=4&w=800&h=800

67 KB
67 KB

18ms
18ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azbg9.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8d30323f26a132246277a3ba8bb0724be80b120b677af9cb32554e2840365387

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1azbg9
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 64667
status: 200
x-activityid: cb2a6a54-e3f4-4a46-9dab-738a49b06842
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 68385
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 09:52:52 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=412424
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azbg9?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 09:53:32 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:48 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1azbg9.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

BBENKEn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img1.smartsearch.me/?pro_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGYzMFNzWTlINUVvU2VENlZKdEswT0ZkSUVUL3BoUjJuNHZMZjEwN2JDajA9
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn.img

18 KB
18 KB

7ms
6ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn.img

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

4f27c2274f3172315349e405e68dbc5ee6f349c3ef1c7c2ea0d049f1bfc29719

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBENKEn
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 18270
status: 200
x-activityid: 9a995cc0-8eda-4fdc-994d-5bba30cfc2f1
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 18270
last-modified: Wed, 28 Oct 2020 19:17:29 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=186985
timing-allow-origin: *
x-akamai-path-stats: [3:20999:3001]
expires: Mon, 02 Nov 2020 19:16:13 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:48 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBENKEn.img
content-type: text/html; charset=UTF-8

GET
H2

200

BB1ayRAP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdDV5WGpRR1BaRjR0ZnFhb3BMczNsdXZJSUt1TnV3V0ZQd0RyRVFjWTZnYkhrNmFiU1UrazBhRXlJ...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayRAP.img?m=4&w=800&h=800

29 KB
30 KB

16ms
16ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayRAP.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

fff485776916e769bbc5ed611e1ea8ce4e56d6bc25e65ec878fee9f83a4255b6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1ayRAP
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 54340
status: 200
x-activityid: e69ac450-85d1-42af-9ae7-de631cff709e
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 30140
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 09:27:30 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=410877
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayRAP?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 09:27:45 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:48 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1ayRAP.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H2

200

BB1aztQU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img4.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdGxxTDVTK2dGaUZaeThQUTFMUGp1ZE56WEF2MkRqM2tvQlhiVy8weFJlelFJVkQrSEc5anBaTWx...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aztQU.img?m=4&w=800&h=800

1 MB
1 MB

384ms
384ms

Image
image/png

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aztQU.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b1c37c5f84d6e45109056204955c6363f49497e69be92445f391ef05e8a6fd74

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1aztQU
date: Sat, 31 Oct 2020 15:19:44 GMT
x-source-length: 905692
status: 200
x-activityid: ab13a79b-578c-420a-ac68-732046c1e22d
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 1196120
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 15:19:44 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=432000
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aztQU?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 15:19:44 GMT

Redirect headers

date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: nginx
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aztQU.img?m=4&w=800&h=800
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

BB1az64N.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
Redirect Chain

https://img.smartsearch.me/?main_img=Y2NNcjdHZ3BiRXlUb0p1TGlwWnZUQ3FyTUV3cCtKVzJtS3lIOCtnTDV1TkVJSzIzWHNCRVNyU25paEdlcVFxdFVxUHlNbzB3VC9odmlKWE1KQXNoL2Z3RHFRQlpodVpBYU5MM3F5QXp6N3VjSW1QZ3p6OUpQL3Nj...
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az64N.img?m=4&w=800&h=800

43 KB
44 KB

18ms
18ms

Image
image/jpeg

2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az64N.img?m=4&w=800&h=800

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e40bb7b96fc6058772e1f2b97b452ee1bbee84373a1ac5fc22239a6169294a95

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB1az64N
date: Sat, 31 Oct 2020 15:19:48 GMT
x-source-length: 40350
status: 200
x-activityid: 96593bd1-f733-4fea-8c32-7b357155ad13
x-deployment: cfc83d5b1f7540e6b2e5c1ce02b51371
content-length: 44083
timing-allow-origin: *
last-modified: Sat, 31 Oct 2020 09:27:31 GMT
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=410850
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az64N?m=4&w=800&h=800
expires: Thu, 05 Nov 2020 09:27:18 GMT

Redirect headers

status: 301
date: Sat, 31 Oct 2020 15:19:47 GMT
server: nginx
x-powered-by: PHP/7.3.23, PleskLin
location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1az64N.img?m=4&w=800&h=800
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 pubads_impl_2020102601.js Show response
securepubads.g.doubleclick.net/gpt/ 273 KB
96 KB 90ms
60ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

3dc07588699fb0adc2702b0e8734bfabdbe45c1838e4fb2884511264bb9ef0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 08:41:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98213
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 74 KB
74 KB 230ms
217ms Font
font/woff2 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: simcast.com
URL: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Origin: http://simcast.com
Referer: http://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:44 GMT
Last-Modified: Mon, 08 Jul 2019 03:51:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "126b0-58d235a3ef340"
Upgrade: h2
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: font/woff2
Content-Length: 75440

GET
H2 200 jmZlp9o9KQo
www.youtube.com/embed/ Frame 2065 0
0 150ms
99ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jmZlp9o9KQo

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jmZlp9o9KQo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Response headers

status: 200
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
cache-control: no-cache
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 20283
content-encoding: br
date: Sat, 31 Oct 2020 15:19:44 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=xbaFLeJctQM; path=/; domain=.youtube.com; secure; expires=Thu, 29-Apr-2021 15:19:44 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 31-Oct-2020 15:49:44 GMT YSC=-pgssifprxs; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=xbaFLeJctQM; path=/; domain=.youtube.com; secure; expires=Thu, 29-Apr-2021 15:19:44 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK js.php Show response
simcast.com/widgets/ms/ 1 B
367 B 246ms
225ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://simcast.com/widgets/ms/js.php?fra=0&ip=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Server: 45.79.244.12 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: */*
Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Oct 2020 15:19:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Upgrade: h2
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8
Content-Length: 21
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
832 B 36ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 36ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 52 KB
20 KB 36ms
36ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

