Submitted URL: https://storage.googleapis.com/0------------------------0/khalidi1.html#/t/5rheexa86/rb8e23799x537x84579x49557072x5569873x32027...
Effective URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Submission: On October 04 via api from BE — Scanned from DE

Summary

This website contacted 27 IPs in 4 countries across 27 domains to perform 87 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 21st 2021. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.185.176 15169 (GOOGLE)
1 1 212.81.59.141 57050 (DREAMSERV...)
1 205.251.155.59 11042 (NTHL)
2 104.21.70.104 13335 (CLOUDFLAR...)
1 172.67.198.87 13335 (CLOUDFLAR...)
1 172.67.137.121 13335 (CLOUDFLAR...)
1 18.156.93.177 16509 (AMAZON-02)
1 18.158.88.249 16509 (AMAZON-02)
1 1 69.16.230.42 32244 (LIQUIDWEB)
8 45.79.244.12 63949 (LINODE-AP...)
1 69.16.175.10 33438 (HIGHWINDS2)
3 104.18.225.52 13335 (CLOUDFLAR...)
1 45.79.200.29 63949 (LINODE-AP...)
2 104.16.19.94 13335 (CLOUDFLAR...)
30 2.16.186.9 20940 (AKAMAI-ASN1)
1 104.111.215.107 16625 (AKAMAI-AS)
6 216.58.212.162 15169 (GOOGLE)
1 142.250.181.232 15169 (GOOGLE)
2 142.250.74.78 15169 (GOOGLE)
6 172.217.16.130 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 142.250.186.170 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 198.199.108.22 14061 (DIGITALOC...)
2 216.58.212.161 15169 (GOOGLE)
1 142.250.185.196 15169 (GOOGLE)
2 104.111.252.77 16625 (AKAMAI-AS)
2 13.107.22.200 8068 (MICROSOFT...)
87 27
Domain Requested by
30 img-s-msn-com.akamaized.net simcast.com
8 simcast.com frookshop-winsive.com
simcast.com
code.jquery.com
6 securepubads.g.doubleclick.net simcast.com
securepubads.g.doubleclick.net
storage.googleapis.com
www.googletagservices.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
2 www.bing.com h6.msn.com
2 h6.msn.com storage.googleapis.com
h6.msn.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 cdnjs.cloudflare.com simcast.com
2 cdn.onesignal.com simcast.com
cdn.onesignal.com
2 www.google-analytics.com 99deals.link
www.googletagmanager.com
www.google-analytics.com
2 tulac.ngunsen.com moonrightplace.com
tulac.ngunsen.com
1 www.google.com tpc.googlesyndication.com
1 api.airfind.com ajax.googleapis.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 onesignal.com cdn.onesignal.com
1 www.googletagmanager.com simcast.com
1 img.s-msn.com simcast.com
1 parking2.parklogic.com simcast.com
1 code.jquery.com simcast.com
1 x5fa.soundsecureredir.com
1 frookshop-winsive.com riceedsrobile.com
1 riceedsrobile.com 99deals.link
1 99deals.link tulac.ngunsen.com
1 cdn.addlnk.com tulac.ngunsen.com
1 moonrightplace.com storage.googleapis.com
1 resis.co.uk 1 redirects
1 storage.googleapis.com
0 browser.pipe.aria.microsoft.com Failed h6.msn.com
0 8a6588464b9fa9a8ba03847664936da0.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
87 32

This site contains links to these domains. Also see Links.

Domain
www.bing.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
moonrightplace.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-26 -
2022-05-26
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-16 -
2022-07-15
a year crt.sh
*.99deals.link
R3
2021-09-17 -
2021-12-16
3 months crt.sh
riceedsrobile.com
R3
2021-09-01 -
2021-11-30
3 months crt.sh
frookshop-winsive.com
R3
2021-08-12 -
2021-11-10
3 months crt.sh
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA
2021-04-21 -
2022-05-22
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
repelis.com
R3
2021-09-22 -
2021-12-21
3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA
2021-07-15 -
2022-07-20
a year crt.sh
*.img.s-msn.com
Microsoft RSA TLS CA 01
2021-09-23 -
2022-09-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.google.de
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
api.airfind.com
R3
2021-08-27 -
2021-11-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
www.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.msn.com
Microsoft RSA TLS CA 01
2021-09-23 -
2022-09-23
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-09-30 -
2022-03-30
6 months crt.sh

This page contains 4 frames:

Primary Page: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Frame ID: A27B8379C1ECB7CEC8664DD56AA61CC1
Requests: 83 HTTP requests in this frame

Frame: https://8a6588464b9fa9a8ba03847664936da0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AAB39E140B4AAFBC854803A7D9F3313B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2BF4EAE88720EC060AF1A1E5B17270BE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9616633D8D78526991B652859424A577
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

JS Bin

Page URL History Show full URLs

  1. https://storage.googleapis.com/0------------------------0/khalidi1.html Page URL
  2. http://resis.co.uk/t/5rheexa86/rb8e23799x537x84579x49557072x5569873x3202737168x4966128 HTTP 302
    https://moonrightplace.com/1764639979759aaf800/428_9973_97548_735/8216694_3789655/38968685 Page URL
  3. https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1193629180&pubid=690414 Page URL
  4. https://99deals.link/redirect/action/1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi?tsid=da632b14&uc=pub0109... Page URL
  5. https://riceedsrobile.com/98f377bf-532b-48b2-abcf-73f29991e351?c2=1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi:... Page URL
  6. https://frookshop-winsive.com/redirect?target=BASE64aHR0cDovL3g1ZmEuc291bmRzZWN1cmVyZWRpci5jb20vP3MxPXdtbj... Page URL
  7. http://x5fa.soundsecureredir.com/?s1=wmn77ohtoag7ipua26q6ooaa HTTP 302
    https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

87
Requests

91 %
HTTPS

0 %
IPv6

27
Domains

32
Subdomains

27
IPs

4
Countries

904 kB
Transfer

1874 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/0------------------------0/khalidi1.html Page URL
  2. http://resis.co.uk/t/5rheexa86/rb8e23799x537x84579x49557072x5569873x3202737168x4966128 HTTP 302
    https://moonrightplace.com/1764639979759aaf800/428_9973_97548_735/8216694_3789655/38968685 Page URL
  3. https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1193629180&pubid=690414 Page URL
  4. https://99deals.link/redirect/action/1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi?tsid=da632b14&uc=pub0109d810dbb74713b07cb7f83b150d4d Page URL
  5. https://riceedsrobile.com/98f377bf-532b-48b2-abcf-73f29991e351?c2=1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi::da632b14&c1=20100421_2e_0_28c2_6b644e_7ec_80_615ac5bc_d883724e_0_0_0_64_64_0_2_2_0_0 Page URL
  6. https://frookshop-winsive.com/redirect?target=BASE64aHR0cDovL3g1ZmEuc291bmRzZWN1cmVyZWRpci5jb20vP3MxPXdtbjc3b2h0b2FnN2lwdWEyNnE2b29hYQ&ts=1633338812746&hash=ZqcBa4M5V4S0e9GELPVTpswqhrg7zoGpqyQzgkm7cc8&rm=DJ Page URL
  7. http://x5fa.soundsecureredir.com/?s1=wmn77ohtoag7ipua26q6ooaa HTTP 302
    https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://resis.co.uk/t/5rheexa86/rb8e23799x537x84579x49557072x5569873x3202737168x4966128 HTTP 302
  • https://moonrightplace.com/1764639979759aaf800/428_9973_97548_735/8216694_3789655/38968685

87 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
khalidi1.html
storage.googleapis.com/0------------------------0/
231 B
833 B
Document
General
Full URL
https://storage.googleapis.com/0------------------------0/khalidi1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.176 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f16.1e100.net
Software
UploadServer /
Resource Hash

