Report - simsdom.com/

Report Overview

Submitted URL
simsdom.com/
IP
172.67.136.93
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-29 08:35:02
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
eehuzaih.com	unknown	2022-02-21	2022-02-21	2023-05-28	1.2 kB	85 kB	139.45.197.237
optyruntchan.com	428482	2021-08-09	2021-08-10	2023-05-27	1.2 kB	85 kB	139.45.197.237
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-05-28	1.0 kB	1.5 kB	139.45.195.8
simsdom.com	664884	2012-03-20	2015-10-12	2023-05-22	468 B	40 kB	104.21.72.227
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-28	330 B	963 B	104.18.15.101
fleraprt.com	unknown	2022-01-14	2022-01-14	2023-05-28	529 B	483 B	139.45.195.254
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-28	1.3 kB	2.8 kB	142.250.74.131
www.simsdom.com	unknown	2012-03-20	2016-05-28	2023-05-26	14 kB	3.9 MB	188.114.97.1
s9.simstatic.com	unknown	2018-02-12	2021-09-29	2023-05-18	482 B	670 B	104.26.7.105
tzegilo.com	unknown	2022-01-14	2022-01-14	2023-05-28	398 B	38 kB	104.21.0.191
cdn.itskiddien.club	unknown	2022-10-06	2022-10-06	2023-05-28	838 B	109 kB	139.45.197.236
s4.simstatic.com	unknown	2018-02-12	2021-02-09	2023-05-09	8.5 kB	13 kB	104.26.7.105
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2023-05-28	1.5 kB	1.5 kB	139.45.197.250
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-28	544 B	49 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-28	918 B	62 kB	142.250.74.106
yonhelioliskor.com	153450	2021-06-25	2021-06-25	2023-05-25	3.4 kB	123 kB	139.45.197.251

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-05-29	medium	amunfezanttor.com
2023-05-29	medium	amunfezanttor.com
2023-05-29	medium	amunfezanttor.com

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.simsdom.com/js/hey-carregou.v1635116895.js	8.5 kB	2023-05-18	2023-05-29
Pretty URL www.simsdom.com/js/hey-carregou.v1635116895.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 19:21:57 Last Seen2023-05-29 10:35:04 Times Seen3 Hash da5c5df2f4cb3bb5b5bac0bc134ef8fe 24f1b0a12f5a63610e3069b23e41a8e7a8c64e26 f407f63543c13f274e71583fd99b2d97150358f0e9424edcc466906b9f94a9a3 Loading...

	www.simsdom.com/	38 B	2023-03-08	2023-05-29
Pretty URL www.simsdom.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 23:18:23 Last Seen2023-05-29 10:35:04 Times Seen4 Hash 24411441855fd70aa565bb0db8c44ee4 d4247caa37ee93e2b399b45d32eae70354502e51 3aed6fbb9c8fa2a856fc9ba7d4fe7c7ece36492531ae76a4d06316f1d000b44d Loading...

	cdn.itskiddien.club/apu.php?zoneid=5632163	77 kB	2023-05-29	2023-05-29
Pretty URL cdn.itskiddien.club/apu.php?zoneid=5632163 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-29 10:35:04 Last Seen2023-05-29 10:35:04 Times Seen1 Hash 87a3344a0424d4d60b5b935de694255d c59900c898f56a99fd29fe9ad247c100a4856b50 b698db8a63ab81409f8127040cfba106cdb6503ed747bfd913b73b61a793171a Loading...

	www.simsdom.com/js/hey-scripts.v1607309368.js	299 kB	2023-03-08	2023-10-17
Pretty URL www.simsdom.com/js/hey-scripts.v1607309368.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:18:22 Last Seen2023-10-17 05:33:44 Times Seen11 Hash 7fc3c1e789cded02e1c9a2842e554740 bed2fdadc2f385cbd1bf5ffab0066c81e7d6fcba 0c5db9fb65f51d2508104c3585bd1982960ae6313cc22a5d5b399812f534fe4e Loading...

	www.simsdom.com/js/hey-vars.v1635116895.js	4.5 kB	2023-05-18	2023-05-29
Pretty URL www.simsdom.com/js/hey-vars.v1635116895.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 19:21:58 Last Seen2023-05-29 10:35:04 Times Seen5 Hash fd383d8d8033d023fb7d866b579a3818 4b9e94ab814678c9d5c2c6f78e570a02bd2e78ac e5353e5d5d9e2c45d02575d6765db93ac2375ff7765e98a3b528683f892d772c Loading...

	www.simsdom.com/	57 B	2023-03-07	2024-04-27
Pretty URL www.simsdom.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-27 02:43:14 Times Seen10863 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	yonhelioliskor.com/pfe/current/tag.min.js?z=4621931	15 kB	2023-05-11	2023-05-29
Pretty URL yonhelioliskor.com/pfe/current/tag.min.js?z=4621931 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 16:55:15 Last Seen2023-05-29 10:50:06 Times Seen1706 Hash 1f938e5040bfa37e9d20f59fa9782737 caca731480f0130da647e515b69e021e16b5b346 f0d84fad3fd69279b48266e7c652f524f93eb0052d96fdf47e41e452ea631db5 Loading...

	www.simsdom.com/	306 B	2023-03-08	2023-05-29
Pretty URL www.simsdom.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 23:18:23 Last Seen2023-05-29 10:35:04 Times Seen4 Hash 61bfcb6a1ad303722b68a24dd0b60e0f 391a318714b2b9bb11213aa1f9f6514178b102c9 810c09076c496b18e11c22ac407d1a6077dba585a63fb890449aa1913cd4ce4d Loading...

	www.simsdom.com/js/hey.v1635116895.js	155 kB	2023-05-18	2023-05-29
Pretty URL www.simsdom.com/js/hey.v1635116895.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 19:21:58 Last Seen2023-05-29 10:35:04 Times Seen3 Hash 6e7b5f843f23daa5d07b528933775e5f fe093d2a10d4cca720cad73ada824ef298cc253a 3e4cc87ee59eed881977707ad2c30f861dc691cfba9b9dfa3eb2f8b53fa30f89 Loading...

	tzegilo.com/stattag.js	18 kB	2023-05-22	2023-09-06
Pretty URL tzegilo.com/stattag.js IP 104.21.0.191 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 16:37:35 Last Seen2023-09-06 23:37:01 Times Seen3156 Hash dd2f9f2bb1e1c74b905556d0a7bc5545 0c831c8c56da8167b9e2dfd1d3eb3288348da85d 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663 Loading...

	cdn.itskiddien.club/apu.php?zoneid=4806906	77 kB	2023-05-29	2023-05-29
Pretty URL cdn.itskiddien.club/apu.php?zoneid=4806906 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-29 10:35:04 Last Seen2023-05-29 10:35:04 Times Seen2 Hash 36290055d24da62edf39536134c05562 c779a8e530a64b3e1614a126fb03e40989aaf9f4 7f49e64574d28a16e27891846b378707125396ac9daef4fa2638e083974317a8 Loading...