70127a6eca58e120e0e62062bf53a1a7a5a79868c8113fba88c1f8f8553d6103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1864
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20677
x-xss-protection: 0
server: cafe
etag: 4860419231427265811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 31 Oct 2020 15:48:40 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
9 KB 112ms
112ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=887642644702504&correlator=2637542371397784&output=ldjh&impl=fifs&eid=21068116%2C21068419%2C21068031%2C21066613%2C21066615&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201031&iu_parts=51855962%2Csimcast%2Csimcast_970x250%2Csimcast_728x90%2Csimcast_728x90_2%2Csimcast_728x90_3%2CSimcast_300x250%2Csimcast_300x600%2Csimcast_320x50&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=970x250%7C728x90%2C728x90%2C728x90%2C728x90%2C300x250%2C300x600%2C320x50&cust_params=sub_id%3Dflu.cc&cookie_enabled=1&bc=23&abxe=1&lmt=1604157584&dt=1604157584469&dlt=1604157582708&idt=1729&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C10%2C20%2C-9%2C1255%2C36%2C-9&adys=-9%2C110%2C262%2C-9%2C499%2C1655%2C-9&adks=1580246415%2C330538255%2C2731548126%2C101588295%2C2408052046%2C1831785291%2C2541982844&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dflu.cc%26s%3Dbone%26sw%3D17%26tr%3D13570628327&dssz=21&icsg=535171&std=0&rumc=887642644702504&rume=1&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C1580x90%7C761x90%7C0x-1%7C300x250%7C1544x600%7C0x-1&msz=0x-1%7C1580x90%7C761x90%7C0x-1%7C300x250%7C1544x600%7C0x-1&ga_vid=270143210.1604157584&ga_sid=1604157584&ga_hid=1896075853&fws=2%2C0%2C0%2C2%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

0d373d9369770f1b4c0830363253b2590bb96a3bd93c475e4f008f47f4ef1633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9520
x-xss-protection: 0
google-lineitem-id: 5406840639,5407969853,5407969853,-2,5407965551,5407966307,5418436725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315358236,138316814226,138315358029,-2,138315745666,138315357729,138326082374
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
37a645bc206a4a98a513200eae007cef.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 67ms
16ms Other
text/html 2a00:1450:400c:c0c::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://37a645bc206a4a98a513200eae007cef.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 82ms
82ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

b84d0268c96f95e54b8e5080919ad0e2cb1559de05301a3599f0f6cd16de7081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10421
x-xss-protection: 0
google-lineitem-id: 5399501512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314905801
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AACE 0
0 38ms
37ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCle9bf43a2KJ2WxI4Gsm0z4AcWRlPVZXd_QTza0WqQWsCP1RGSWnmH5u4wbrnuR3uCusdmY6yTuz0H2n2vn-tpmpYnAyeOLOJvNGqOo1Hjym0qaGUKnZOfcXlShiEBYRvPasgBYzaEqXth9jlTKJSoR4xhH9ZJeKT_8agegdXDFI-0gmGIxJRlD8ivbqATVFew9Flj8YueIBWS0EhHnAhIzl5gjGZaqlYtJRzY_Jgswwo3f5TEGlQSzyWX1-5-5SEF196lw&sai=AMfl-YQ0aVmAiI2_F_8kfvUBHfz9LiXx3-8StvlsJLUMy4OXfVBo9WgQ0LKI-AfcVMSX5rZfZMSquHGez9D8gVDSW3_iUwRdI3iPYxXUV0tgb9BrwxC0npw2xIWgboPFddM&sig=Cg0ArKJSzHFvgoVNXVn3EAE&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/ Frame AACE 17 KB
8 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 01:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7216
x-xss-protection: 0
server: cafe
etag: 9928567655033844918
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Nov 2020 01:35:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame AACE 3 KB
1 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 03:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1336
x-xss-protection: 0
server: cafe
etag: 4033927919502905291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Nov 2020 03:33:57 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame AACE 74 KB
28 KB 67ms
45ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604057784510231"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28759
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame AACE 0
0 14ms
13ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaRGNGT2R2xoSMkqQVA_vFbXeJ_Y5oeHMn2tExUDJsLwmMNpgG-3jr5cufdrqHRG1kFMT_ON
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 2364309221291099109
tpc.googlesyndication.com/simgad/ Frame AACE 807 B
980 B 28ms
7ms Image
image/gif 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2364309221291099109

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:33:30 GMT
x-content-type-options: nosniff
age: 272774
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 807
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 05:45:21 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 11:33:30 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 65ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604057784510231"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27555
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7EE6 0
0 40ms
38ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEK6M_sf31aqb-eS1YgsfVJg8TlmDFJXii1gXPZT-9DWVv1H7lGSORCXp8IjWModSHe6VNaqew3jWK86qLIaiZI1Hnr_bxM0tkDmsZXj8xfNQT_nhGEodV9-I40DOznN6ptSgP6wYvm9VWBkw1Q6lVd2iEtoEytxG0AXtW9opDjmGN17eb8aLX_u_JhECyObbzWixYkXnE941lDxvN_EBD0WS1bZYxryuWG1xvjR85B5-A8YecIrpDpHMvK7TL2vbzojPsqKbRArv5KPTkzQ&sai=AMfl-YTCTu2ke4tZUeRBLhu4oAWkgD9nT7G0TBOXfBp805IqaWIEqGKpBNbjAhkJazNXS_Lm9eN_uWjKV9-nnNvNDziZjxDoECtumr5miuXgH2fm55EA7EBtQAxYgcuffEX9&sig=Cg0ArKJSzEOV9b_KpBn2EAE&urlfix=1&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3702/ Frame 7EE6 31 KB
11 KB 105ms
23ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3702/smart.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=166
Connection: keep-alive
Content-Length: 11025
X-Akamai-Path-Stats: [1:928:1072]

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EE6 74 KB
29 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604057784510231"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28759
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C4EB 0
0 38ms
37ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6TY7VfeOPe3Ujmx4kKyuieRtaBm_L2jVKokPyQ7lkErsZldGZZj46rth3cdmxe_jmt9Iu3gCpoHXnUXvcEXlvOdb4IgqnpYhtYId5r_Z15nIBVSkXNMb1sKE6dS_MzTyHxQcmdTuUQoEDW1IBuyKEZaEN_MlUuLXBEJSsy1YkQ2UO-HIFUA-XGUG1y79Bh2Zs1GBV1CA631sKDbe6lsDDw2zos4dM0uZltGQxy8SwBC21iXiR6F4gPx-a0HewANlQ2ePDiolOIHleadGQcHqx&sai=AMfl-YQWIrn-Gy1n1CxwtvlJmkBwjEWYmYSwh5pnAUK8cEJ6eai3D4N9TfRIjn3RdrOu-r4CANwycVuuv_k3nUPhepcoFaHMz5pZT_P2rpj_Qioz1htcgGWkApB2r47GvlJn&sig=Cg0ArKJSzB_59Fjl5ZxGEAE&urlfix=1&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3702/ Frame C4EB 31 KB
11 KB 100ms
31ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3702/smart.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=166
Connection: keep-alive
Content-Length: 11025
X-Akamai-Path-Stats: [1:928:1072]