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/0------------------------0/khalidi1.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdsDyOlB6x6c42f1JszaEUFcAnf8QDEqFYO7qoIWLmUEkjgCDq-XsItbVuBYyHcAjRnOQhOibnEXsFc8S6oQYaj-G3qVyQ
expires
Mon, 04 Oct 2021 09:15:50 GMT
date
Mon, 04 Oct 2021 08:15:50 GMT
last-modified
Fri, 01 Oct 2021 13:24:23 GMT
etag
"3cb02eec462680dbecaab90498c3582b"
x-goog-generation
1633094663428081
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
231
content-type
text/html
x-goog-hash
crc32c=T1+U5A== md5=PLAu7EYmgNvsqrkEmMNYKw==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
231
server
UploadServer
age
3461
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set 38968685
moonrightplace.com/1764639979759aaf800/428_9973_97548_735/8216694_3789655/
Redirect Chain
  • http://resis.co.uk/t/5rheexa86/rb8e23799x537x84579x49557072x5569873x3202737168x4966128
  • https://moonrightplace.com/1764639979759aaf800/428_9973_97548_735/8216694_3789655/38968685
135 B
448 B
Document
General
Full URL
https://moonrightplace.com/1764639979759aaf800/428_9973_97548_735/8216694_3789655/38968685
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/0------------------------0/khalidi1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.251.155.59 , United States, ASN11042 (NTHL, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
moonrightplace.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/0------------------------0/khalidi1.html#/t/5rheexa86/rb8e23799x537x84579x49557072x5569873x3202737168x4966128

Response headers

Date
Mon, 04 Oct 2021 09:13:31 GMT
Server
Apache
Set-Cookie
uid15295=1193629180-20211004051332-4bd33b8c219cf4ca852cc442d981e88f-; domain=; expires=Wed, 03-Nov-2021 09:13:32 GMT; path=/; SameSite=None; Secure
Content-Length
135
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 04 Oct 2021 09:13:31 GMT
Server
Apache/2.4.37 (centos)
X-Powered-By
PHP/7.2.24
Location
https://moonrightplace.com/1764639979759aaf800/428_9973_97548_735/8216694_3789655/38968685
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
9e8aef8068
tulac.ngunsen.com/rc/
2 KB
2 KB
Document
General
Full URL
https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1193629180&pubid=690414
Requested by
Host: moonrightplace.com
URL: https://moonrightplace.com/1764639979759aaf800/428_9973_97548_735/8216694_3789655/38968685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d538bfa02165a4f78539fadd60a2beb5baed3a8b5229f751fe0386273c4ec90d

Request headers

:method
GET
:authority
tulac.ngunsen.com
:scheme
https
:path
/rc/9e8aef8068?affclick=1193629180&pubid=690414
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://moonrightplace.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moonrightplace.com/

Response headers

date
Mon, 04 Oct 2021 09:13:32 GMT
content-type
text/html; charset=utf-8
set-cookie
AWSALB=2ALDTU7mZxYpr9USMqc6zl/UJ9zPqr79LoxguXltOXexWoecwaIHV4YjQVyeNYmFw1QMkXBP7mLLbqvJ4hzrWg2ma87v5DWnqB22pGIw3BRCcBbrB0tJ+uAMPE1O; Expires=Mon, 11 Oct 2021 09:13:32 GMT; Path=/ AWSALBCORS=2ALDTU7mZxYpr9USMqc6zl/UJ9zPqr79LoxguXltOXexWoecwaIHV4YjQVyeNYmFw1QMkXBP7mLLbqvJ4hzrWg2ma87v5DWnqB22pGIw3BRCcBbrB0tJ+uAMPE1O; Expires=Mon, 11 Oct 2021 09:13:32 GMT; Path=/; SameSite=None
vary
Accept-Encoding, Accept-Language, Cookie
content-language
en-us
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zZRlZu7uP1aKROutWE%2BhRRSA9XBYNxnhY45bo56EPvePBv9Sq444XrW4w0tPWimBmiBNafcwgRxYd0fezTbxwns56EI%2FffGQQEFLf8LxvGRnghcVl7EhfZ%2B3o9f2KmOyU7XCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
698d4b7899164107-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
redirect.css
cdn.addlnk.com/
1 KB
1 KB
Stylesheet
General
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tulac.ngunsen.com
URL: https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1193629180&pubid=690414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3734
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
C0MZEK71BT52TXHH
x-amz-id-2
1ZQlYnIN8qU1AmdHCjNRCnkY7zBcUSoI2NRLOwDwAsWkzfaStpTAX0Wxzi1E95xaQ5dVOfolJqA=
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2aVXIUjo3dS57Gp6gTLNfHXIXi2FyfnKBR7S07XH9okSsz9jdVO4g%2BpDfImya5zGzbg2ritWtYlKtSVTX7qgRrHVU%2BAV4TNboBGPMAVDW29z%2BupCBX5e6LH3xwIfbG62Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
698d4b79cded27bc-PRG
cf-bgj
minify
invisible.js
tulac.ngunsen.com/cdn-cgi/challenge-platform/h/g/scripts/
48 KB
17 KB
Script
General
Full URL
https://tulac.ngunsen.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: tulac.ngunsen.com
URL: https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1193629180&pubid=690414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc08d9f7bc89a276f2a61df84a73ac836ff3c69a6f3872c1c8052586c2cbbdf3

Request headers

:path
/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tulac.ngunsen.com
cookie
AWSALB=2ALDTU7mZxYpr9USMqc6zl/UJ9zPqr79LoxguXltOXexWoecwaIHV4YjQVyeNYmFw1QMkXBP7mLLbqvJ4hzrWg2ma87v5DWnqB22pGIw3BRCcBbrB0tJ+uAMPE1O
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:32 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNcngty%2BmdbkEY6%2BY5eH0tARUivef04a2sJqV9%2Bg9r9ihK6oxuUNrI4Aer0wu6CjHpThVdlCzVGdX4d7lHeJyW4Cl6odyBNF%2FaZnnw%2BK%2F77eyi56LeGX6pgQdtbEJp%2FJNsllaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
698d4b7979a34107-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi
99deals.link/redirect/action/
1 KB
2 KB
Document
General
Full URL
https://99deals.link/redirect/action/1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi?tsid=da632b14&uc=pub0109d810dbb74713b07cb7f83b150d4d
Requested by
Host: tulac.ngunsen.com
URL: https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1193629180&pubid=690414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c69cd05f6ab70bfd606edd03f54b9422dffa7978d8894100c05aae76a0d3503

Request headers

:method
GET
:authority
99deals.link
:scheme
https
:path
/redirect/action/1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi?tsid=da632b14&uc=pub0109d810dbb74713b07cb7f83b150d4d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 04 Oct 2021 09:13:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
msv-28c2-2dba6-0-50-0-0=3632493134; expires=Tue, 05-Oct-2021 09:13:32 GMT; Max-Age=86400 click-2d6-6b644e=20100421_2e_0_28c2_6b644e_7ec_80_615ac5bc_d883724e_0_0_0_64_64_0_2_2_0_0; expires=Sat, 02-Apr-2022 09:13:32 GMT; Max-Age=15552000; path=/conversion
charset
UTF-8
content-encoding
UTF-8
p3p
CP="NOI CURa ADMa PSA OUR NOR OTC"
pragma
no-cache
cache-control
no-cache no-cache, must-revalidate, max-age=0
x-robots-tag
noindex, nofollow, nocache, noarchive
googlebot
noindex, nofollow, nocache, noarchive
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUUQp8SO0gV9P1WWtmcJWheJeN3wZB4ofmhMEqL95ZtQNWc1HQZAaLttsng3nwMm7l6IdqV%2Bfgo9QGIHdxuy3kzQG1gmJ6jlUpuijBSDK6V%2FLxhZzbJ63%2BdtT1zmG2I%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
698d4b7ab86c2bca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/
0
0

Cookie set 98f377bf-532b-48b2-abcf-73f29991e351
riceedsrobile.com/
712 B
1 KB
Document
General
Full URL
https://riceedsrobile.com/98f377bf-532b-48b2-abcf-73f29991e351?c2=1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi::da632b14&c1=20100421_2e_0_28c2_6b644e_7ec_80_615ac5bc_d883724e_0_0_0_64_64_0_2_2_0_0
Requested by
Host: 99deals.link
URL: https://99deals.link/redirect/action/1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi?tsid=da632b14&uc=pub0109d810dbb74713b07cb7f83b150d4d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.156.93.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-93-177.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8c60fb84e2190b185324e29aea76387f46b8e3dfcfe7d1ceb08ce45a1f5285ba

Request headers

Host
riceedsrobile.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://99deals.link/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://99deals.link/