	www.simsdom.com/	330 B	2023-05-18	2023-05-29
Pretty URL www.simsdom.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-18 19:21:58 Last Seen2023-05-29 10:35:04 Times Seen3 Hash ea6700fff4f068d93bfe6eda849d264e 17432ed7e840dcd704654ba58be3562f6e4fc61d 0de00be362a7defb8727252bd31498ce9d9972268586d40540c1d5be7e500f22 Loading...

	optyruntchan.com/400/4674982	83 kB	2023-05-29	2023-05-29
Pretty URL optyruntchan.com/400/4674982 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-29 10:35:04 Last Seen2023-05-29 10:35:04 Times Seen2 Hash 926ce977b9ccf22e0c961200d9bff284 2c7de5e4951ae28e6465522f312e5ec1c5675c0e 8f257706de139f1de81a237c0f5c9fa32774b73275a9844a3bbbd4dd149829f1 Loading...

	www.simsdom.com/js/hey-global.v1635116895.js	96 kB	2023-05-18	2023-05-29
Pretty URL www.simsdom.com/js/hey-global.v1635116895.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 19:21:58 Last Seen2023-05-29 10:35:04 Times Seen3 Hash 14015ab8782af15914d6dac596e2085a bf7d9eb83270f74e2200f83e759d4b75392d6b9a 0184c0dea4059b52f0f426287864ec83dedce02d29ce24b84171d1524c7b02c8 Loading...

	www.simsdom.com/js/hey-texts.v1634690565.js	15 kB	2023-05-18	2023-05-29
Pretty URL www.simsdom.com/js/hey-texts.v1634690565.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 19:21:58 Last Seen2023-05-29 10:35:04 Times Seen4 Hash 70f74e63c6fb8d5c89642b74ddcb4b13 372abd477a2e7328d501ed82a388f64679b513fb 1acca73104d344f7f8d1e1e51143df5c1c7608a4dbe838fb073686f081802e26 Loading...

	www.simsdom.com/	170 B	2023-03-08	2023-05-29
Pretty URL www.simsdom.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 23:18:23 Last Seen2023-05-29 10:35:04 Times Seen4 Hash 6f757869dfbf2bd758d978d6a5fd475f 43b879f2264c884def7ae7bb0309d6e854b2fca3 2c2e59adfa8266523b6dff1020c611c4b8633272bcfda82cef4a308cc66b02f5 Loading...

	www.simsdom.com/	62 kB	2023-03-08	2023-05-29
Pretty URL www.simsdom.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 23:18:23 Last Seen2023-05-29 10:35:04 Times Seen4 Hash d3a7c5fb66f2b374a5800fc01a7fe585 3e994e357cda50bfa2baad39bf0a3d93a2a59d88 ebdad8cfca2889b10308129d0a742d45bfe1be6a21502729e3b56eff46befd31 Loading...

	www.simsdom.com/js/hey-terms-EN_v1634866234000.js	0 B	2023-03-07	2024-04-27
Pretty URL www.simsdom.com/js/hey-terms-EN_v1634866234000.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:47:51 Times Seen37109335 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	eehuzaih.com/401/4970025	84 kB	2023-05-29	2023-05-29
Pretty URL eehuzaih.com/401/4970025 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-29 10:35:04 Last Seen2023-05-29 10:35:04 Times Seen2 Hash 12816353a57056bb915786bbd96396e0 4ae06bc28d618aad59b5a1bd668a73e56e7cfa3b ebc921f4e3f596e8df87d73b9595974b11591e88efa2f32c5fcbc085dcc24066 Loading...

	www.simsdom.com/	237 B	2023-03-08	2023-05-29
Pretty URL www.simsdom.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 23:18:23 Last Seen2023-05-29 10:35:04 Times Seen4 Hash a24d8256bc5569ff626da7e73be2f604 05bc1656165722525b8b57849ee483adee7f7e5a 5126ee818c0cd36fccfaa5178e13124a3effbd69954eede6b24e18b3a85a2e56 Loading...

	www.simsdom.com/js/hey-jquery.v1604383930.js	96 kB	2023-03-08	2023-05-29
Pretty URL www.simsdom.com/js/hey-jquery.v1604383930.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:18:23 Last Seen2023-05-29 10:35:04 Times Seen7 Hash 49991ee5a27912a10469ed849e5f935e 045802103f3d73070fcfc401fb6be8e1780c859a a2c39cdf75063a9fe61b7f4403144e0f5b12475156f78d6b5417b2fbf5e84a19 Loading...

	unknown	104 kB	2023-05-11	2023-05-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 16:55:15 Last Seen2023-05-29 10:35:04 Times Seen2085 Hash 3fbd784e005c26cd47a9a0bc9de49991 9eb40374ae3e34fba59f1f60155e92e387168ac0 471bf3191e1a6f939242c6a656785956d48d33688b2387718869997debafc9e4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-27 01:51:29 Times Seen2164 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

HTTP Transactions (80)

URL IP Response Size

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4195d3f97e59fc4f34d523d0195d8d0b
244cd9dd441c530c8e03405819eb759e95f25cb0
1fc6101023c68883ddf2cb7eb133e96a3e3cf96d7657223e38621f9fc9a7653d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 08:34:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4195d3f97e59fc4f34d523d0195d8d0b
244cd9dd441c530c8e03405819eb759e95f25cb0
1fc6101023c68883ddf2cb7eb133e96a3e3cf96d7657223e38621f9fc9a7653d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 08:34:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4195d3f97e59fc4f34d523d0195d8d0b
244cd9dd441c530c8e03405819eb759e95f25cb0
1fc6101023c68883ddf2cb7eb133e96a3e3cf96d7657223e38621f9fc9a7653d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 08:34:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e75b43e8a7beaf5ded692008749eb5b0
5f96a142b29fc6ca88b33a9cb5c2c5b4b95b8635
a100d74db29961c793a7254e52dd854c8f85761876369b45073d911be95bab3a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 08:34:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.simsdom.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 11:49:35 GMT
expires: Fri, 24 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 333908
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:500|Squada+One&display=swap

142.250.74.106

200 OK

49 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:500|Squada+One&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.simsdom.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
gzip compressed data, max compression\012- data
Size
49 kB (49021 bytes)
Hash
b81e1a3ca338a71b0f7969c475aad210
4fda8a224d75e94e237893fdaa36fda224372f63
81ccdbc26043ef0da8a3f2042d6b0ec38fdf1052a853bf12c900384a13caad58

HTTP Headers

GET /css?family=Roboto:500|Squada+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 29 May 2023 08:34:43 GMT
date: Mon, 29 May 2023 08:34:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.simsdom.com/css/hey-fonts.v1634547292.css

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
www.simsdom.com/css/hey-fonts.v1634547292.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (4714), with no line terminators
Size
1.4 kB (1380 bytes)
Hash
7644563af19b5cbcca01209c73bb97f0
bee4736be615aa6f0bc750f8e62a7e8261fd1a30
86b33787e31c55a38e8d4581f00f5f3f6da528bfffa5d81431b707cbe7a45b42