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4EB 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604057784510231"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28759
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 384E 0
0 38ms
36ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBJ5tAiHq1g_u71PwiR0m4X9T96NOaKY6gJ04Ui93WFZ0w_Qe3dGf4wsCJIMJBWqK7E0saQWqUm_sE-9ylrGxK3tPf00CiJSSip1G8xcBlpnuoCK1b_rmhRY08OacHgz8KccEjPIJ-96_8BIDlkswOq09kmZCagI6wRyrrLqHuyrf5QU6-5U1Kl07P06FmA5Y0eE_FNTfv7pEvIo02B-wDgdmmt3ZyusdVkfulqfGKDlQWbJqYxrUTUkX8FArUcxGAUOqlatDDIIJjCMBKUJE&sai=AMfl-YRFnmrk7qbD9vRLV02WXRObRpfpKIvG_9LYYcwgPYTE74Vw4Jo-V2ZmPieS1IfNvf5zXW7XJbxPQmUj-BAXQI7DUL_TOSJpxBYIdFwqV9jXf2-b5QK_vaWG14v8lajt&sig=Cg0ArKJSzOqZfmoBfPfmEAE&urlfix=1&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3702/ Frame 384E 31 KB
11 KB 89ms
23ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3702/smart.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=166
Connection: keep-alive
Content-Length: 11025
X-Akamai-Path-Stats: [1:928:1072]

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 384E 74 KB
29 KB 45ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604057784510231"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28759
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FFA 0
0 38ms
37ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJQHSXGKzjT3NZMpRndIfeGJCOq8E54MS8HfyvBlP2L35_nahurzNzj2-KhI1Hf9ApfhP8OnzEhgTDs_D0p2G1lAu5gRgGvPxeSOOidQOv2GkwwKA4VjLMZdklvW_KkA2XP4FvibrVvWDe-Y2SCAVcw4UcGbmInBXba9teFXEJ87q1PF2E3fDJgdKTEJnsVe5Kkxdvc71-OJUeLGh1Z6QpwiOh2E12ut5f-hXFYaqQ0U6bWZ4hx7zY2KB3nJdXXHY8WRQktmtdXhQ1Wt_rznU&sai=AMfl-YRO0IqjTG2SEjuZpPAMUKRWirYO5ilRddo0ZQJU28Pt4pWlryWeXMP2hmPcrSNPxnJF0dDZs_rf1jQtflQhNnljL7rt8vTCsUaevtIYhAkNNInIUEYed6gIhhrGspUV&sig=Cg0ArKJSzF-S65_27o5cEAE&urlfix=1&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3702/ Frame 4FFA 31 KB
11 KB 91ms
26ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3702/smart.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 31 Oct 2020 15:19:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=166
Connection: keep-alive
Content-Length: 11025
X-Akamai-Path-Stats: [1:928:1072]

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FFA 74 KB
28 KB 77ms
65ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604057784510231"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28759
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:44 GMT

GET
DATA 200
OK truncated
/ Frame 7EE6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c247bcc42cc551e33c56e32a856342389d5c250aac31ac541a17f7684315cb13

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C4EB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1356760bc4e068ef8b9aefe79a10bf93a9daca8b16363be1b95fcb86769f0c53

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AACE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a74206e4f66bd1627a1c979283bd76b4c0418deadaf1f32d4832de88320796d6

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AACE 0
21 B 33ms
32ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPa5nVMnid_Bx_LBQHLLlwS0ZYOs1Rqv7soDLYBkQlGu7XZ6m6Ai4VIPIl65rcSGUaopfFguuXLIxUhs3EVGVjdS1dVTx5IcmZHNybEu1kQpv4UiG3jQoBcSIL1mvFn2T2YjyW8O-jC7ez8JrslewEVMy01OvndDC0C_U-jpA7SBmgaZwmc_VQCRJUSx0qXYxzQdSetTxCkgIZXw5CURzrBpmPBbXILdehdKgqSB1c-vCg-PQz1lY8aWn2vpLWQWZlZrTYwwKK&sai=AMfl-YR-4NI9dSFyWKyNmGubPf3JqBr_ok_7oLuBESFl0QhFjsjCrwp8BHGRRX6G_8UZU2WgoLqRerkEKFEAA4Qp4UDyGOxn927VDk20oas5aIBUSLK8OEjaLoiqVtIE_hg&sig=Cg0ArKJSzMjpYf322TIEEAE&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 384E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dd0e234c8b7681d981fb67b3769bf83af9ff39686e3ac076af1b3cf37c92cfd

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame AACE 52 KB
20 KB 45ms
44ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

70127a6eca58e120e0e62062bf53a1a7a5a79868c8113fba88c1f8f8553d6103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1864
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20677
x-xss-protection: 0
server: cafe
etag: 4860419231427265811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 31 Oct 2020 15:48:40 GMT

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame 7EE6 22 B
349 B 393ms
123ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=3702&siteid=358318&pgid=1257598&fmtid=92360&async=1&visit=m&tmstp=4851749356&tag=sas_92360&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fsimcast.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3702/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 57a6203d5b9412524e523bf64b90e03563827cf711954df6c241b2f03039e913

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b27%3b92
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 4FFA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61d042f3b6999f3d9014cf317fdeb2eb6b530cf8ccb152bdf8cd7d823b92ae14

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame 384E 22 B
349 B 388ms
124ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=3702&siteid=358318&pgid=1257598&fmtid=92359&async=1&visit=m&tmstp=9365355505&tag=sas_92359&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fsimcast.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3702/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: bd840982ca25d7aade402d31059e55c1732ced3f95d15023e6c3e4303f26f50d

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b16%3b72
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame 4FFA 22 B
349 B 368ms
125ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=3702&siteid=358318&pgid=1257598&fmtid=92361&async=1&visit=m&tmstp=3185045910&tag=sas_92361&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fsimcast.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3702/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 15c05b6dfd93b48d24d08f0876f5ad0ef1dd811098041a9322b85f43d815f90b

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b0%3b120
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame C4EB 22 B
349 B 365ms
122ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=3702&siteid=358318&pgid=1257598&fmtid=92360&async=1&visit=m&tmstp=8311890584&tag=sas_92360&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fsimcast.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3702/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 57a6203d5b9412524e523bf64b90e03563827cf711954df6c241b2f03039e913

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:44 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b14%3b88
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