Response headers

Server
nginx
Date
Mon, 04 Oct 2021 09:13:32 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
712
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
98f377bf-532b-48b2-abcf-73f29991e351-v4=cqjeckExzIX3iZTNldVB7fHIzhil3Pw8jwkJnQIKuN4; Max-Age=86400; Expires=Tue, 05-Oct-2021 09:13:32 GMT; Domain=riceedsrobile.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=6QYbe6YyKSB8CIgWqt1BYNsTxbVxFo3t7F6dtunJoOFU24pKMkF0nC%2BZBfQYvbCx5zLonGpaHBrabcNg6E8J2HIBAO0IAQr8YfclH0PztFhWNFh0R%2BUgUvwSknr25QmpYa2R2zRMU73LBUWXtKlPtA%3D%3D; Max-Age=31536000; Expires=Tue, 04-Oct-2022 09:13:32 GMT; Domain=riceedsrobile.com; Path=/; Secure; HttpOnly;SameSite=None
redirect
frookshop-winsive.com/
0
0

redirect
frookshop-winsive.com/
414 B
687 B
Document
General
Full URL
https://frookshop-winsive.com/redirect?target=BASE64aHR0cDovL3g1ZmEuc291bmRzZWN1cmVyZWRpci5jb20vP3MxPXdtbjc3b2h0b2FnN2lwdWEyNnE2b29hYQ&ts=1633338812746&hash=ZqcBa4M5V4S0e9GELPVTpswqhrg7zoGpqyQzgkm7cc8&rm=DJ
Requested by
Host: riceedsrobile.com
URL: https://riceedsrobile.com/98f377bf-532b-48b2-abcf-73f29991e351?c2=1InByZSwuJipmNjwiKHNmf3BlZ2E_eQ_Pyi::da632b14&c1=20100421_2e_0_28c2_6b644e_7ec_80_615ac5bc_d883724e_0_0_0_64_64_0_2_2_0_0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.158.88.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cada27615c942fd6f3abe9346f523528abf94f1298a3eaf3b6db0bb21756b6ab

Request headers

Host
frookshop-winsive.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://riceedsrobile.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riceedsrobile.com/

Response headers

Server
nginx
Date
Mon, 04 Oct 2021 09:13:32 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
414
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
/
x5fa.soundsecureredir.com/
0
0

Primary Request /
simcast.com/
Redirect Chain
  • http://x5fa.soundsecureredir.com/?s1=wmn77ohtoag7ipua26q6ooaa
  • https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
36 KB
8 KB
Document
General
Full URL
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Requested by
Host: frookshop-winsive.com
URL: https://frookshop-winsive.com/redirect?target=BASE64aHR0cDovL3g1ZmEuc291bmRzZWN1cmVyZWRpci5jb20vP3MxPXdtbjc3b2h0b2FnN2lwdWEyNnE2b29hYQ&ts=1633338812746&hash=ZqcBa4M5V4S0e9GELPVTpswqhrg7zoGpqyQzgkm7cc8&rm=DJ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
55c31d128d0ea6bb1a87f9711907abb65cc2db4eef1adff5155b9700b31a7616

Request headers

Host
simcast.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://frookshop-winsive.com/redirect?target=BASE64aHR0cDovL3g1ZmEuc291bmRzZWN1cmVyZWRpci5jb20vP3MxPXdtbjc3b2h0b2FnN2lwdWEyNnE2b29hYQ&ts=1633338812746&hash=ZqcBa4M5V4S0e9GELPVTpswqhrg7zoGpqyQzgkm7cc8&rm=DJ

Response headers

date
Mon, 04 Oct 2021 09:13:33 GMT
server
Apache/2.4.38 (Debian)
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=3df2lmsd9qn9ni5ku7he6lmps7; expires=Mon, 04-Oct-2021 09:28:33 GMT; Max-Age=900; path=/; secure; HttpOnly uidinfer=778525740; expires=Wed, 03-Nov-2021 09:13:33 GMT; Max-Age=2592000; path=/
upgrade
h2
connection
Upgrade
vary
Accept-Encoding
content-encoding
gzip
content-length
7392
content-type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 04 Oct 2021 09:13:32 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Location
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Keep-Alive
timeout=5, max=93
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:33 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1633338813.dop167.fr8.t,1633338813.cds264.fr8.hn,1633338813.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Cookie
PHPSESSID=3df2lmsd9qn9ni5ku7he6lmps7; uidinfer=778525740
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:33 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 03:02:05 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5ca6d9777a540-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
4273
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/
55 KB
12 KB
Stylesheet
General
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Cookie
PHPSESSID=3df2lmsd9qn9ni5ku7he6lmps7; uidinfer=778525740
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
last-modified
Mon, 08 Jul 2019 03:45:19 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-58d2345dc71c0-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
12209
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1368
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
698d4b84eef7430f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 07 Oct 2021 09:13:34 GMT
enhance.js
parking2.parklogic.com/page/
0
278 B
Script
General
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=soundsecureredir.com
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.200.29 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
cadet.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 09:13:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=100
Content-Type
text/javascript;charset=UTF-8
simcastlogo_35y.png
simcast.com/templates/simcast/images/
1 KB
2 KB
Image
General
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Cookie
PHPSESSID=3df2lmsd9qn9ni5ku7he6lmps7; uidinfer=778525740
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Wed, 26 Feb 2020 07:27:31 GMT
server
Apache/2.4.38 (Debian)
etag
"527-59f758988fec0"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
image/png
content-length
1319
20210819_RaptorAd.png
simcast.com/images/av/jsbvariety/
86 KB
86 KB
Image
General
Full URL
https://simcast.com/images/av/jsbvariety/20210819_RaptorAd.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
f272fab5f13ef9e1d74dc8eac26c9031565a0e2073740d994ce6f80d984826ef

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Cookie
PHPSESSID=3df2lmsd9qn9ni5ku7he6lmps7; uidinfer=778525740
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Thu, 19 Aug 2021 08:09:58 GMT
server
Apache/2.4.38 (Debian)
etag
"157ad-5c9e513a7a180"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
image/png
content-length
87981
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1597719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1399
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVZ8w5ZBqrxJnmOBXKcZPAV4Ly1tDhNz1sGLgtTmbWvjlMsDSZ1eKKr5c1k7o%2FH0JQZgDVfEf%2F1ey0m6aNnqJ2hKVB7rBLE0RLHkKa5YcxVBmwh2F2cSpcDDSE24non5CxdCmM5d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
698d4b84cbab05e4-FRA
expires
Sat, 24 Sep 2022 09:13:34 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/
3 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
913945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1541
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU98CD87H9abVAdHExd%2BJeUrNYaX3GzB3SoRTdnxpXPGqr%2BhVU2%2FgiAR3aLiljN6oi84WT5wxybJm1p6iowIK7wvYeRal%2BVB5pqpz25k1gQIepVeaiKA7X1ECtJcmE1LKdUCYJJX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
698d4b84cbae05e4-FRA
expires
Sat, 24 Sep 2022 09:13:34 GMT
modal.css
simcast.com/widgets/modal/
633 B
605 B
Stylesheet
General
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
4a94fa119813672d49756d371abc4a70b1bc8a82885aa7ef2bb1ef25659da184