HTTP Headers

GET /css/hey-fonts.v1634547292.css HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: text/css
cf-bgj: minify
etag: W/"6176ab49-126a"
last-modified: Mon, 25 Oct 2021 13:04:09 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0iUfByFIC%2FPvg549%2Bl6dD46soucCZAq5ir%2Bl%2Bu5hB9Y52yDieAROywdAW0nI6xuwL2%2F4Mr6m1YbCCkHUY40HTyIC6KdV2hKRhCYmTbJyshgSKHJkabBx1Ii%2BUefLKUSue4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665dbb22b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.simsdom.com/font/icomoon-simsdom19.woff?v2110090348

188.114.97.1

200 OK

15 kB

URL GET HTTP/3
www.simsdom.com/font/icomoon-simsdom19.woff?v2110090348
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 14804, version 1.0\012- data
Size
15 kB (14804 bytes)
Hash
8a1e095a187a2c3a4ce620654320cf8c
344e9b64b33ac2c220835b95d991d3cc6692a78c
7983da28fa1d7e329f18077fc4cf7fe6abadc7deb78cbe0d2ea409e714fbf7e5

HTTP Headers

GET /font/icomoon-simsdom19.woff?v2110090348 HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/css/hey-fonts.v1634547292.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: font/woff
content-length: 14804
last-modified: Thu, 07 Oct 2021 12:20:59 GMT
etag: "39d4-5cdc24b95a0c0"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9TkBIO%2Bk0y8w9kD3o%2BpjnGpaRojvykLkdPBMpY5FFQcANjUSR%2BtO0qQMpKBe2oO8XPpJ3swTY%2BuBIzcEQrwVAOpHo28ZG5mn8zPPmkOLesbu1yPA3WTxQUAAmHw1yLNpHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665f3cfbb50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/site/2006202135/_dark/logo21-halloween.png

188.114.97.1

200 OK

25 kB

URL GET HTTP/3
www.simsdom.com/site/2006202135/_dark/logo21-halloween.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 606 x 195, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24647 bytes)
Hash
e2aa5f7d26bc88c2a268b82c6bd9cdd8
2d5e7d447e936f0a5f1aa0242a45073da03933b1
47877848fd686d12dfcda2698a0b72a7dfbb931e32728d9af068cda383168988

HTTP Headers

GET /site/2006202135/_dark/logo21-halloween.png HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: image/png
content-length: 24647
last-modified: Thu, 28 Oct 2021 09:10:35 GMT
etag: "617a690b-6047"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wD65fZNW7AZDX%2F0CAz7EotimZccv8t2sjTLIzqEczxWR05o%2FrGmNZwyap7HJkKnAfL%2BaHW4nLAKy9U1AHAso7pR3i7ugLEilnA5rfe2V%2FSCtu1o8HvsWqwugbfrg5QqpLKU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66604e45b50f-OSL
alt-svc: h3=":443"; ma=86400

yonhelioliskor.com/zone?pub=0&zone_id=4621931&is_mobile=false&domain=www.simsdom.com&var=&ymid=&var_3=

139.45.197.251

200 OK

880 B

URL GET HTTP/2
yonhelioliskor.com/zone?pub=0&zone_id=4621931&is_mobile=false&domain=www.simsdom.com&var=&ymid=&var_3=
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectyonhelioliskor.com
Fingerprint77:04:F0:44:6A:64:12:4C:33:16:17:89:03:D0:78:3C:43:77:C3:F1
ValidityMon, 27 Mar 2023 05:10:41 GMT - Sun, 25 Jun 2023 05:10:40 GMT

File type
JSON data\012- , ASCII text, with very long lines (879)
Size
880 B (880 bytes)
Hash
19de92f8821be273b49e2ed851eba28c
2ce3d0d9996be8137d1f5be75a06fdcb96d63c55
633a0e22bcd430aeb5ab074c29296db84857048e4af527a1b9e8da7afe0a9607

HTTP Headers

GET /zone?pub=0&zone_id=4621931&is_mobile=false&domain=www.simsdom.com&var=&ymid=&var_3= HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 85d06a0709ca73c0644fec332a4a9afa
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

simsdom.com/

104.21.72.227

301 Moved Permanently

39 kB

URL User Request GET HTTP/2
simsdom.com/
IP
104.21.72.227:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
data
Size
39 kB (38878 bytes)
Hash
23468afea35baf3b1ab50fce599ab4f1
d4b61e5e8954b7033e09c77835146b0f08a693cb
5db1a5ef62b9f4275aacd596020e15950af94411a6e10937321c518a5471d704

HTTP Headers

GET / HTTP/1.1
Host: simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Mon, 29 May 2023 08:34:43 GMT
content-type: text/html; charset=UTF-8
location: https://www.simsdom.com/
x-powered-by: PHP/7.2.24
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlLOlwfr61gblwxq3lvElmEFwgN19j8LD2%2FNQ3e6RG6PN0pi%2BXw6pexOxD72APztoZEuEaUGzAz3qE5urQivK0gs%2BvJ62Q8fb%2B7qRyGY9HxsDzGnQzgYckz05khKxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ced665ae995b50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.simsdom.com/downloads/funcoes/carregar-destaques.php?g=62&p=3003230&q=60&v1=2109202043&v2=2103310646

188.114.97.1

200 OK

0 B

URL GET HTTP/3
www.simsdom.com/downloads/funcoes/carregar-destaques.php?g=62&p=3003230&q=60&v1=2109202043&v2=2103310646
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /downloads/funcoes/carregar-destaques.php?g=62&p=3003230&q=60&v1=2109202043&v2=2103310646 HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: text/json; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.2.24
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJsOesZt83BIzZlTqFbBw%2F6QOVwEYjYK5dEdWLwTYaAZIRrBTIVTRUFY8dfKSn%2BNdu2xFSN9yCTEyQbE6ZM%2BS%2BT7VJGIYwFxAdD%2Fe5XYZiPZcR2SoemwN2CJ3rEPysoOZFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ced6661c83fb50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/10/24/f6bd55703be919b64f61a1f0925f1139-gnd.jpg

188.114.97.1

200 OK

165 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/24/f6bd55703be919b64f61a1f0925f1139-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
165 kB (165152 bytes)
Hash
620622bc93f5a573ab48787a58d247e6
edb1b266c553c1cad6f2db37aa5431dfb6d2c30e
4c3360c6c4673d39d942e76e7d10301bd1ef689dcfc92f7032053a09e9e8c148

HTTP Headers

GET /download/24051850/2021/10/24/f6bd55703be919b64f61a1f0925f1139-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 165152
last-modified: Mon, 25 Oct 2021 13:04:17 GMT
etag: "6176ab51-28520"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5806
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4NgHhm1C26k8v%2FWvdDRaDkw%2BSg8W6z%2FpadJdd%2BkhRCLZw5aRW9tWHqJ0x9azLckldp70HYVx2GmaXtfSMt03d1FRMQbngE4u%2BH%2FxB1%2Fi%2Fk7wgTeONjH4WFmYdZFO25urKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced666238edb50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/10/24/b068899bffb1f2aade0a8aa17fb1b757-gnd.jpg