POST
H2 204 csi
csi.gstatic.com/ Frame AACE 0
54 B 980ms
355ms Other
image/gif 2404:6800:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kgxu0a69&chm=1&c=887642644702504&ctx=2&qqid=CJCg9deQ3-wCFYVx4AodYGAAmQ&met.4=fb.3~lb.2j~ol.2q~idt.19c~dt.-2p&met.3=197.2i~123.2h_1~118.2l~117.2l~298.2n~116.2l_5~118.3h~118.3j~118.3k~118.3l_1~118.3l~118.3t~113.5d_3~112.5d_4&met.1=1.kgxu0a0v~14.1~15.1~16.1~17.1~18.1~19.1~20.2m~21.2r~22.3e~23.3e&met.7=CCIQBBgBIAQoBDAEaAVwK3iBArABAbgBAw~CBwQChgBIAUoBTAiOB1ABkgHUAdYGmAMaBxwInirPIABsDiIAeSKAbABAbgBAw~CBwQChgBIAUoBTAjOB5oHHAjeKMLgAG4CogBpxSwAQG4AQM~CCoQChgBIAYoBjBQOEo~CBsQBhgBIAYoBjAVOA8~CBcQBhgBIAYoBjAkOB1oHHAjeNQHgAGnBogBpwawAQG4AQM~CCIQBhgBIGIoYjCDATghaGNwgwF4FbABAbgBAw~CCgQChgBIIIBKIIBMLEBOC9ogwFwrwF436EBgAHFoQGIAY2jA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 384E 0
44 B 44ms
43ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd0WHj6wdSv6nLj7_cCFTMGd_5SQcIc59Y3TuzHqcWHVYU9XqedcyWzE5OUu6a-MJkrrz9XoTavOk6WzbHi4OZoyKjjwWdR5uZc0kn_tqDoisd9AR4sYpVcXy0cLBESwYz92l4aVYkm9D8iiYxvmEx8Rny65Tvh_0EUSn5ZWHRLjhRzm6a3VgmnFnrY5R3Qo3hX1__yx006RpNa2AY3md1zIpm_ZJr3RHiCI3tXBRIPFLo8xRB5P8vvey-otViDGxo1yxdO7-5XrukZCCBEecK_g&sai=AMfl-YStFYsOR0ajwokZoXwlcPuBAseThtaRNHvgFxsYXC5sIhAb93W4CceFYVjaNjcGEwQd5nEFDwIrYZ-SXpQaOhP1mEeoLBNGE0aIWGXC798ZNuhHWnU-Dp_wu2PrQ4T2&sig=Cg0ArKJSzCa3UHgplXMWEAE&urlfix=1&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7EE6 0
21 B 44ms
44ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8Q-FZQ4BId3B6gDgf423ZH9bJffMRfPIuh1f7SxfaSfBhqqnNeDYvmRNq4Niabmbdltv-A9dXpGvtCGfoAEtmv9D1XVjuM8aiA_qygv_vftI765FRX1gGMLPi1GAJIDQHgqO9XpcG2RZjDtZGDXs5HuNp_62oVwfLnfrnYKcEBeCFRGp3IUVplEJ6rY64YG7FgZwX-hOUyYcDJP4oxKccZTYwW7QUOxS-Gn86m7pG8A1iBqz_Rf-293fgouCumbMdpC0w8T95amLltfuJXb8w&sai=AMfl-YSyqG12Uus6CJRHciy-eYnNhqhUxt4RfrGw67S5KRVMX-E7RybG6AZzJHjIJtET9scXLg409WwMN8uPkFQvjYL92SaqyZxNOi_1j_OgvuT6rmC0gY5so978cLK7VBf1&sig=Cg0ArKJSzPw3N6dnf8dmEAE&urlfix=1&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 384E 52 KB
20 KB 31ms
30ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

70127a6eca58e120e0e62062bf53a1a7a5a79868c8113fba88c1f8f8553d6103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20677
x-xss-protection: 0
server: cafe
etag: 4860419231427265811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 31 Oct 2020 15:48:40 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 7EE6 52 KB
20 KB 32ms
31ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

70127a6eca58e120e0e62062bf53a1a7a5a79868c8113fba88c1f8f8553d6103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20677
x-xss-protection: 0
server: cafe
etag: 4860419231427265811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 31 Oct 2020 15:48:40 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C4EB 0
21 B 44ms
44ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCF2-MOSNn3xGePF_ZC9XzzpVpYV0HzoNI3kDK4GEtuS0Qq8uEM6OBLTrDDSOZh95SDJ1BTiRaYRnKr6K0kVouwxlHD65IJdr49JmKOLiQCmYH5Qb77980FrOWm4v-5Zu28WvOcdzC9QkBf9TSP8QVxHHwKQMLgpxPkvB4YlhsygWzB9BHKmpiNjgKY1jTTPUHtQo8dHDEwrbCAyqt8zHc5odNJKzfI2hjYT_YktKX4SFK-W_y8GHrqHsMH2wPEqLPjPtIv44Hq7iznE0uQKQbIp0&sai=AMfl-YQybXB-RrVqH8H3Z0OLvrhwFJ-fGPrLXWDmCtr5kXm1kobiqNabHZYF8MNUGIGVCK0z2cHJh8a45BBDUjiuvG0v1YaqWPYAIdOXgXj_r_PcAcUJOeQNFxTmaxG-FLWX&sig=Cg0ArKJSzIAw3IzNWtksEAE&urlfix=1&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FFA 0
21 B 43ms
43ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssu-OcE7HxV6Ckou5Rc8bOhn4EK6r6vENtEwMuTTXvVdEMj99uVlE1v0-hORj9Z4s81j8povenTVXc24AgYf4aJ31V1plhAQ9ulX1noa5XnTcBWAr7uLVndkWR_atbJ2GwMvQgq3VpsJINX13An-k1oZzFD1pwPOvadnwPzEFfr3jZ9ImRH9Wgw_PcVfZxvj1Lza821XADZ_I_NhM2F7GHFGgbkNs5n1dGGPZvTUcnyZB6s0r-YcyvwFC61hjArY3WD0hgCmFGZCYhZyi0p9Icntw&sai=AMfl-YSytJnvsi5kOZ-HtZVqt7MWI5TubDb8SXygEI6Qm89u9nTDMKmWmIbD34azCKqPzKB8Xl9AAslxNJuUfXuabmxlbsrCPcaGnooeT9QmUpm8eliiRZR9VXGBcjjwtDsj&sig=Cg0ArKJSzJ5ObpyDBJmLEAE&urlfix=1&adurl=

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame C4EB 52 KB
20 KB 31ms
31ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

70127a6eca58e120e0e62062bf53a1a7a5a79868c8113fba88c1f8f8553d6103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20677
x-xss-protection: 0
server: cafe
etag: 4860419231427265811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 31 Oct 2020 15:48:40 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4FFA 52 KB
20 KB 31ms
31ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