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Cookie
PHPSESSID=3df2lmsd9qn9ni5ku7he6lmps7; uidinfer=778525740
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
last-modified
Tue, 24 Aug 2021 05:41:26 GMT
server
Apache/2.4.38 (Debian)
etag
"279-5ca4795aa2d80-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
291
AAP71ls.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
38 KB
39 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP71ls.img?h=500&w=1000&x=394&y=159&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7f63cddcc522da841dc56a4b061a172535515914c2575c01c4ff917a1a117cc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 08:22:43 GMT
x-datacenter
northeu
x-source-length
90750
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428871
x-activityid
fe94eb3d-6594-4ae2-a795-ab6a0d0a5ebd
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP71ls?h=500&w=1000&x=394&y=159&m=2
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
39418
expires
Sat, 09 Oct 2021 08:21:25 GMT
AAP6oUi.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
3 KB
4 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6oUi.img?h=100&w=100&x=481&y=190&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
99de327a7f2fb0ab4ecdc731fb82b55e08706fd89f1fe139205832f1c5025501
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 04:14:11 GMT
x-datacenter
northeu
x-source-length
466280
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413987
x-activityid
bc62a82a-d5ae-4a71-917a-f70ffa72d245
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6oUi?h=100&w=100&x=481&y=190&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3437
expires
Sat, 09 Oct 2021 04:13:21 GMT
AAywOab.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
18 KB
19 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5d6df229ac67cde4b39d275955e4a279bbd7f922855d10b44f5701e6aa3cc64
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sat, 02 Oct 2021 00:26:14 GMT
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=227489
x-activityid
b4be8f7e-6b17-41fd-b804-33bfd0655013
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab
content-length
18737
expires
Thu, 07 Oct 2021 00:25:03 GMT
AALoPdg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
3 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALoPdg.img?h=100&w=100&x=960&y=540&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
06ef914d41129f50b22ec8e380854745816374d641ec13184ece3f9cef8a2b90
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 08:15:32 GMT
x-datacenter
northeu
x-source-length
58887
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428555
x-activityid
39db3fe4-d401-43da-a17c-0cb7fbd7ad70
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALoPdg?h=100&w=100&x=960&y=540&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2545
expires
Sat, 09 Oct 2021 08:16:09 GMT
BB17VHmX.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB17VHmX.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c427cff62ac4693cbcb409a5f4a7d7080e0d9cb8a400a51f2d0cafa0b22c41dc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 02:36:19 GMT
x-datacenter
northeu
x-source-length
1841
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=408163
x-activityid
08a35d0f-8044-418f-8cb1-d5c7e3b19fb4
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB17VHmX
content-length
1841
expires
Sat, 09 Oct 2021 02:36:17 GMT
AAP6CEc.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
4 KB
5 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6CEc.img?h=100&w=100&x=1000&y=666.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e2f6860fc1197c87165e997a36fd7ae975302c7e10abe60d3665b5edaca54ca9
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 05:45:36 GMT
x-datacenter
northeu
x-source-length
538971
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=419516
x-activityid
3291cebd-bfbe-4439-bd2c-5b6929e17f89
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6CEc?h=100&w=100&x=1000&y=666.5&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
4355
expires
Sat, 09 Oct 2021 05:45:30 GMT
AA3lldo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
719 B
1 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA3lldo.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b29c7476e231009b23559e9deacebde84bfcec8ecea834bab669e128c36f941f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sun, 03 Oct 2021 02:39:05 GMT
x-datacenter
northeu
x-source-length
719
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=321907
x-activityid
4d014104-b760-45af-831b-a657b9626c13
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA3lldo
content-length
719
expires
Fri, 08 Oct 2021 02:38:41 GMT
AAP72fb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
4 KB
5 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP72fb.img?h=100&w=100&x=954&y=573&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ef9aa78c805e5c4b32b10a184de6316927839467518fc7c42c179f406e3d170
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 07:11:38 GMT
x-datacenter
northeu
x-source-length
225843
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=424688
x-activityid
d460f240-651f-477d-a820-c733ea5d621b
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP72fb?h=100&w=100&x=954&y=573&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
4346
expires
Sat, 09 Oct 2021 07:11:42 GMT
AAvcS6D.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
1 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAvcS6D.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22c40d15762fb1b3abb72981665a40ba50e7a22ed8a1080093780da78b791a8a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAvcS6D
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sat, 02 Oct 2021 12:09:29 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
1466
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=269755
x-activityid
d22b1ccf-02bb-4824-a3a5-8959e2a6e91f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAvcS6D
content-length
1466
expires
Thu, 07 Oct 2021 12:09:29 GMT
AAP73DV.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP73DV.img?h=100&w=100&x=550&y=309.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9566c8ea5fc3cb41d6346af1ed3e0b915129e92562c63bd63042cfbdefed6b5c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 08:30:55 GMT
x-datacenter
northeu
x-source-length
64689
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429464
x-activityid
4277929b-5c5a-440d-b2c1-63fed609e094
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP73DV?h=100&w=100&x=550&y=309.5&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2153
expires
Sat, 09 Oct 2021 08:31:18 GMT
AAywGC0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
18 KB
19 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sun, 03 Oct 2021 04:15:07 GMT
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=327758
x-activityid
f270f862-1014-448f-92a2-4bbb97cb9ffc
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0
content-length
18737
expires
Fri, 08 Oct 2021 04:16:12 GMT
AAP6OGQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
3 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6OGQ.img?h=70&w=95&x=2117&y=1393&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
033cdb0076ac96b608a82de0cac4f205d83d75e24d4202ada622d53bb1ca125d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 07:49:54 GMT
x-datacenter
northeu
x-source-length
1117064
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427027
x-activityid
4c49735f-b4b8-47f7-abdc-60d394068ee2
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6OGQ?h=70&w=95&x=2117&y=1393&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2431
expires
Sat, 09 Oct 2021 07:50:41 GMT
BBNvr53.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
592 B
928 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ba66f541fd81ac7c99d86bac4cf071c9f0000f408b7487afc1bd5e35e20b87fc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sun, 03 Oct 2021 13:13:54 GMT
x-datacenter
northeu
x-source-length
592
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=360087
x-activityid
54e7950c-cdd6-4e2d-aab6-6c2cdb13395b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53
content-length
592
expires
Fri, 08 Oct 2021 13:15:01 GMT
AAP781x.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP781x.img?h=70&w=95&x=1500&y=1000.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82b64eb14a7995b44caba8abae07a162e5a928bafa691f37c0065fdb95221b9c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 08:47:41 GMT
x-datacenter
northeu
x-source-length
1629841
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430531
x-activityid
608d94a0-42d6-4107-b2fc-eafe821ea603
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP781x?h=70&w=95&x=1500&y=1000.5&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2033
expires
Sat, 09 Oct 2021 08:49:05 GMT
BB857Lo.img
img.s-msn.com/tenant/amp/entityid/
492 B
1 KB
Image
General
Full URL
https://img.s-msn.com/tenant/amp/entityid/BB857Lo.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.111.215.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
56a7e8048ddcbc65c205e83468ff5e2919403ec6997bf301e10eefe15d7990b8
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 09:13:34 GMT
Last-Modified
Thu, 30 Sep 2021 08:10:14 GMT
X-Datacenter
northeu
X-Source-Length
492
X-Frame-Options
deny
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=82603
X-ActivityId
8e658b48-8004-440f-9717-837d1e835c3a
Content-Location
https://img.s-msn.com/tenant/amp/entityid/BB857Lo
Connection
keep-alive
X-Deployment
72c3fde762c149e9ae8e86fd76d57772
Timing-Allow-Origin
*
Content-Length
492
Expires
Tue, 05 Oct 2021 08:10:17 GMT
AAP6QzE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6QzE.img?h=70&w=95&x=697&y=281&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8fb6b6bc74e4de8f230782502f096b26860e3ffd6667e5d777a285ac6b6b4f54
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 05:37:32 GMT
x-datacenter
northeu
x-source-length
778353
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=419095
x-activityid
7d505eae-2786-498b-a0c1-e9f201dd43eb
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6QzE?h=70&w=95&x=697&y=281&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2030
expires
Sat, 09 Oct 2021 05:38:29 GMT
BBmJJQ7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
19 KB
19 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBmJJQ7.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
263af8adfff945e13f719f75f5ceb3f076dc6d8ada3fae24228053065fb6718a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sun, 03 Oct 2021 09:22:49 GMT
x-datacenter
northeu
x-source-length
18952
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=346177
x-activityid
1c51de33-2791-4f97-aac4-3806b7a52b85
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBmJJQ7
content-length
18952
expires
Fri, 08 Oct 2021 09:23:11 GMT
AAP6Ljq.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
3 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6Ljq.img?h=70&w=95&x=488&y=274.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7204bfab00f7e6c97667ed4e3b1898a86d044b022d77b54ad5076a4186f8281e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 04:38:04 GMT
x-datacenter
northeu
x-source-length
81106
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=415367
x-activityid
c76eb828-ba92-4b4d-92f4-b9063966ae55
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6Ljq?h=70&w=95&x=488&y=274.5&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2483
expires
Sat, 09 Oct 2021 04:36:21 GMT
BBolVIq.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
1 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBolVIq.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
912f4af4c53ba3deae01dba73d648125cbc7e64ccb12caf805940a3c887d1754
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBolVIq
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sun, 03 Oct 2021 11:14:03 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
1186
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=352760
x-activityid
2af0eeb3-bfd4-468e-abce-d5aee713ce67
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBolVIq
content-length
1186
expires
Fri, 08 Oct 2021 11:12:54 GMT
AAP6Ixu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
2 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6Ixu.img?h=70&w=95&x=289&y=199&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
870a3ac9d3eb7dad16f0420f37758bd0cc8fdf77e988a91646a4b45560bb8069
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 04:30:10 GMT
x-datacenter
northeu
x-source-length
115829
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=415095
x-activityid
e3a47723-a275-429a-b994-b242c1e2c253
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP6Ixu?h=70&w=95&x=289&y=199&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
1576
expires
Sat, 09 Oct 2021 04:31:49 GMT
BBH6sN1.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
19 KB
19 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBH6sN1.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1eeadb6ea54327b2cbfd9b199e2eb1955d2c7f9892093818c12b3bbe42b3135f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Thu, 30 Sep 2021 08:29:53 GMT
x-datacenter
northeu
x-source-length
19025
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=83744
x-activityid
294c876f-7e8c-4ee1-88be-e067ad8f3525
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBH6sN1
content-length
19025
expires
Tue, 05 Oct 2021 08:29:18 GMT
AAP67yr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
3 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP67yr.img?h=70&w=95&x=800&y=450&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
353793e4b2afb86e8f34f59482403bc0c803f44db0cb8ea35b211cf4ea53b6ab
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sun, 03 Oct 2021 16:24:04 GMT
x-datacenter
northeu
x-source-length
380940
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=371400
x-activityid
910d4c94-6f78-44bb-b440-c30e17f0bf7f
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP67yr?h=70&w=95&x=800&y=450&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2458
expires
Fri, 08 Oct 2021 16:23:34 GMT
AABiyAn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
951 B
1 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5677a0d4d9c566052cb2b4e67411461ad04d690c00c316b371ab759b1c29b145
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AABiyAn
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Fri, 01 Oct 2021 01:59:05 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
951
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=146697
x-activityid
abb0c43d-0dc0-4454-9302-dbcd8634ec7b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn
content-length
951
expires
Wed, 06 Oct 2021 01:58:31 GMT
AAP71Nw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
3 KB
3 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP71Nw.img?h=70&w=95&x=1250&y=805&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ee9b358e2e0eff7bf072a52b3018284d8869b07804d457ed0c31145a69cae8b6
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 08:52:27 GMT
x-datacenter
northeu
x-source-length
1120919
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430831
x-activityid
c7f930a1-97bd-460b-8754-5dae59cc265e
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP71Nw?h=70&w=95&x=1250&y=805&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3045
expires
Sat, 09 Oct 2021 08:54:05 GMT
AA38A54.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
367 B
727 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a37a4a4ee2ef80af64c05dc78ba6015976287e181b86398407f468e902bddad
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA38A54
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Fri, 01 Oct 2021 08:43:14 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
367
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=170984
x-activityid
31c5dde4-483e-4f36-addf-9b0824929465
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54
content-length
367
expires
Wed, 06 Oct 2021 08:43:18 GMT
AAP71Gz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
3 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP71Gz.img?h=70&w=95&x=707.5&y=148.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6977ec98023f32f2108ac1207bf9aeb98bab877a783c4e6d8fbd8cf6da62a00d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 08:42:48 GMT
x-datacenter
northeu
x-source-length
285076
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430072
x-activityid
38753adf-e0d6-4d98-a5a8-cef086220f62
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP71Gz?h=70&w=95&x=707.5&y=148.5&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2330
expires
Sat, 09 Oct 2021 08:41:26 GMT
BBO6J5d.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
368 B
703 B
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBO6J5d.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9da6bed3fb631d3744ac079bb4352bec8b1066c99aa7eb809255ceb67bcb424
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Sat, 02 Oct 2021 14:22:21 GMT
x-datacenter
northeu
x-source-length
368
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=277698
x-activityid
cae02987-5ba2-4f02-9ae2-8c4c151c097c
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBO6J5d
content-length
368
expires
Thu, 07 Oct 2021 14:21:52 GMT
AAP787J.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
2 KB
3 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP787J.img?h=70&w=95&x=571&y=247&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8cce50de803d505e8cf11d8b31cfda71da3a393e97e520252ea41e1c7f99be5f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 08:56:33 GMT
x-datacenter
northeu
x-source-length
344432
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430911
x-activityid
8ba5d105-33cf-471b-aed4-6a96c89b8021
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP787J?h=70&w=95&x=571&y=247&m=5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2386
expires
Sat, 09 Oct 2021 08:55:25 GMT
AACl4vY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
4 KB
4 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43a98b40a75739f1e2cf9a5d7eb09645c51eafc2f519d42840ca7f152a40911f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Thu, 30 Sep 2021 07:45:38 GMT
x-datacenter
northeu
x-source-length
4142
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=81252
x-activityid
3e0a00f9-bc3d-486f-ae6f-79fb4cc5a1c7
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY
content-length
4142
expires
Tue, 05 Oct 2021 07:47:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
77 KB
26 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
7a261ef2ffe244ff8403a95547e87291b53548eef3af9bb354ac3ccc3c4c0b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1005 / 801 of 1000 / last-modified: 1633337212"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26507
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Oct 2021 09:13:34 GMT
BB13Qo92.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
13 KB
14 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB13Qo92.img?h=300&w=400&x=457&y=258&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d980c7d030db626ff256cc9557447d963de9c607b919727ad798838d449d69f5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 03:23:53 GMT
x-datacenter
northeu
x-source-length
33518
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=411123
x-activityid
fb392123-2944-4acd-95f0-8de742ff6202
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB13Qo92?h=300&w=400&x=457&y=258&m=2
content-length
13630
expires
Sat, 09 Oct 2021 03:25:37 GMT
AAP781i.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
41 KB
42 KB
Image
General
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP781i.img?h=300&w=400&x=1250&y=833&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1bff74c6d8a928feac0b98daa0d6d5f3d9ac382937ac34c2970d3a49b6036d97
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 04 Oct 2021 08:50:53 GMT
x-datacenter
northeu
x-source-length
4064476
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430713
x-activityid
3c29c4f5-cc28-49c2-a392-bf1ec2d2d152
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAP781i?h=300&w=400&x=1250&y=833&m=2
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
42132
expires
Sat, 09 Oct 2021 08:52:07 GMT
js
www.googletagmanager.com/gtag/
96 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
84091d76c31fb37f8e2f9ea450a69e9b27f22fe60df5412147e84f89181607c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39014
x-xss-protection
0
expires
Mon, 04 Oct 2021 09:13:34 GMT
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/
74 KB
74 KB
Font
General
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://simcast.com
Accept-Encoding
gzip, deflate, br
Host
simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Cookie
PHPSESSID=3df2lmsd9qn9ni5ku7he6lmps7; uidinfer=778525740
Connection
keep-alive
Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
last-modified
Mon, 08 Jul 2019 03:51:01 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-58d235a3ef340"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
font/woff2
content-length
75440
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
69 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
10
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
698d4b850ab55bf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 07 Oct 2021 09:13:34 GMT
web
onesignal.com/api/v1/sync/4c7b68c0-29d9-46be-b278-bfc487c22942/
4 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/4c7b68c0-29d9-46be-b278-bfc487c22942/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91a7efc73b3cac04e05d8e447c3b69ae179d9dcc2035461e025f89e8dba26567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1297
cf-polished
origSize=4513
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
154a6ede-f3e4-4934-bd94-0bbbeb06a538
x-runtime
0.027625
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ecb5b2d847ac9ca3b181caeaba393c07"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
698d4b856889430f-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 04 Oct 2021 10:13:34 GMT
pubads_impl_2021092701.js
securepubads.g.doubleclick.net/gpt/
341 KB
119 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
b7bbc8cc68191443c03fedd1bc2d143b12d660126d85d3d8fe4a5f4c04e3badd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121592
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 08:38:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Oct 2021 09:13:34 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
63 B
92 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
d02d38763c2ffcbe57d2583df3b41eaeee4143a358aa33ee5de986e281dbb296
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Mon, 04 Oct 2021 09:13:34 GMT
js.php
simcast.com/widgets/ms/
2 B
361 B
XHR
General
Full URL
https://simcast.com/widgets/ms/js.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
c7757c0896cbfe6182d8ea2bda4a8bf94addc428980eedab8609c57ca7ff1763