188.114.97.1

200 OK

227 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/24/b068899bffb1f2aade0a8aa17fb1b757-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
227 kB (227232 bytes)
Hash
f0d631c5df41778b1130c25d9a4340cd
07cad0b23045cd1b6ccce6e28fb9fa466c96525b
e77717feac91874e94cf812e941a6b4ab9fa65f63cb656a14ec77e7b7c87caac

HTTP Headers

GET /download/24051850/2021/10/24/b068899bffb1f2aade0a8aa17fb1b757-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 227232
last-modified: Mon, 25 Oct 2021 13:04:19 GMT
etag: "6176ab53-377a0"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5806
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcuwP0cxlbBmdzd4hn5TniTkWwaVcjxuiCywlAl7kTpIvnlBm7dCtjDNaoXPhoWCQ2euZADOAiXfZSLjpSEn5Xl1ECYOSCJD25Vfw1bMY8zYIMU9f%2F0rqm1Kw3naryY2Sps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced666248fdb50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/10/24/6f447cc116f20a2a4301e81430748696-gnd.jpg

188.114.97.1

200 OK

284 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/24/6f447cc116f20a2a4301e81430748696-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
284 kB (283513 bytes)
Hash
92d46765b98fc1c80ef7d9340730407a
e8b48371d941296ecb399e7a6e9748bb65b5af1c
f2256fd8018c681d471164b96de0afcaa837333cdbc8969db99834890f98d7e6

HTTP Headers

GET /download/24051850/2021/10/24/6f447cc116f20a2a4301e81430748696-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 283513
last-modified: Mon, 25 Oct 2021 13:04:21 GMT
etag: "6176ab55-45379"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5807
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwoZGhUELBOqfyBt4HpPTTVUB7XYPMkL2X2S5xI7xL5Uq%2Bwqbnt6Ug7O%2BNwnwaLHkjV4P9%2FH7H%2BqiejAjxu2oXWmNc8%2FgOHBCPf23pBjQv6SXxuc6C26DwDNFfrnJYMXL50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66624900b50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/10/24/96a07f885353fbc330d41fe4f9c82211-gnd.jpg

188.114.97.1

200 OK

441 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/24/96a07f885353fbc330d41fe4f9c82211-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
441 kB (441339 bytes)
Hash
168529adc9259cb24fc5dfe2b75cea30
827791b3c6a61b354e08f3228bb5ce6aa0bd1470
f08df9ef3e94c4551639c364991347ce7bd173071df1d8b2eef4579a40d944cc

HTTP Headers

GET /download/24051850/2021/10/24/96a07f885353fbc330d41fe4f9c82211-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 441339
last-modified: Mon, 25 Oct 2021 13:04:24 GMT
etag: "6176ab58-6bbfb"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5806
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckegOoqVX7BFTHQ14nsXtOrkdY6FXJW7LIft6RNI%2F7LjJGZ%2BwhVFluJiPlbdYWBUJkbkBjpAlTIECFMMQXLnzjhaPjlBuawkJ5EHsl5XmfwwPN1QGR2TQbmScV0U2hh9UXs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6662590eb50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/10/24/e82f158489d751aaad017cbc28d8ca73-gnd.jpg

188.114.97.1

200 OK

156 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/24/e82f158489d751aaad017cbc28d8ca73-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
156 kB (155567 bytes)
Hash
d9d0fd459ab782ab8dc353793cb0a1d9
25939f07c12681ffb0794946559aa314b119f5a7
7aa18080a705f7a1267ffad45403ee4d2fed9cb48c4eb2e6668286dcc8749906

HTTP Headers

GET /download/24051850/2021/10/24/e82f158489d751aaad017cbc28d8ca73-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 155567
last-modified: Mon, 25 Oct 2021 13:04:26 GMT
etag: "6176ab5a-25faf"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5806
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkQCYpULi1r%2BXrCY%2Fq4h49IB6fmqoMMH8vvOZX2b9q2gqPBxasy8kmoXoQhVv7z4nruyEu0YUe%2FNFKysox11qJyl0j8MUntGEUIG06g%2BDhz8LVPRCwZuMd6omxDp%2B8OxfXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6662590db50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/10/18/d30b6d24de0919bf86b6f838720ba1b7-gnd.jpg

188.114.97.1

200 OK

152 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/18/d30b6d24de0919bf86b6f838720ba1b7-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x450, components 3\012- data
Size
152 kB (151854 bytes)
Hash
8a64896307e2b4cd1713ebe978c40fee
9488daecec8b090fcd7e188e782f8ce76686d774
18c9bccbc3d840e2931635beb3117fb52906faa00f196895090804026f9e1f6e

HTTP Headers

GET /download/24051850/2021/10/18/d30b6d24de0919bf86b6f838720ba1b7-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 151854
last-modified: Mon, 25 Oct 2021 13:04:28 GMT
etag: "6176ab5c-2512e"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNuQ5Ue1fhR60%2FnvJ%2B4eA5LgJZ5z5VFF0ewjJH0E3edYGF3hS5n1BdwCBdVkBnd3Brb56jfWOVHprZPOt8e11%2BH88HDbwUM7FmN2%2FcR%2BJ4yFgfGlGuVQGbvpAhToc6bdsWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6662692bb50f-OSL
alt-svc: h3=":443"; ma=86400

tzegilo.com/stattag.js

104.21.0.191

200 OK

37 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.0.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.tzegilo.com
FingerprintDF:12:8C:B5:F2:22:D6:BE:72:F3:C6:9A:FA:DD:9E:1F:4E:58:63:1E
ValidityTue, 11 Apr 2023 10:11:54 GMT - Mon, 10 Jul 2023 10:11:53 GMT

File type
ASCII text, with very long lines (17479), with no line terminators
Size
37 kB (37026 bytes)
Hash
dd2f9f2bb1e1c74b905556d0a7bc5545
0c831c8c56da8167b9e2dfd1d3eb3288348da85d
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:59 GMT
etag: W/"646736cf-4447"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4087
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak5J8v2dJ3Yj0dOO%2Btl1mYm%2Bc3g9Lg61II%2BVo4rgy8QTqGd54nfZ4HErQ9d5%2BDTebP3VeuFAL7qzZkvRWYPg4xyxOGqQpCLDwpIimdSHynehdwXGj6I3umfCcZr%2Bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6661c9f90b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a450f53210ba1c053c5a4893c9e71c57
3d778e245fc7572e7d5198f3d8ba3aa951a30684
e951d9d88cbd91de7866d2d66ee7487408082844501abdc9a7f174409cba2521

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 May 2023 08:34:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 03:49:40 GMT
Expires: Sun, 04 Jun 2023 03:49:39 GMT
Etag: "3d778e245fc7572e7d5198f3d8ba3aa951a30684"
Cache-Control: max-age=502235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ced66641a2db509-OSL

www.simsdom.com/download/24051850/2021/10/20/2a7132a7daf45189ce761ba7805620d3-gnd.jpg

188.114.97.1

200 OK

224 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/20/2a7132a7daf45189ce761ba7805620d3-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
224 kB (223647 bytes)
Hash
479ffb79f42732a85faf67b4fd351716
537135a761fe0df0e9236fda265cff6fde1d2e49
8694de4203b1bd80a19fb61c8d6d0d866b63ab9a324a97e8cacb1ddab4d88a40