70127a6eca58e120e0e62062bf53a1a7a5a79868c8113fba88c1f8f8553d6103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20677
x-xss-protection: 0
server: cafe
etag: 4860419231427265811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 31 Oct 2020 15:48:40 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 384E 0
54 B 549ms
356ms Other
image/gif 2404:6800:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kgxu0ai6&chm=1&c=887642644702504&ctx=2&qqid=CNXW9deQ3-wCFRKN3godAMkEIg&met.4=fb.2~lb.2b~ol.du~idt.17y~dt.-43&met.3=197.2a~123.2a_1~118.2f~118.2o~118.2o~118.52~118.7w~118.aq~118.dk~117.ds~298.ds~116.ds_2~118.dy~118.dz~113.g6_1~112.g5_2&met.1=1.kgxu0a20~14.1~15.0~16.1~17.1~18.1~19.1~20.ds~21.du~22.2y~23.2y&met.7=CCIQBBgBIAIoAjACaAVwKXgVsAEBuAED~CBsQCiADOFw~CCoQChgBIAMoAzAyOC8~CBsQCiBpOIUD~CCIQBhgBIPIDKPIDMKEEOC9o8wNwngR4LLABAbgBAw~CCgQChgBIPkDKPkDMJoEOCFo-gNwmAR446EBgAHFoQGIAY2jA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7EE6 0
54 B 552ms
360ms Other
image/gif 2404:6800:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kgxu0ai8&chm=1&c=887642644702504&ctx=2&qqid=CNLW9deQ3-wCFRKN3godAMkEIg&met.4=fb.2~lb.1e~ol.ee~idt.18f~dt.-3m&met.3=197.15~123.13_b~118.1i~118.2w~118.2w~118.5j~118.8d~118.b8~118.e2~117.ec~298.ed~116.ec_2~118.eh~118.eh~118.ei~118.ek~113.gp~112.gp_1&met.1=1.kgxu0a1j~14.0~15.0~16.0~17.0~18.0~19.0~20.ec~21.ee~22.2i~23.2i&met.7=CCIQBBgBIAMoAzADaAVwLHifAbABAbgBAw~CBsQCiADOGw~CCoQChgBIAMoAzAbOBc~CBsQCiB1OIoD~CCIQBhgBIIYEKIYEMLMEOC1ohwRwswR4FbABAbgBAw~CCgQChgBIIsEKIsEMLIEOCdojARwqwR436EBgAHFoQGIAY2jA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C4EB 0
54 B 553ms
361ms Other
image/gif 2404:6800:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kgxu0aia&chm=1&c=887642644702504&ctx=2&qqid=CNPW9deQ3-wCFRKN3godAMkEIg&met.4=fb.3~lb.15~ol.ea~idt.183~dt.-3y&met.3=197.14~123.13_1~118.19~118.2k~118.57~118.81~118.av~118.dp~117.e8~298.e9~116.e8_1~118.ed~118.ed~118.ed~118.ei~113.gf_1~112.gf_1&met.1=1.kgxu0a1v~14.1~15.0~16.1~17.1~18.1~19.1~20.e8~21.ea~22.26~23.26&met.7=CCIQBBgBIAMoAzADaARwKXigAbABAbgBAw~CBsQCiADOGU~CCoQChgBIAQoBDAVOBE~CBsQCiB0OIQD~CCIQBhgBIIIEKIIEMLIEODBoggRwrgR4FbABAbgBAw~CCgQChgBIIcEKIcEMKsEOCRoiARwpwR436EBgAHFoQGIAY2jA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4FFA 0
352 B 546ms
354ms Other
image/gif 2404:6800:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kgxu0aic&chm=1&c=887642644702504&ctx=2&qqid=CNbW9deQ3-wCFRKN3godAMkEIg&met.4=fb.2~lb.2p~ol.e3~idt.17t~dt.-48&met.3=197.2p~123.2o_1~118.2u~118.2v~118.4y~118.7s~118.am~118.dg~117.e1~298.e2~116.e1_1~118.e4~118.e5~113.g8~112.g8_1&met.1=1.kgxu0a25~14.0~15.0~16.0~17.0~18.0~19.0~20.e1~21.e3~22.3q~23.3q&met.7=CCIQBBgBIAIoAjACaANwKXgVsAEBuAED~CBsQCiACOFw~CCoQChgBIAMoAzBYOFU~CBsQCiBpOIcD~CCIQBhgBIPsDKPsDMKkEOC5o-wNwpgR4FbABAbgBAw~CCgQChgBIIAEKIAEMKgEOClogARwnwR436EBgAHFoQGIAY2jA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 384E 42 B
776 B 36ms
14ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZAdRw9EIAQ_CS1pTn1O9iOzTFrmrZYvyQeTFPHpX2NzLy1mP9RcFh951aNLLjIlMrJTejIueDw4oggtduFtEwh73vzArlG69_ZCnLrmw&sig=Cg0ArKJSzFD7S4ntvwW6EAE&adk=2408052046&tt=-1&bs=1600%2C1200&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&p=499,1255,749,1555&mcvt=1017&rs=3&ht=0&tfs=516&tls=1533&mc=1&lte=-1&bas=0&bac=0&met=ce&avms=nio&niot_obs=415&niot_cbk=423&md=2&btr=0&cpmav=0&lm=2&rst=1604157584625&dlt&rpt=84&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C2457&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1533&is=300%2C250&iframe_loc=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dflu.cc%26s%3Dbone%26sw%3D17%26tr%3D13570628327&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201030

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7EE6 42 B
107 B 35ms
15ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubt9DtHSqqqUF8kskgYEvluFpSDPKa-dVEoKwxZxCHZjuJQ-xHJP8CVWztWuKPcSZmSW-KVNl0wYJy4_Y8DXww9Oa74QL0-ojl26VXPWs&sig=Cg0ArKJSzAKmp8RNLyJTEAE&adk=330538255&tt=-1&bs=1600%2C1200&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&p=110,436,200,1164&mcvt=1015&rs=0&ht=0&tfs=581&tls=1596&mc=1&lte=-1&bas=0&bac=0&met=ce&avms=nio&niot_obs=480&niot_cbk=485&md=2&btr=0&cpmav=0&lm=2&rst=1604157584603&dlt&rpt=514&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C2457&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-12-11-11-0-0-0&tvt=1585&is=728%2C90&iframe_loc=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dflu.cc%26s%3Dbone%26sw%3D17%26tr%3D13570628327&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201030

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C4EB 42 B
107 B 34ms
15ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQMaDqjGeM9wyLd4aTtyRlZgjoYGqRE62UJ1tcznGxD90QxsCY5XLr_vUqzUgtbTpqnCRIyMS30e5Gl1rEzduR6mVLkZ27Kb6EA96SFHo&sig=Cg0ArKJSzOwOFQArVRFmEAE&adk=2731548126&tt=-1&bs=1600%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=262,37,352,765&mcvt=1010&rs=0&ht=0&tfs=575&tls=1585&mc=1&lte=-1&bas=0&bac=0&met=ce&avms=nio&niot_obs=474&niot_cbk=482&md=2&btr=0&cpmav=0&lm=2&rst=1604157584624&dlt&rpt=501&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C2457&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1585&is=728%2C90&iframe_loc=http%3A%2F%2Fsimcast.com%2F%3Fd%3Dflu.cc%26s%3Dbone%26sw%3D17%26tr%3D13570628327&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201030