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
simcast.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
text/plain, */*; q=0.01
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
PHPSESSID=3df2lmsd9qn9ni5ku7he6lmps7; uidinfer=778525740
Connection
keep-alive
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-type
text/html; charset=UTF-8
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6111
date
Mon, 04 Oct 2021 07:31:43 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 04 Oct 2021 09:31:43 GMT
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=38823830039387&correlator=1529149116530866&output=ldjh&impl=fif&eid=31063002&vrg=2021092701&ptt=17&sc=1&sfv=1-0-38&ecs=20211004&iu_parts=43671922%2CBing_ad&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1633338814&dt=1633338814624&dlt=1633338813717&idt=887&frm=20&biw=1600&bih=1200&oid=2&adxs=1230&adys=193&adks=845168217&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsoundsecureredir.com%26s%3Dbone%26sw%3D16%26tr%3D16878943293%26oip%3D216.131.114.78%26eol%26adult%3Dtrue&vis=1&dmc=8&scr_x=0&scr_y=0&psz=339x0&msz=339x0&ga_vid=239247018.1633338815&ga_sid=1633338815&ga_hid=1263325824&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
29f4c8e476ea79188fce18aed43a42916c033142d33d977ea73a0e7dc3dfbc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8669
x-xss-protection
0
google-lineitem-id
5623036245
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138340173059
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8a6588464b9fa9a8ba03847664936da0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AAB3
0
0

collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1263325824&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsoundsecureredir.com%26s%3Dbone%26sw%3D16%26tr%3D16878943293%26oip%3D216.131.114.78%26eol%26adult%3Dtrue&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1979520817&gjid=664836422&cid=239247018.1633338815&tid=UA-205158314-1&_gid=2134959857.1633338815&_r=1&gtm=2ou9r0&z=332359850
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 09:13:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv_3a7ADWO7qwq2Wy6l0qbDd_pDy20R4bkNtXfGYziErV1Pj8JCfSwYXOF3sgcX6BYC8LSTw2g7Hx-h3RqvWJrf8MoMiK3r-sjoaQNJfX7ekOq6IeZ1ZSYiafFWz5y8nH9Isy4Lmm6UD9x3Is3OkLezff8MLd-F5BPHRAt6Y3ihoYR_pOXCvboiJiU4AHgravib6PXtlwlxY2b4IWPG82-S_T29Hwx7zq97n8EczR58UqbevJ8zz8F2YGdsQZ5GW8bDXeb-HNbJS1VrJ7XyEC_T41eX0piDmyuBw9y_LA8RUOB&sai=AMfl-YT3ekmOe9u3XrSt35UMUzLuDuQob6vVPx5utyN9FLoYn5H0NUSRi6hBwUP7-889denewM6UDQSM_IpuYZojvGxAmIWQx1PzR9OC668cx9O-J7q6Ppp0JFPqeVm3Ytk&sig=Cg0ArKJSzPsupKdIP7OREAE&urlfix=1&adurl=
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/0------------------------0/khalidi1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 04 Oct 2021 09:13:34 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 01 Oct 2021 11:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 01 Oct 2022 11:04:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/
122 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 04 Oct 2021 09:13:34 GMT
truncated
/
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c4fe263c5891a5bd279dc8263acbc62b498c3e11015cb31517ad89522463fad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
3d3aa73c4ee8c83aa43128fe5707de8db81630d8217db281f9650b447f171570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8564
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoZfzaru6z5bu5kQUW4jx71uglwcJp_iS2mRKFCMPt1PIqG5xAT_EB0NP33I6fSS7gRNysXBts-1cTTslC15AdmBAN3MstDZDVG4H8svbcUUINJjr7EOCoUYMlEyz9UAiOHbLFasRdH_Wd4Ux2ixsANDtF68JKOBMOS-wIl8K8h8BIaEjxCS7wa19QlIgX_V7ZYLYDw9WJlSUHyEQY_dTNSrNdYdiproVykp8OgwSqJquJu8AqtCPIAKHaMsnXELoGbGoqc75zZkP2FJFcCydCR8ZJmEm8RfBdx_dJXiS_cDgpRJI&sai=AMfl-YTFLeZOOaDbPunMuoPMs8tLWMN1FcwL9lH26SUKhfLkfbJY2NbZS2xvvREjNpu5i60e1bPub6tNyNRUuSxybjTP4Vqe8oleaqtZM1ieauQpXb6NPwCTXtzYDjrScIg&sig=Cg0ArKJSzE_2Y0VcNdQ3EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 09:13:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 04 Oct 2021 09:13:34 GMT
v1
api.airfind.com/adPlacement/
2 KB
937 B
XHR
General
Full URL
https://api.airfind.com/adPlacement/v1?clientId=50316&placementId=1466&ip=undefined&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&size=300x250
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.108.22 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
31ee736eff0f09334db47bf99d42f74cbe7ad9eb38cddc601836ee514846db32

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simcast.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Oct 2021 09:13:35 GMT
content-encoding
gzip
server
nginx/1.10.3
vary
Accept-Encoding, Accept-Encoding
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 04 Oct 2021 09:13:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2BF4
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://simcast.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 04 Oct 2021 08:52:42 GMT
expires
Tue, 04 Oct 2022 08:52:42 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9616
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
27aa3f54dc3281b3573eda0254cf3f12f50319bc1aa000f7f1bae31c19ba2cc1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cPlcSoTYFSy+PH3defEAZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://simcast.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 04 Oct 2021 09:13:34 GMT
date
Mon, 04 Oct 2021 09:13:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-cPlcSoTYFSy+PH3defEAZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 2BF4
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 06:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
9962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 04 Oct 2022 06:27:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9616
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092701&jk=38823830039387&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092701&jk=38823830039387&bg=!cXKlcjbNAAZE-GIIRPg7ACkAdvg8Wkp7rLeDubKSHBF5jSc7s1xldL9lLxVJpj6bp0GxLwV-jR3k0wIAAABOUgAAAAtoAQeZAqbGFPV4mlwcx_-p7pWdFH9FthKrmcy_Eaa4iZWkzLtzNdlEc-YkieVoUuc6SvYYQGZi9tN1qMnEF5lBdJwlviVl6dyuhc1KyWcrFde-GqTyTGVNsPFIcjnVF46kRF5F0AYvrP8GmXKeyb77ZzAhMVtClwnR0vMTb-Q4YePx4Gc5qOCLG8Q-PK6GEy0AQhI6w50jIjCDRWNO4WLDXzUqKz4Mpx79fhq3c1tTmyJ9WzCIhLaZKhJfpQ5g9Sty-IpMKdZU2HFqD6xQ2Tv-N1CTN-I-O-j191nMWFIMPa2INrddk8l3NXXkvDzBM2oOYJbUCPsvDcdht6P3ME5WSXUPqW8jTBfYvEV1ac2RZ0Lil_aRwue4nnEptZbTwMQhE_aR6PmGX5wsBYSugvyOdqVFZtqWIRdOezFtbmaGMzN_Uhdm2nQJwTx2vPz1pLrQRBQTV12yxT9eEfvmTxYgNLKCtJ_GjfQmYCJNrUQnvijDjuJMPdB7QqH3Zh2fzVkest2yZq0LnQ-wyjxIFBg0B_x7ERUm-lFTcPDCVN2d2y0nRMTGiCGz_Jx4OupUDRx8kNhi9CDX_TiPHnkdN34UnpxdUXkEWkx7RlEnvU6GRKZdrIeQedCdoMP5vtQlyu08ICa70lJVVmENmgx1hBoryjFMYAFYC91204ckUY_sx3vrGNFKPyy0kAsZH9JQLdxOWPQqz3B-4z4M6k7ozeEYvti4iVAlNmbgTfSEMg9LnJxRb_8UK338xovr-RazuB61DQ73vGsa3e1RoiWXBJcA_dV193b3dXWs1hDPnAz36o5zd2BOIHPSHHVwpCSbKa4XjToG8hlmKBKnuPKdzLAu0dGY4g6D8GG6SS1IJjpp8b_gCfTJyg6cIfx4MnOfbCPJ3fPagMinZVtD_18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ms-nativeads-airfind.min.js
h6.msn.com/nativeads/
42 KB
14 KB
Script
General
Full URL
https://h6.msn.com/nativeads/ms-nativeads-airfind.min.js?date=202194
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/0------------------------0/khalidi1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.111.252.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-252-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
54ef48962916657a624ea08c54313a5046ad8531196dbf6333951dfb48f05ae6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 04 Oct 2021 09:13:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Oct 2020 21:58:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Y34szt/2+fmkaKfbLF0rQw==
ETag
0x8D86A42F497A910
Vary
Accept-Encoding
Content-Type
application/javascript
x-ms-request-id
fa0f2be5-d01e-0042-5b69-b1588f000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
13968
aria-webjs-compact-sdk-1.2.1.min.js
h6.msn.com/bingna/lib/aria-webjs-compact-sdk/
15 KB
5 KB
Script
General
Full URL
https://h6.msn.com/bingna/lib/aria-webjs-compact-sdk/aria-webjs-compact-sdk-1.2.1.min.js
Requested by
Host: h6.msn.com
URL: https://h6.msn.com/nativeads/ms-nativeads-airfind.min.js?date=202194
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.111.252.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-252-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65b6041942a5da263cdef6a77f84919f60dec13b70b9adacb7a7209afee538b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 04 Oct 2021 09:13:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Nov 2018 22:28:46 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
CS9zzcLon7hn7JZMenV37Q==
ETag
0x8D6450061D8A4D4
Vary
Accept-Encoding
Content-Type
application/javascript
x-ms-request-id
30318295-701e-004f-027a-d8b783000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
4823
search
www.bing.com/api/beta/v7/ads/native/
5 KB
6 KB
XHR
General
Full URL
https://www.bing.com/api/beta/v7/ads/native/search?setmkt=en-us&q=%7B%22_type%22%3A%22Ads%2FNativeAdsRequest%22%2C%22id%22%3A%221998f8b0d5db4df4a63f116235cc2e20%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221fe708bb-20c9-41bc-a27e-2fae0f208eeb%22%7D%5D%2C%22site%22%3A%7B%22domain%22%3A%22simcast.com%22%2C%22cat%22%3A%5B%22Top%20News%22%2C%22global%22%5D%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsoundsecureredir.com%26s%3Dbone%26sw%3D16%26tr%3D16878943293%26oip%3D216.131.114.78%26eol%26adult%3Dtrue%22%2C%22keywords%22%3A%5B%22JS%20Bin%22%5D%2C%22publisher%22%3A%7B%22id%22%3A%2225135876%22%2C%22name%22%3A%22popularscience%22%2C%22ext%22%3A%7B%22apikey%22%3A%22ARCs0VnNSYWw4jGruN8X06aySjqWsmolJyN7R%2FGXnOwauHDaTOPasv1H%2BCLV4cf61go%3D%22%2C%22tracingtag%22%3A%2250316-01%2Cmvrequiredclient%22%7D%7D%2C%22content%22%3A%7B%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsoundsecureredir.com%26s%3Dbone%26sw%3D16%26tr%3D16878943293%26oip%3D216.131.114.78%26eol%26adult%3Dtrue%22%2C%22title%22%3A%22JS%20Bin%22%2C%22cat%22%3A%5B%22singleadbottomonly300x250%22%2C%22topnews%22%2C%22global%22%5D%2C%22keywords%22%3A%5B%22JS%20Bin%22%5D%7D%7D%7D&appid=CFEAB5E0AC88686BA597A26FB4B545556E49E829
Requested by
Host: h6.msn.com
URL: https://h6.msn.com/nativeads/ms-nativeads-airfind.min.js?date=202194
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.22.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e8b9b4d51d25bafb3a61b71a47de5616e506974bc0f5183fc4a6d179c21ee1bb