HTTP Headers

GET /download/24051850/2021/10/20/2a7132a7daf45189ce761ba7805620d3-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 223647
last-modified: Mon, 25 Oct 2021 13:06:26 GMT
etag: "6176abd2-3699f"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyX8cfch9zDm47ODoAhZM1quW9xRwtwyCFl6pjRyacmuuDwpZd6ZbNVsHWwhpPxju4SbSzBtMdbYfP07i%2FqORIcIJlY06h1MJivJXQqAAM4OicLzhLh4f18ZHCp82CO6NyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66646c03b50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/10/20/0a34967b2df0c333741e1b88a41b0b20-gnd.jpg

188.114.97.1

200 OK

371 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/20/0a34967b2df0c333741e1b88a41b0b20-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
371 kB (370900 bytes)
Hash
7e98046dbf4b5ad1819f9025b1eae30e
9e04f7169b730704c6e68e6eeaae97123187c274
459d6e1045f04ac1e2b6014132ad905ba8b9466d93213164db441c1a52cd61a7

HTTP Headers

GET /download/24051850/2021/10/20/0a34967b2df0c333741e1b88a41b0b20-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 370900
last-modified: Mon, 25 Oct 2021 13:06:29 GMT
etag: "6176abd5-5a8d4"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JA0hv4BBTR3bZVuaCZ2nS4A9GdFPhjFtr6tttkvlXpOgIujnlI8MbEoIiA511p%2FaO8QMJ9EIBw057VzOztW2%2F5O4S2se490zTcSrTzBhCCe%2Bm17TjYtQLnbF1ffwzsIjUgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66646c08b50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/06/19/2118492c525e5b4a5e47d7650d1791e2-gnd.jpg

188.114.97.1

200 OK

216 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/06/19/2118492c525e5b4a5e47d7650d1791e2-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
216 kB (216511 bytes)
Hash
459019618b67f16c9825b1607b64a255
f7b2f074a85148ea7212d99a9187ee6a25078de2
ea1e10d3efc88a709c453d36e6ce50e8708c64f0616a91f8c965950a5f47e062

HTTP Headers

GET /download/24051850/2021/06/19/2118492c525e5b4a5e47d7650d1791e2-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 216511
last-modified: Mon, 25 Oct 2021 13:04:32 GMT
etag: "6176ab60-34dbf"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wM2ztnH95TnN67a%2ByMG7cQP%2F%2FdJC6j5PWzTKle1QvVwJ3s86kD63wNOHBcb4J77P2r5svFCEyrmIZ8A65QsaoQfZGnQDcsRnnD3svOBMNR2fv2929R7ZMTbSe0HBOlzQ0%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66646c0ab50f-OSL
alt-svc: h3=":443"; ma=86400

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1605
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 29 May 2023 08:35:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.simsdom.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

www.simsdom.com/download/24051850/2021/07/09/989cf839fd9d808ace99cab31dba07e2-gnd.jpg

188.114.97.1

200 OK

218 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/07/09/989cf839fd9d808ace99cab31dba07e2-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
218 kB (218318 bytes)
Hash
c533d254c9b975525aaf109ed3e90332
48326578289c9f45d9e327666a3b8ed532cfe245
cffe11bdc43c7b52134f1570a320bef4ee182480907fe7f7e985fc0052791034

HTTP Headers

GET /download/24051850/2021/07/09/989cf839fd9d808ace99cab31dba07e2-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 218318
last-modified: Mon, 25 Oct 2021 13:04:30 GMT
etag: "6176ab5e-354ce"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmNEQrOkxjHEnLtcTmicNdp6Uin2HxEhh5RgAVBRcFcYTbH90gdednJTH5v9INptGN7KlFtOYHOFmIeWL8b1TNXNXGmqCxTqrAPkOi6KVGIuZcJ8iSBWk2wnTz1V%2BIe57sw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66646c05b50f-OSL
alt-svc: h3=":443"; ma=86400

cdn.itskiddien.club/apu.php?zoneid=5632163

139.45.197.236

200 OK

30 kB

URL GET HTTP/2
cdn.itskiddien.club/apu.php?zoneid=5632163
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
Fingerprint05:B4:FA:98:FF:39:CF:99:9F:C4:7F:BF:97:01:52:34:66:25:30:6E
ValidityWed, 22 Mar 2023 00:04:59 GMT - Tue, 20 Jun 2023 00:04:58 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
30 kB (29739 bytes)
Hash
f463543376a46f3466e1169b34b3dab5
3db8dbe6cd67c7f147d490b3bf2ab0ac970e1505
ce7adc9bbbbcc58c1b57bdafc7094391bef95524eb86631010352e48a0080df9

HTTP Headers

GET /apu.php?zoneid=5632163 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:44 GMT
content-type: application/javascript
x-trace-id: 874ee9020e0e08dfeca3025181961e31
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0dc1f6413e4e41c995d176dbde514bf3; expires=Tue, 28 May 2024 08:34:44 GMT; path=/; secure; SameSite=None
oaidts=1685349284; expires=Tue, 28 May 2024 08:34:44 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

www.simsdom.com/download/24051850/2021/10/20/c26e1ddf91b762d48d5911db48d46652-gnd.jpg

188.114.97.1

200 OK

278 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/10/20/c26e1ddf91b762d48d5911db48d46652-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
278 kB (278111 bytes)
Hash
fa2cb8f78b4cef5b2eb5cd94b41c7e3a
92f2c2b2dab1a853dc9585bc41d06a95cfaf2174
e36f0800431a2b7aa5c0bd23dec2acd5ee551d6395f8b2c6f983ec768c48d74a

HTTP Headers

GET /download/24051850/2021/10/20/c26e1ddf91b762d48d5911db48d46652-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 278111
last-modified: Mon, 25 Oct 2021 13:06:14 GMT
etag: "6176abc6-43e5f"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9UEpeDoXKQ7Zr2yljKCkOAurFVNGjWOkv95jjPG3wtKO9WsG2S8ZlkvleT5yDp9CSp4rRzTfxnhSxG7irz%2FI%2BTZC0GF2uSqZZXIKZdmmI%2FgTuVjLdgSBBEIjOFxGpiOF2w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66646c0bb50f-OSL
alt-svc: h3=":443"; ma=86400

www.simsdom.com/js/hey-scripts.v1607309368.js

188.114.97.1

200 OK

367 kB

URL GET HTTP/3
www.simsdom.com/js/hey-scripts.v1607309368.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (64636)
Size
367 kB (366560 bytes)
Hash
7fc3c1e789cded02e1c9a2842e554740
bed2fdadc2f385cbd1bf5ffab0066c81e7d6fcba
0c5db9fb65f51d2508104c3585bd1982960ae6313cc22a5d5b399812f534fe4e