Requested by

Host: simcast.com
URL: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 50ms
32ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e7a6647d9796d1b073759b5e9384eeb6f82c6a4875bcfa422b74e07be61cb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Oct 2020 15:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6325
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
415 B 19ms
14ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=simcast.com&doc=complete&pg_h=2457&pg_w=1600&pg_hs=2457&c=5&aa_c=0&av_h=209.600&av_w=1157.025&av_a=248180.250&s=176&all_s=176&b=8&all_b=8&d=0.427&all_d=0.427&ard=0.316&all_ard=0.316&dt=d

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Oct 2020 15:19:48 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 15:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 31 Oct 2020 15:19:48 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 2703 0
0 37ms
22ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Sat, 31 Oct 2020 14:15:01 GMT
expires: Sun, 31 Oct 2021 14:15:01 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3887
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 17ms
16ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102601&jk=887642644702504&bg=!kJOlk7PNAAVJFlVVSVgaIq9yWHmOOAIAAABaUgAAAA1oAQcKALZxYNBg7KG5hm4M-FgVSpbVMUokmDqAtHu3wWJdRsXQsP7nNz9AUtltaE354AAOFXa-g4lglN4hEwQwb4PrN7LKdHhvyvZwbX5cQqMwitxksepu78uxreEgvgRFWqi0mTaUrrzmSLMuKA4NYCryzsJ8fV76uqh3NaYWVfsjETB28NMjRHaFU5jVawURBpXox1tO49Ov-6GVO9-hgKcwxi1HUC964OVdbYxAANoqk9ktX598GY71x5kBo7EakMy9Ic_ZL1LyXKdU9WanbIWUqoFDt1vknwiI5KET0T4azvfwBbn0gOgLofCnJ4juILflQA6H_WnPYSJ8FXoRIcBjo_Aa7pmZmBMR-GT-qPBovH6-r0V10kCEWVOsrp3aJ5FH8qbZW9DpwaEsoICoRxaSFasAnmyJrF1d-PLv9RTa0DfhuJnb3hH62iu0Mmc2J0arfo0ug518wbWPy24Ij6I0eMUYvdvltg19NF4CRxt4XvnIFG7G1EuNpmYrfaZ9nu4XjxPMOMy1T8dlFeU7-DIh2MODPOvtbzeMP4j_KCaeNe5KxhR6_tko4a6_D20WB4CxGBk1Cm1zAyaNO97VxYyWgGP22vwEBfYyPc5hykPO5b6EOwGK_YsLLDUg10DHF5Ne7yzwSKOOo_P0jG0Z8u27fKEYCyROXt71_xpcdmIThuXjtB70JNOKxRBrO8hb5u96b3BvoUr9x1bg5DPT6Ob9W4TUE1laX0etn1wb676Wi22yjilKirHBq1xjr159-cQT3fvy7m3mch8yOlARsXiMwSb5-4j8eDu1tiHcPMPd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 369ms
368ms Other
image/gif 2404:6800:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kgxu09yw&c=887642644702504&e=21068116%2C21068419%2C21068031%2C21066613%2C21066615&ctx=1&met.9=1.2kt~2.2ov~3_1.2q1~3_8.2q3~7_1.-1~7_2.-1~7_3.-1~7_4.-1~7_5.-1~7_6.-1~7_7.-1~7_8.-1~4_8.2sg~5_8.2sn~4_1.2t8~5_2.2tb~5_4.2tj~5_3.2to~5_5.2tt~5_6.2tx~6_8.2vf~6_5.37o~6_2.37r~6_3.37y~6_6.381&met.3=90.2oy~88.2oy~88.2oy~89.2oy~90.2oy~88.2oy~88.2oy~89.2p0~74.2p0_2~44.2p1~43.2p2_1~74.2p3~44.2p3~43.2p3~74.2p4~44.2p4~43.2p4~74.2p4~44.2p4~43.2p4~74.2p4~43.2p4~74.2p5~43.2p5~74.2p5~43.2p5~6.2p5~1.2p5~91.2p6_1~451.2pb~95.2p6_8~95.2pf~95.2pf~95.2pf~74.2pf~43.2pf~91.2pf~451.2pg~95.2pf_1~77.2oy_j~297.2ph~724.2pi~724.2pi_1~724.2pj~724.2pj~724.2pj~724.2pj~724.2pk~750.2pk_1~724.2pl~750.2pl~643.2q2~643.2q2~643.2q2~643.2q2~643.2q2~643.2q2~643.2q2~643.2q3~768.2q3~705.2q3~764.2q3~768.2q3~705.2q3~764.2q3~768.2q3~705.2q3~764.2q3~768.2q3~705.2q3~764.2q4~768.2q4~705.2q4~764.2q4~768.2q4~705.2q4~764.2q4~768.2q4~705.2q4~764.2q4~768.2q4~764.2q4~705.2q4~751.2q4~751.2q4~112.2qp_1~646.2sg_5~769.2sl~773.2sl~709.2sl~770.2sv~767.2sv~771.2sw~765.2sw~708.2sw~647.2t2~646.2t8_1~646.2t9_1~769.2ta~709.2ta~773.2tb~769.2tb~709.2tb~773.2tb~770.2tg~767.2tg~771.2tg~708.2tg~765.2tg~646.2th_1~646.2ti~646.2tj_1~646.2tk_1~646.2tl_1~769.2tl~709.2tl~773.2tl~769.2tl~709.2tl~773.2tl~770.2tl~767.2tm~771.2tm~708.2tm~765.2tm~769.2tm~709.2tm~773.2tm~769.2tm~709.2tm~773.2tm~769.2tm~709.2tm~773.2tm~770.2u1~767.2u1~771.2u1~708.2u1~765.2u1~770.2u1~767.2u1~771.2u1~708.2u1~765.2u1~770.2u1~767.2u1~771.2u1~708.2u1~765.2u1~647.2u2~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uu~680.2uw~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2ux~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2v9~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~680.2va~774.2vf~710.2vf~680.2vf~298.2vu~298.2vv~298.2vy~298.2vy~298.2vz~713.2w0~155.2vi_j~713.2wf~132.2we_1~132.2wf~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~680.2wg~132.2wg~132.2wg~713.2wo~132.2wo_1~132.2wq~713.2yt~143.2ys_2~714.2yv~716.2yv~143.31n_2~129.32z~143.34h_2~143.37b_2~774.37o~710.37o~680.37o~130.37