Request headers

Accept
*/*
Referer
https://simcast.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:35 GMT
x-msapi-userstate
27ac
x-snr-routing
1
x-cache
CONFIG_NOCACHE
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
bingapis-market
en-US
content-length
4830
x-msedge-clientid
03FDCFEDA2AC644F398CDF2BA31E65BD
bingapis-traceid
C1B747D694B246C0B24EA8A16E518259
x-msedge-ref
Ref A: C1B747D694B246C0B24EA8A16E518259 Ref B: VIEEDGE1506 Ref C: 2021-10-04T09:13:35Z
bingapis-sessionid
60B9EE126CBD4120B848571933CC5F09
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-expose-headers
BingAPIs-TraceId
cache-control
private, max-age=0
access-control-allow-credentials
true
expires
Mon, 04 Oct 2021 09:12:35 GMT
activeview
pagead2.googlesyndication.com/pcs/
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjzEwe0FK4KgIzWcv1ajfAvoWauzUGJhBvOVyIcUpPlVIesv8MtAeLj-7PyAfTXW8xyzFxemUWwiU3ZFiv2ZWx1dB0S66vZZJu_tTqMD2Vu2guU9Fu&sig=Cg0ArKJSzJFlEHNWi4hXEAE&id=lidar2&mcvt=1000&p=0,0,250,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211001&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=845168217&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633338812810&rpt=1997
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 09:13:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
www.bing.com/aes/
0
0

th
www.bing.com/
14 KB
14 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.8108913495704_1WATF034BRRCW3DWP6&pid=21.2&roil=0.1525&roit=0&roir=0.8483&roib=1&w=300&h=250&c=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.22.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87cf4e5b4e22332aac3582ec79062a940324233e0c532d4587570cb32453ea69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:13:35 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 79155FC6FB5B4BA5AC30152C5820FBBD Ref B: VIEEDGE1506 Ref C: 2021-10-04T09:13:36Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
14145
/
browser.pipe.aria.microsoft.com/Collector/3.0/
0
0

c.gif
www.bing.com/aes/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
frookshop-winsive.com
URL
https://frookshop-winsive.com/redirect?target=BASE64aHR0cDovL3g1ZmEuc291bmRzZWN1cmVyZWRpci5jb20vP3MxPXdtbjc3b2h0b2FnN2lwdWEyNnE2b29hYQ&ts=1633338812746&hash=ZqcBa4M5V4S0e9GELPVTpswqhrg7zoGpqyQzgkm7cc8&rm=DJ
Domain
x5fa.soundsecureredir.com
URL
http://x5fa.soundsecureredir.com/?s1=wmn77ohtoag7ipua26q6ooaa
Domain
8a6588464b9fa9a8ba03847664936da0.safeframe.googlesyndication.com
URL
https://8a6588464b9fa9a8ba03847664936da0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
www.bing.com
URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f3c4b873571f4c92be8235c7dc298080&SNR=1&GV=2
Domain
browser.pipe.aria.microsoft.com
URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.0&x-apikey=c34cce5c21da4a91907bc59bce4784fb-42e261e9-5073-49df-a2e1-42415e012bc6-6954
Domain
www.bing.com
URL
https://www.bing.com/aes/c.gif?type=mv&tids=15000&rg=f3c4b873571f4c92be8235c7dc298080&reqver=1.0

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| OneSignal function| myConfirm function| myFunction number| __oneSignalSdkLoadCount function| __jp0 function| displayModal function| displayComment function| displayModalURL object| googletag object| ggeac object| google_js_reporting_queue object| ifrm object| urlParams string| url string| affiliateId object| subAffiliateId object| el function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu string| adUrl number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| google_image_requests object| tempscript boolean| isSSL object| date string| concatDate string| bingNAJS object| nativeAdsContext string| naClientVersion function| initializeAppear object| services function| na_jQuery function| process function| checkAfterTimeout function| isElementInView function| stopProcessing function| getMediationAdsUrl function| getBingNativeAds object| AWTPiiKind function| AWT string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE object| Body string| value

19 Cookies

Domain/Path Name / Value
99deals.link/redirect/action Name: msv-28c2-2dba6-0-50-0-0
Value: 3632493134
99deals.link/conversion Name: click-2d6-6b644e
Value: 20100421_2e_0_28c2_6b644e_7ec_80_615ac5bc_d883724e_0_0_0_64_64_0_2_2_0_0
moonrightplace.com/ Name: uid15295
Value: 1193629180-20211004051332-4bd33b8c219cf4ca852cc442d981e88f-
tulac.ngunsen.com/ Name: AWSALB
Value: 2ALDTU7mZxYpr9USMqc6zl/UJ9zPqr79LoxguXltOXexWoecwaIHV4YjQVyeNYmFw1QMkXBP7mLLbqvJ4hzrWg2ma87v5DWnqB22pGIw3BRCcBbrB0tJ+uAMPE1O
.riceedsrobile.com/ Name: 98f377bf-532b-48b2-abcf-73f29991e351-v4
Value: cqjeckExzIX3iZTNldVB7fHIzhil3Pw8jwkJnQIKuN4
.riceedsrobile.com/ Name: cc-v4
Value: 6QYbe6YyKSB8CIgWqt1BYNsTxbVxFo3t7F6dtunJoOFU24pKMkF0nC%2BZBfQYvbCx5zLonGpaHBrabcNg6E8J2HIBAO0IAQr8YfclH0PztFhWNFh0R%2BUgUvwSknr25QmpYa2R2zRMU73LBUWXtKlPtA%3D%3D
simcast.com/ Name: PHPSESSID
Value: 3df2lmsd9qn9ni5ku7he6lmps7
simcast.com/ Name: uidinfer
Value: 778525740
.simcast.com/ Name: _ga
Value: GA1.2.239247018.1633338815
.simcast.com/ Name: _gid
Value: GA1.2.2134959857.1633338815
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.simcast.com/ Name: __gads
Value: ID=37a20e5bc58f1470-2242355fe5ca00c6:T=1633338814:S=ALNI_MbhX3Sr-TmEFkd1LFCvFnllLzyICg
.doubleclick.net/ Name: IDE
Value: AHWqTUlwRzywSsYsHMnvMFrU7ibhpCzmr3rqMmwozaYVstAb-Mqio78ghs2i4MS1bf4
.bing.com/ Name: MUID
Value: 03FDCFEDA2AC644F398CDF2BA31E65BD
.bing.com/ Name: SRCHD
Value: AF=NOFORM
.bing.com/ Name: SRCHUID
Value: V=2&GUID=60B9EE126CBD4120B848571933CC5F09&dmnchg=1
.bing.com/ Name: SRCHUSR
Value: DOB=20211004
.bing.com/ Name: SRCHHPGUSR
Value: SRCHLANG=de
.bing.com/ Name: _SS
Value: SID=185B71C0E9BA63E006486106E80862A5