HTTP Headers

GET /js/hey-scripts.v1607309368.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63d57e9e-490f4"
last-modified: Sat, 28 Jan 2023 19:59:26 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1c7hvIPoi%2BxRoFeZL3FhARSLfmZ6uZaQ82d27sBNa9l%2FQrwFwtWYeNlvnGdcdZC8M3kdLC4YNvFROZOdk7vjuxqG%2F7Lz%2BndtCkypracCdoa%2F1MgM2SqoFv1lOF0wQ270w0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665ddb34b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

yonhelioliskor.com/custom

139.45.197.251

200 OK

0 B

URL POST HTTP/2
yonhelioliskor.com/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectyonhelioliskor.com
Fingerprint77:04:F0:44:6A:64:12:4C:33:16:17:89:03:D0:78:3C:43:77:C3:F1
ValidityMon, 27 Mar 2023 05:10:41 GMT - Sun, 25 Jun 2023 05:10:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.simsdom.com/
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

yonhelioliskor.com/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
yonhelioliskor.com/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectyonhelioliskor.com
Fingerprint77:04:F0:44:6A:64:12:4C:33:16:17:89:03:D0:78:3C:43:77:C3:F1
ValidityMon, 27 Mar 2023 05:10:41 GMT - Sun, 25 Jun 2023 05:10:40 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
Content-Type: application/json
Content-Length: 367
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7592deea7671c55e62d81f66af6a2e5a
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.simsdom.com/js/hey-vars.v1635116895.js

188.114.97.1

200 OK

2.3 kB

URL GET HTTP/3
www.simsdom.com/js/hey-vars.v1635116895.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (4505), with no line terminators
Size
2.3 kB (2266 bytes)
Hash
fd383d8d8033d023fb7d866b579a3818
4b9e94ab814678c9d5c2c6f78e570a02bd2e78ac
e5353e5d5d9e2c45d02575d6765db93ac2375ff7765e98a3b528683f892d772c

HTTP Headers

GET /js/hey-vars.v1635116895.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63d57e9e-1199"
last-modified: Sat, 28 Jan 2023 19:59:26 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyTYT8X9Bwpu1wrs6ZI35gUeapDCR5tyF64Nmmi%2BE4qGgAjlPOl430jUOw8vZMS8qN6tvuXUBe%2Ff5IMd8pdgAiAUDly30BnM9QOeME1hFYe3c9TGU%2FypFNhlqdUGljkEvlY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665ddb3eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.simsdom.com/js/hey-texts.v1634690565.js

188.114.97.1

200 OK

5.2 kB

URL GET HTTP/3
www.simsdom.com/js/hey-texts.v1634690565.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15286), with no line terminators
Size
5.2 kB (5232 bytes)
Hash
70f74e63c6fb8d5c89642b74ddcb4b13
372abd477a2e7328d501ed82a388f64679b513fb
1acca73104d344f7f8d1e1e51143df5c1c7608a4dbe838fb073686f081802e26

HTTP Headers

GET /js/hey-texts.v1634690565.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63d57e9e-3bd9"
last-modified: Sat, 28 Jan 2023 19:59:26 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2B1fEoZ38LB2WuJYxcTJHfua5rvLFv6ZhUXJe1uRq2AP36vX30dBWxdztBLVicDmqCi2tMKwxiTNeFrI76ANMud7lcFlap41MsIC%2BkHzEd7%2Fkxaek7TSwHre3BpeN7wFcvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665ddb3bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.simsdom.com/js/hey-global.v1635116895.js

188.114.97.1

200 OK

25 kB

URL GET HTTP/3
www.simsdom.com/js/hey-global.v1635116895.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2704)
Size
25 kB (25331 bytes)
Hash
78bd4b9583ee76761511498d737e814a
e7eb120d88917b37c55428082853c43d699bf00a
b274cbd590cbbe76f336a158d3e5e0cbd2cdaabf8a2ec2103cc54bc063e1f041

HTTP Headers

GET /js/hey-global.v1635116895.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63d57e9e-177a8"
last-modified: Sat, 28 Jan 2023 19:59:26 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HYgeI8v6hmm2WQak2XDZvamPq2gWgKpWY7u0k9EpXlTweg7o%2BdAxvNKxfCmbA6ZHD2SVrwXQNkfmts7zzDGvFby6o8BDExlqA2lljyUVUX19jOFHHa%2FPH0wm1aOR40LMqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665ddb39b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.simsdom.com/
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

yonhelioliskor.com/event

139.45.197.251

200 OK

94 B

URL POST HTTP/2
yonhelioliskor.com/event
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectyonhelioliskor.com
Fingerprint77:04:F0:44:6A:64:12:4C:33:16:17:89:03:D0:78:3C:43:77:C3:F1
ValidityMon, 27 Mar 2023 05:10:41 GMT - Sun, 25 Jun 2023 05:10:40 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
910b9263e22f9469152a54a53995851f
3fc1370a6e42f03e8e109bd5ebb60aaedb8bc8a0
9706e9178acc52cdba919d465a3919c46f1703e59f3905b6cbe53ce50ae2c2f8

HTTP Headers

POST /event HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
Content-Type: application/json
Content-Length: 1678
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: cd08e0465faca9235c49d62e737216ed
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
70552b0e7d06889f93ad38ca6f8c04ff
d832b6b74cdec6ca02ab01290d7617b090f812ae
95cf384b7fe729d72a6b6121a318193776bc0c3665f8cc74fdc5fb9eb1a1091a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
Content-Type: application/json
Content-Length: 481
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: e9d35c9b976e6d44029407336ce80e2d
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

eehuzaih.com/500/4970025?excludes=&oaid=0dc1f6413e4e41c995d176dbde514bf3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=function%20length(e)%0A%7Balert(%24(e).length)%3B%7D&pl=https%3A%2F%2Fwww.simsdom.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL GET HTTP/2
eehuzaih.com/500/4970025?excludes=&oaid=0dc1f6413e4e41c995d176dbde514bf3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=function%20length(e)%0A%7Balert(%24(e).length)%3B%7D&pl=https%3A%2F%2Fwww.simsdom.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
Fingerprint0C:95:CF:7F:50:49:02:29:69:84:63:C3:C8:1A:F1:21:6E:FF:7F:94
ValidityTue, 21 Mar 2023 04:41:12 GMT - Mon, 19 Jun 2023 04:41:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/4970025?excludes=&oaid=0dc1f6413e4e41c995d176dbde514bf3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=function%20length(e)%0A%7Balert(%24(e).length)%3B%7D&pl=https%3A%2F%2Fwww.simsdom.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.simsdom.com/
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.simsdom.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

optyruntchan.com/500/4674982?excludes=&oaid=0dc1f6413e4e41c995d176dbde514bf3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=function%20length(e)%0A%7Balert(%24(e).length)%3B%7D&pl=https%3A%2F%2Fwww.simsdom.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL OPTIONS HTTP/2
optyruntchan.com/500/4674982?excludes=&oaid=0dc1f6413e4e41c995d176dbde514bf3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=function%20length(e)%0A%7Balert(%24(e).length)%3B%7D&pl=https%3A%2F%2Fwww.simsdom.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectoptyruntchan.com
FingerprintF9:7C:18:C1:3D:2E:10:99:CB:06:41:CD:80:6B:3D:0D:CC:C9:3F:C0
ValidityWed, 05 Apr 2023 08:27:01 GMT - Tue, 04 Jul 2023 08:27:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/4674982?excludes=&oaid=0dc1f6413e4e41c995d176dbde514bf3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=function%20length(e)%0A%7Balert(%24(e).length)%3B%7D&pl=https%3A%2F%2Fwww.simsdom.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: optyruntchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.simsdom.com/
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.simsdom.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=58b60171451742629f4c276adafb4257&zoneId=4621931&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?pub=0&userId=58b60171451742629f4c276adafb4257&zoneId=4621931&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
ec852fc342cc2ef98aeb10a3f59da347
9a5a1dfd9dd762ddba01df5c46f990e1af27f166
87d2d9d736916473d6a2d9454e47d0c3e356c683b6deac786a5828b765872e91