o~774.37r~710.37r~680.37r~713.37r~130.37r~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~680.37v~132.37v~132.37v~680.37v~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~680.37w~132.37w~132.37w~774.37y~710.37y~680.37y~713.37z~130.37y~774.381~710.381~680.381~130.381~680.384~680.384~680.384~680.384~680.384~680.384~680.384~680.384~680.384~680.384~680.384~680.384~680.385~680.385~680.385~132.385~132.385~680.386~680.386~680.386~680.386~680.386~680.386~680.386~680.386~680.386~680.386~680.386~680.386~680.386~680.386~680.386~132.386~132.386~129.39y~713.3a7~713.3a7~143.3a7_1~714.3a8~714.3a8~716.3a8~716.3a8~143.3d0_2~143.3fv_2~129.3gw~143.3ip_1~143.3lj_3~129.3nu~143.3od_2~713.3r9~143.3r8_3~714.3rb~715.3rb~766.3rb~143.3u3_3~129.3ut~143.3wx_2~143.3zr_2~129.41r~713.42m~713.42m~143.42l_2~714.42n~714.42n~715.42n~766.42o~715.42o~766.42o~143.45f_1~143.489_1~129.48p~143.4b2_2~143.4dw_2~129.4fn~143.4gq_1~143.4jk_2~143.4me_2~129.4mm~143.4p8_2~143.4s2_1~129.4tk~143.4uv_2~143.4xp_2~129.50i~143.50j_2~143.53d_2~143.566_2~129.57g~143.590_2~143.5bu_2~129.5ee~143.5eo_1~143.5hi_2~143.5kc_2~129.5ld~143.5n6_1~143.5pz_3~94.5qu~130.5qv~130.5qv~130.5qv~130.5qv~154.5qv~573.5r0~598.5r0~598.5r0~598.5r1~598.5r1~598.5r1~598.5r1~598.5r1~598.5r1~113.5qx_4~129.5sd~143.5su_2~153.5tn~143.5vo_2~143.5yi_2~129.5zc~143.61c_2~143.646_2~143.671_1~143.69v_2~143.6cp_1~143.6fi_1~143.6ic_2~143.6l6_2&met.10=1_5.INMbEPjJBAj4yQQYgJh1KAE~1_2.INMbEPjWCAj41ggYgJh1KAE~1_8.INMbEAAIwAwYgJh1KAA~1_3.INMbEIqXBAiKlwQYgJh1KAE~1_6.INMbEAAIwMU4GICYdSgA&met.1=1.kgxu0787~6.n7~7.n8~8.nd~9.nd~10.nq~12.nq~13.1cq~14.1cr~15.1ct~16.2n4~17.2n4~18.2n4~19.5qt~20.5qt~21.5qv~22.2kl~23.2kl&met.7=CBsQCiDhDTj-C8ABpZri7QQ~CBsQByDhDTjsAcABz5j5yQI~CBsQByDhDTjoAcABitPElAQ~CBsQCiDhDTi_B8AB0d74gg0~CDsQChgBIOENKOENMIcWOKYIQKIVSKMVUKMVWNcVYLAVaNcVcPcVeJKPAYAB6YsBiAHNpgOwAQG4AQPAAeLN6pYJ~CBsQCiDhDTivA8AB8Y7PyAs~CBsQBiDiDTiaCsABvfakhA4~CBsQCiDiDTi8A8AB9pn5ygY~CBsQByDiDTjIA8AB4Mfh-wI~CBsQByDiDTi0BcAB96_Hugg~CBsQCiDiDTifB8AB5uuO0gQ~CA4QChgBII4aKI4aMJUbOIcBQI8aSI8aUI8aWOYaYI8aaKwacOgaeJ-CBoABpf8FiAHHhhGwAQG4AQPAAcesw9sI~CBsQAiCSGjjDA8ABh5rFlQ8~CBsQBSDFGjiaAcABttrwlgQ~CBsQBiDHGjibA8ABs4zu1gE~CBsQBiDHGjhEwAGzjO7WAQ~CBsQDSDkGjj7AcABkM29_go~CBsQBiDsGjhVwAGzjO7WAQ~CBsQBiDsGjgtwAGzjO7WAQ~CBsQBiDsGjhJwAGzjO7WAQ~CBsQBiDtGjg2wAGzjO7WAQ~CBsQBiDtGjgswAGzjO7WAQ~CC8QBxgBILAbKLAbMNUbOCRAsRtIshtQshtYxRtgtxtoxhtw1Bt4wAaAAWiIAW2wAQG4AQPAAfKtqq0C~CC8QBxgBILEbKLEbMNYbOCVAsRtIshtQshtYxRtgtxtoxRtw1Rt4wAaAAWiIAW2wAQG4AQPAAZv_iccH~CCgQChgBILUbKLUbMNwbOCZothtw2ht46aMBgAHFoQGIAY2jA7ABAbgBA8ABm-H6cA~CA8QDRgBIMkbKMkbMLwcOHNoyhtwuhx410uAAbBKiAG52QKwAQG4AQPAAb_emusG~CBsQBxgBIMsbKMsbMMsbwAGdgvLMCw~CA8QDRgBIMsbKMsbMJ8cOFRozBtwnhx4gVSAAbVRiAHCzQGwAQG4AQPAAb_emusG~CBsQBiDPGzgVwAGOs-HHDw~CBsQBiDPGzgHwAGOs-HHDw~CBsQBiDPGzgNwAGOs-HHDw~CBsQBiDPGzgPwAGOs-HHDw~CBsQBiDPGzgMwAGOs-HHDw~CBsQBiDQGziTBMABjrPhxw8~CBsQBiDQGzgSwAGOs-HHDw~CCoQChgBILYcKLYcMPwcOEfAAab7gJMH~CBsQBiC4NjgHwAGBgLbjDA~CBsQBiC5NjgHwAGBgLbjDA~CBsQBiC7NjgTwAGBgLbjDA~CBsQBiC7NjgPwAGBgLbjDA~CBsQBiC8NjgzwAGBgLbjDA~CBsQBiC8NjgswAGBgLbjDA~CBsQBiC9NjgZwAGBgLbjDA~CBsQBiC9NjgJwAGBgLbjDA~CBsQBiC3NzgTwAGBgLbjDA~CBsQBiC4NzgKwAGBgLbjDA~CBsQBiDZNzgTwAGBgLbjDA~CBsQBiDZNzgRwAGBgLbjDA~CBsQBiD2OTgSwAG2qoC_Ag~CBsQBiD2OTgewAG2qoC_Ag~CBsQBiD3OTgGwAG2qoC_Ag~CBsQBiD3OTgHwAG2qoC_Ag~CBsQBiD6OTgTwAG2qoC_Ag~CBsQCDiXOsABmf6u_AU&qqid.8=CJCg9deQ3-wCFYVx4AodYGAAmQ&qqid.1=CNHW9deQ3-wCFRKN3godAMkEIg&qqid.2=CNLW9deQ3-wCFRKN3godAMkEIg&qqid.3=CNPW9deQ3-wCFRKN3godAMkEIg&qqid.4=CNTW9deQ3-wCFRKN3godAMkEIg&qqid.5=CNXW9deQ3-wCFRKN3godAMkEIg&qqid.6=CNbW9deQ3-wCFRKN3godAMkEIg&qqid.7=CNfW9deQ3-wCFRKN3godAMkEIg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://simcast.com/?d=flu.cc&s=bone&sw=17&tr=13570628327
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 31 Oct 2020 15:19:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37a645bc206a4a98a513200eae007cef.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
cadet.parklogic.com
cdn.onesignal.com
cdnjs.cloudflare.com
ced.sascdn.com
code.jquery.com
csi.gstatic.com
img-s-msn-com.akamaized.net
img.smartsearch.me
img1.smartsearch.me
img2.smartsearch.me
img4.smartsearch.me
pagead2.googlesyndication.com
prg8.smartadserver.com
securepubads.g.doubleclick.net
simcast.com
tpc.googlesyndication.com
update-verify-information-myaccounts.flu.cc