6 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://simcast.com/?d=soundsecureredir.com&s=bone&sw=16&tr=16878943293&oip=216.131.114.78&eol&adult=true
Message:
Access to XMLHttpRequest at 'https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f3c4b873571f4c92be8235c7dc298080&SNR=1&GV=2' from origin 'https://simcast.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f3c4b873571f4c92be8235c7dc298080&SNR=1&GV=2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a6588464b9fa9a8ba03847664936da0.safeframe.googlesyndication.com
99deals.link
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.airfind.com
browser.pipe.aria.microsoft.com
cdn.addlnk.com
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
frookshop-winsive.com
h6.msn.com
img-s-msn-com.akamaized.net
img.s-msn.com
moonrightplace.com
onesignal.com
pagead2.googlesyndication.com
parking2.parklogic.com
resis.co.uk
riceedsrobile.com
securepubads.g.doubleclick.net
simcast.com
storage.googleapis.com
tpc.googlesyndication.com
tulac.ngunsen.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x5fa.soundsecureredir.com
8a6588464b9fa9a8ba03847664936da0.safeframe.googlesyndication.com
browser.pipe.aria.microsoft.com
frookshop-winsive.com
www.bing.com
www.google-analytics.com
x5fa.soundsecureredir.com
104.111.215.107
104.111.252.77
104.16.19.94
104.18.225.52
104.21.70.104
13.107.22.200
142.250.181.232
142.250.185.176
142.250.185.196
142.250.185.226
142.250.185.98
142.250.186.170
142.250.74.78
172.217.16.130
172.67.137.121
172.67.198.87
18.156.93.177
18.158.88.249
198.199.108.22
2.16.186.9
205.251.155.59
212.81.59.141
216.58.212.161
216.58.212.162
45.79.200.29
45.79.244.12
69.16.175.10
69.16.230.42
033cdb0076ac96b608a82de0cac4f205d83d75e24d4202ada622d53bb1ca125d
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
06ef914d41129f50b22ec8e380854745816374d641ec13184ece3f9cef8a2b90
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1bff74c6d8a928feac0b98daa0d6d5f3d9ac382937ac34c2970d3a49b6036d97
1eeadb6ea54327b2cbfd9b199e2eb1955d2c7f9892093818c12b3bbe42b3135f
22c40d15762fb1b3abb72981665a40ba50e7a22ed8a1080093780da78b791a8a
263af8adfff945e13f719f75f5ceb3f076dc6d8ada3fae24228053065fb6718a
27aa3f54dc3281b3573eda0254cf3f12f50319bc1aa000f7f1bae31c19ba2cc1
29f4c8e476ea79188fce18aed43a42916c033142d33d977ea73a0e7dc3dfbc48
2c69cd05f6ab70bfd606edd03f54b9422dffa7978d8894100c05aae76a0d3503
31ee736eff0f09334db47bf99d42f74cbe7ad9eb38cddc601836ee514846db32
33aeb0e88f6e7a3b4acb371e092ca813d355b54d3ff1a494810a7eec1072fdfd
353793e4b2afb86e8f34f59482403bc0c803f44db0cb8ea35b211cf4ea53b6ab
3d3aa73c4ee8c83aa43128fe5707de8db81630d8217db281f9650b447f171570
43a98b40a75739f1e2cf9a5d7eb09645c51eafc2f519d42840ca7f152a40911f
4a94fa119813672d49756d371abc4a70b1bc8a82885aa7ef2bb1ef25659da184
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54ef48962916657a624ea08c54313a5046ad8531196dbf6333951dfb48f05ae6
55c31d128d0ea6bb1a87f9711907abb65cc2db4eef1adff5155b9700b31a7616
5677a0d4d9c566052cb2b4e67411461ad04d690c00c316b371ab759b1c29b145
56a7e8048ddcbc65c205e83468ff5e2919403ec6997bf301e10eefe15d7990b8
65b6041942a5da263cdef6a77f84919f60dec13b70b9adacb7a7209afee538b4
6977ec98023f32f2108ac1207bf9aeb98bab877a783c4e6d8fbd8cf6da62a00d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4fe263c5891a5bd279dc8263acbc62b498c3e11015cb31517ad89522463fad
7204bfab00f7e6c97667ed4e3b1898a86d044b022d77b54ad5076a4186f8281e
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
7a261ef2ffe244ff8403a95547e87291b53548eef3af9bb354ac3ccc3c4c0b52
82b64eb14a7995b44caba8abae07a162e5a928bafa691f37c0065fdb95221b9c
84091d76c31fb37f8e2f9ea450a69e9b27f22fe60df5412147e84f89181607c6
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
870a3ac9d3eb7dad16f0420f37758bd0cc8fdf77e988a91646a4b45560bb8069
87cf4e5b4e22332aac3582ec79062a940324233e0c532d4587570cb32453ea69
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8a37a4a4ee2ef80af64c05dc78ba6015976287e181b86398407f468e902bddad
8c60fb84e2190b185324e29aea76387f46b8e3dfcfe7d1ceb08ce45a1f5285ba
8cce50de803d505e8cf11d8b31cfda71da3a393e97e520252ea41e1c7f99be5f
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8ef9aa78c805e5c4b32b10a184de6316927839467518fc7c42c179f406e3d170
8fb6b6bc74e4de8f230782502f096b26860e3ffd6667e5d777a285ac6b6b4f54
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
912f4af4c53ba3deae01dba73d648125cbc7e64ccb12caf805940a3c887d1754
91a7efc73b3cac04e05d8e447c3b69ae179d9dcc2035461e025f89e8dba26567
9566c8ea5fc3cb41d6346af1ed3e0b915129e92562c63bd63042cfbdefed6b5c
99de327a7f2fb0ab4ecdc731fb82b55e08706fd89f1fe139205832f1c5025501
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
b29c7476e231009b23559e9deacebde84bfcec8ecea834bab669e128c36f941f
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b7bbc8cc68191443c03fedd1bc2d143b12d660126d85d3d8fe4a5f4c04e3badd
ba66f541fd81ac7c99d86bac4cf071c9f0000f408b7487afc1bd5e35e20b87fc
bc08d9f7bc89a276f2a61df84a73ac836ff3c69a6f3872c1c8052586c2cbbdf3
c427cff62ac4693cbcb409a5f4a7d7080e0d9cb8a400a51f2d0cafa0b22c41dc
c7757c0896cbfe6182d8ea2bda4a8bf94addc428980eedab8609c57ca7ff1763
cada27615c942fd6f3abe9346f523528abf94f1298a3eaf3b6db0bb21756b6ab
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d02d38763c2ffcbe57d2583df3b41eaeee4143a358aa33ee5de986e281dbb296
d538bfa02165a4f78539fadd60a2beb5baed3a8b5229f751fe0386273c4ec90d
d5d6df229ac67cde4b39d275955e4a279bbd7f922855d10b44f5701e6aa3cc64
d980c7d030db626ff256cc9557447d963de9c607b919727ad798838d449d69f5
e2f6860fc1197c87165e997a36fd7ae975302c7e10abe60d3665b5edaca54ca9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b9b4d51d25bafb3a61b71a47de5616e506974bc0f5183fc4a6d179c21ee1bb
e9da6bed3fb631d3744ac079bb4352bec8b1066c99aa7eb809255ceb67bcb424
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ee9b358e2e0eff7bf072a52b3018284d8869b07804d457ed0c31145a69cae8b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f272fab5f13ef9e1d74dc8eac26c9031565a0e2073740d994ce6f80d984826ef
f7f63cddcc522da841dc56a4b061a172535515914c2575c01c4ff917a1a117cc
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62