HTTP Headers

GET /gid.js?pub=0&userId=58b60171451742629f4c276adafb4257&zoneId=4621931&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Cookie: ID=0dc1f6413e4e41c995d176dbde514bf3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.simsdom.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0dc1f6413e4e41c995d176dbde514bf3; expires=Tue, 28 May 2024 08:34:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
a8ed86b768cea7cbe0641766db4d5200
13221a78721fef554e1b4d6c47b32e9140e359e2
db39c12638461c3c627027e224beed0158032a14c6eaf790128b1f7124d71d4d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
Content-Type: application/json
Content-Length: 481
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:45 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 311492337e2ecbabc4d188cbb9cc149f
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

yonhelioliskor.com/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
yonhelioliskor.com/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectyonhelioliskor.com
Fingerprint77:04:F0:44:6A:64:12:4C:33:16:17:89:03:D0:78:3C:43:77:C3:F1
ValidityMon, 27 Mar 2023 05:10:41 GMT - Sun, 25 Jun 2023 05:10:40 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
Content-Type: application/json
Content-Length: 731
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:48 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 27cb8c7734d4172a3c43fbf7bdcebff6
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.simsdom.com/css/hey.v1635116359.css

188.114.97.1

200 OK

148 kB

URL GET HTTP/3
www.simsdom.com/css/hey.v1635116359.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
148 kB (147534 bytes)
Hash
aae6ae62eeae6bc256326d0490733553
168ec2a391428eb69512f60ef187bd5612556f26
1b98deb2184a33071aeaa172dfc5c3d7ae132b8be84c2ef9fbdb68e99905be15

HTTP Headers

GET /css/hey.v1635116359.css HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: text/css
cf-bgj: minify
etag: W/"6176ab48-2404e"
last-modified: Mon, 25 Oct 2021 13:04:08 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZXS47hLI2PFL7QsbFXYf1RCpJibT0QEEmHZXr03lYpFvaZAFnr0Gc8gkhm0ZIt2ezYJoo6Uu%2BzeP9Hr140yl%2B3fV5A06416OlXEZF0JLceYT5zCNyiUHsNCRqybRvJDVs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665dbb21b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:44 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:43 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDkuk46qt7FDaned6YQ9ASIIbNxxQ8Od7XWOkWN%2FR4m2YmBlSbfv1SEs1Vr4lLhP9M9%2B9QyOkHY%2F2nNlVLHb6oifUvQD3trmvbuRKxKCygRgcDRkphFsKzhR%2BQxTiJaGQjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66654c11b4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:45 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:44 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfqJpVZPUsG4WQAB8Rr5rWG%2BqDXKfA30jxJQYmbUX2Or6DsvNlU7JXqQB9qReAE0MpP6mQmeoVf6reapJhuzcYhVjynRoZ8cdbRcfdE%2FOZhivDDUefQczXRJNpuPknmOhNE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66665dbfb4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:45 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:44 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BqTa%2FQxMJcGBax7Cbt%2B1sO1SCPpSf%2BfmmBetyukDIlk1%2BMXePYwHvx8bD8%2FUTctAxoINWh%2F0TniP7MMm3Xtjyt%2FxEZRgUTWs0oa6lKQxTv0Op3xXfyH9x6Iq7FtGym%2FQbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6669cad8b4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:46 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:45 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytIQltbI5SsC0%2F%2FvJQ9%2BMnWWR30S73Rd%2B%2B13EknWrUrH6KrY6B34aZC7EIP7f2orfmfI%2FE3FgE7FNHV1OtvzDMDM%2Ft6Cg1FpULtxTEdhcI4bYuxAOOU9EmjbpGLQMzuov%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced666e2a31b4ee-OSL
X-Firefox-Spdy: h2

s9.simstatic.com/wallpapers/2021/10/19/39fd0f5368e5376e3d9de50d01343238-preview.jpg

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s9.simstatic.com/wallpapers/2021/10/19/39fd0f5368e5376e3d9de50d01343238-preview.jpg
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wallpapers/2021/10/19/39fd0f5368e5376e3d9de50d01343238-preview.jpg HTTP/1.1
Host: s9.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:44 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:43 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giatWB4Xey0FrNfrkJvm53UbOWS%2B%2BD2a7V67B1Ffggnr4LhsU0jmcPX66Cy%2FYbVknglUjRKkB%2BHeYWw0Afx%2F0kB62y9eIIABkizgk50R%2BmLo2d5iAwQu2stR1GurJEzJoJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665f8b95b4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:44 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:43 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js9KXMkxHiRIF%2FsjeFFGy6xvIhj05fEhR9dqz%2Bc%2BCs3PMyvbB6FoxfcPqjbgsgIwpFnCxSmtecy1CdjnK%2B8FAa%2B4xQd951blIKgW7%2Fdxg1r%2BHeqSv7w2R7SFwYLP54vEAwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66642a13b4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:44 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:43 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPhaVW9vp3LXkIOYJQCeB3x%2FWSVrOkVzihlEyAVw24C0BUQVZLzhN9aM0EvdguPJ58mNsulBEKKv0gRmRwhcMzeMcy0zmgZ6x5Tcu66CayC3U5R6kUAttp9XvBa3e%2FvjZxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6661fecbb4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:45 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:45 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnnQCr0B1w7DdpdvyHgaCWQPxFf86X4Ytpfk5lQsar20deKHEqEosey7kB9mVftC1kXWvnX962VbZXe9AUFunz4rMrLgBl7T8DdNV4jAlwEr8EoW0Rhw7dAPCe4XprfEYds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced666beec6b4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:46 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:46 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeGZvpxr2RR9ZBHO%2Fd1lxft5pFPeHPYU5FoY%2FxF8k1bOfCmbIotGOfYWFyjRB9GFYAwhk%2BSZUQsKG2z0PafmHu2zZgaPxbXJCxaEhnRHyB0GJw7XgISGnELt8BS59Wo%2BqcU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66728882b4ee-OSL
X-Firefox-Spdy: h2

www.simsdom.com/js/hey-jquery.v1604383930.js

188.114.97.1

200 OK

96 kB

URL GET HTTP/3
www.simsdom.com/js/hey-jquery.v1604383930.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
96 kB (95778 bytes)
Hash
49991ee5a27912a10469ed849e5f935e
045802103f3d73070fcfc401fb6be8e1780c859a
a2c39cdf75063a9fe61b7f4403144e0f5b12475156f78d6b5417b2fbf5e84a19