www.google.com
www.googletagservices.com
www.youtube.com
172.217.21.226
194.146.24.56
199.187.193.140
2.16.186.105
2001:4de0:ac19::1:b:2b
212.115.109.66
2404:6800:4001:80f::2003
2600:3c02::f03c:91ff:fee2:5b0f
2606:4700::6810:135e
2606:4700::6812:e234
2a00:1450:4001:809::2002
2a00:1450:4001:814::2001
2a00:1450:4001:819::2002
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2004
2a00:1450:400c:c0c::84
2a02:26f0:6c00::210:ba1a
45.79.244.12
72.52.179.174
74.208.47.230
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01c55db052bc27ef8d7f791fe564fba8d3fdcd3ba046d3f8806191016ea9e98e
0371766ff279e61ad4c78e3973d31a203cbc15c53a9a52eb224b129a439545ed
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
0d373d9369770f1b4c0830363253b2590bb96a3bd93c475e4f008f47f4ef1633
113c9d39f93868c3e6b94c55c1aab1d891c2684bb04076bde65d073f910fd561
133924998fda2e60ca2693518f1cc9a47211e5e7bd05c2adf0696a5230b3e775
1356760bc4e068ef8b9aefe79a10bf93a9daca8b16363be1b95fcb86769f0c53
14b3e09a64ae10ec72ebed79348f66a201c0fc98d069aa1405e7b92e413e4b70
15c05b6dfd93b48d24d08f0876f5ad0ef1dd811098041a9322b85f43d815f90b
1aae491aa4439bdc25e52186532e840244aa22fab3355c973124157b18cea6ee
27225f967ce383ead0dc66a294a1eee76fd0208b1b85569cd01fd8c6b5a77632
2cd26443b286d0a94d6df05d2c68b0d662ace3cc1cec00a96118a24c8c312393
31f83567154cc1bbb0a549f465b658b1cc9b71d73c1334fcdfb1df422c492935
394e402b29ce9c667899cfecd61ea13b8c5def16a2e97a1bdd41fc9ca4bfa4e5
3dc07588699fb0adc2702b0e8734bfabdbe45c1838e4fb2884511264bb9ef0a0
4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb
4f27c2274f3172315349e405e68dbc5ee6f349c3ef1c7c2ea0d049f1bfc29719
52ec6239c576b0832def041974f0d5371c41aad68c2915ca7b7e59f23c1b9389
57a6203d5b9412524e523bf64b90e03563827cf711954df6c241b2f03039e913
5ce057490b0bf6b6af30c955ec6b7f43c964705b57f9ce459ab5cf822cafff53
5f8175a6c175ca41e79bf587d073a9051d6215016f7bc842aadf5a5dd43aecc6
61d042f3b6999f3d9014cf317fdeb2eb6b530cf8ccb152bdf8cd7d823b92ae14
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6e7a6647d9796d1b073759b5e9384eeb6f82c6a4875bcfa422b74e07be61cb14
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
70127a6eca58e120e0e62062bf53a1a7a5a79868c8113fba88c1f8f8553d6103
7a1849ddeaab7ba08ed6085ef47e5275b7cff23f3ece61085077081be682a8f6
86a623120fa6c233821718f6871c45bc12fd8caaa5e392597469ed5c6c4231dc
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8a815f089014f9e7a48e07d3f3ad0e71afa8282a293d99d03531585e563c941e
8cdb1c94d3ccde3688f34116fa95dc6e175d5e812fd33e964e133e286cf8f086
8d30323f26a132246277a3ba8bb0724be80b120b677af9cb32554e2840365387
8dd0e234c8b7681d981fb67b3769bf83af9ff39686e3ac076af1b3cf37c92cfd
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
9e989058c78e85335a0078ee042cf4bc6e4f294ae11d098a40e73d7ff5d1b748
a74206e4f66bd1627a1c979283bd76b4c0418deadaf1f32d4832de88320796d6
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
ae1cab7ee819dfece6b5ad47924febc18773129f68aa517769481bc491a283d5
b1c37c5f84d6e45109056204955c6363f49497e69be92445f391ef05e8a6fd74
b2933c9fe632c27eb256332bf2850bd65ba7cf55aa6d33c15b44b3b46a37ecec
b84d0268c96f95e54b8e5080919ad0e2cb1559de05301a3599f0f6cd16de7081
bd840982ca25d7aade402d31059e55c1732ced3f95d15023e6c3e4303f26f50d
c247bcc42cc551e33c56e32a856342389d5c250aac31ac541a17f7684315cb13
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cfcb8f3e5ad0255577d4f8e269cd39f20fde024f8b70a15c15815828b3d18ff1
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
d44c6b7335c9001ec5a645f009c4735c242af1339505745c8d4aafa1568aa6a9
d6b84db9f0b802a8484ddaa5a51cff1e1bc138d87e8abbb0063b0c35bd48d46e
d88622cd4fa719ecee333a3fa40c0cd19a2a6968711a5de97808628015c1dac1
e20d84b77b00cb0ade09ad893484081e0c4dd06fed5bfe0ad15604bb91eb442b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40bb7b96fc6058772e1f2b97b452ee1bbee84373a1ac5fc22239a6169294a95
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051
fff485776916e769bbc5ed611e1ea8ce4e56d6bc25e65ec878fee9f83a4255b6

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

90 %HTTPS

60 %IPv6

17 Domains

23 Subdomains

17 IPs

9 Countries

3348 kBTransfer

4305 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

90 %
HTTPS

60 %
IPv6

17
Domains

23
Subdomains

17
IPs

9
Countries

3348 kB
Transfer

4305 kB
Size

0
Cookies

100 HTTP transactions
5 data transactions