HTTP Headers

GET /js/hey-jquery.v1604383930.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63d57e9e-17622"
last-modified: Sat, 28 Jan 2023 19:59:26 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbIf%2BTbE8ixC0soaaRz0WXsX5bQVCSin1sGZztJ%2BWo0pKQYAuNxfesCdqmhncQMMZXdYAZBZ9YPdos%2FpjJuy1O2VWZlD2EhzrgFFHansG5%2B6597vBYdOTDJ1PL8fKDJAEE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665ddb35b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.simsdom.com/js/hey-terms-EN_v1634866234000.js

188.114.97.1

200 OK

0 B

URL GET HTTP/3
www.simsdom.com/js/hey-terms-EN_v1634866234000.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/hey-terms-EN_v1634866234000.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.24
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3557
last-modified: Mon, 29 May 2023 07:35:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvu6MBRUO6PGOj%2BBDfLuvSZYbxihpwxgbxl7Uo2%2F%2BQ1L1SG2xkUzDJssl4Hd%2FsqvnVbp7PNDAojWEc%2Bztkm8mO1ymzX3vTRlM51ny%2FXcvBHHG1FkKmd10cpOf%2BdO4roRF2I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6660bee1b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.simsdom.com/css/hey-media.v1633759910.css

188.114.97.1

200 OK

86 B

URL GET HTTP/3
www.simsdom.com/css/hey-media.v1633759910.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
86 B (86 bytes)
Hash
c47c417934b5c4d4fa21d96170205a77
d1414ac9e69f6875dd974ce72d2fbd3a617fc7fd
1f65e244bc70e3a02e3f3a02a6d93dc52ae093c2e34b4fd608f256fe239622e5

HTTP Headers

GET /css/hey-media.v1633759910.css HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: text/css
cf-bgj: minify
etag: W/"6161f769-56"
last-modified: Sat, 09 Oct 2021 20:11:21 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S00IU23%2BhPJ%2FqK5%2B48gVDN4olLrOels3Wb4RCSTIWbmwC4be%2BYiIQpAdsaUwldAyEvo%2FeiZqLHLUaK%2FtA6IvbWlmprVs8r8pA3UaMarJlwvkiZAvRsYUGRnPK5dX%2FWdaYEw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665dcb28b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.simsdom.com/

188.114.97.1

200 OK

0 B

URL HEAD HTTP/3
www.simsdom.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.24
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4zVleiNJzPWjtR6vssjQ0RQsfAyoyl%2B81kkNmjUa9Evat3sc66Kn%2Fxp0vgjW86RUY7wYpsDWaMyk%2B8f67hRf21pgHMfDte5ce8nUgZmbRCPFZpz3j%2Bd6T1belMJIgxjzlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ced66604e41b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:47 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:46 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVUk46Zf2RvYbzyzo7SZnN7HcF%2BiJwMs8tIVita%2FveJ%2F%2BN7pE5VxV3Oj3QqX7m%2BpoguDh0SLZRarA9QuzLTqy0t4l0Zsrcrn6UzLUS3gx%2BYaTRbv8nGxwWGF8gKvKK8gc7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66770f0ab4ee-OSL
X-Firefox-Spdy: h2

www.simsdom.com/js/hey-carregou.v1635116895.js

188.114.97.1

200 OK

8.5 kB

URL GET HTTP/3
www.simsdom.com/js/hey-carregou.v1635116895.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (8902), with no line terminators
Size
8.5 kB (8502 bytes)
Hash
5408a3e938523bf86349bdbed481bd86
5d1636812c7aa32fb023e2423b312607c91fae45
846f55cafc3c27e71327eb3571d79bf966f377f58b63fe05159186471d8cff87

HTTP Headers

GET /js/hey-carregou.v1635116895.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63d57e9d-2136"
last-modified: Sat, 28 Jan 2023 19:59:25 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XD7hPMNuPJUgRxWloHrVPDUmnFdIrCPdgJ4SxnN9cL9%2Bk3ocOoKlPyBiOTfawmcguBXIqxdtNZML908%2F8BrZaurLjIFzvPQ6b1VfbMI6tBFQJux4qoE4CJW2MO0faNWcVj4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665ddb46b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:45 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:44 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONQR7uA7M%2BB1ofYDF09YTJtDTYfY4nEKkmX8To26ijDqqd8Z%2B7alBWoMBxTFwFh8Up%2FqdS9j1MZeTMRlKUiZq11DBouDTbCO%2BkjGvihxSz%2FnecOlvNiuYv8dlD%2FGrvEJhLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66677f80b4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:46 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:45 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pynXsdZiB8sZaKBF0Xho2Do9OeqDAtbr2UARq%2FvoHgGC2g1QkQ1vuHZoYD4vsWBDRRgrJVBMqj8mIUGPakORZwu854uI3v3WZOk8Xk5m6Sc%2FXflPkmnus%2Fd59%2FA7FdDN4as%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced666d088bb4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:47 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:46 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIx9IO1jnCBdbaGTbbSlfEdT%2Fb%2BjZAPWjel3OAju7mABdP6A68Si0QDeI13EIEqQJbYayEfRxISWgKLqG4wEICUeQNqOCrJ5JOmXtPHMylx848WiAUNgeLGQBa1HY01q7EI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6675dd43b4ee-OSL
X-Firefox-Spdy: h2

eehuzaih.com/401/4970025

139.45.197.237

200 OK

84 kB

URL GET HTTP/2
eehuzaih.com/401/4970025
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
Fingerprint0C:95:CF:7F:50:49:02:29:69:84:63:C3:C8:1A:F1:21:6E:FF:7F:94
ValidityTue, 21 Mar 2023 04:41:12 GMT - Mon, 19 Jun 2023 04:41:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (84071 bytes)
Hash
12816353a57056bb915786bbd96396e0
4ae06bc28d618aad59b5a1bd668a73e56e7cfa3b
ebc921f4e3f596e8df87d73b9595974b11591e88efa2f32c5fcbc085dcc24066

HTTP Headers

GET /401/4970025 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
x-trace-id: 0b2976e59bc7170809c9d6a3e996ebe1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=263eeeed830a47e986e3158673106e08; expires=Tue, 28 May 2024 08:34:43 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:45 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:44 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VL%2BSRXOilRNpMS2HxH%2FcamrYK3CEmtB%2Fctzrpa6STyjqkJqBhsI19RMAaGFeO1%2Bl9cB5NOT1jVjP0tGvsjOIU0JWxvRMDRSqakJGfDv9x3sXCtjpXsj2FWHKYts4GMrQaQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66689942b4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:47 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:47 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR%2FrszuJ0Lwd%2FZBTWr%2B3zJd0G2WQICMdy6yq5O6IHFB%2BYLDuvQL7Iri9%2FHEYsETZtyZQpIOAVQZMwC9gVq7%2BONWbRpofbX8ialIg%2B3CnScNBhm68oacQjd%2FA9aoKcotpqPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced667848b1b4ee-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.simsdom.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text
Size
12 kB (11712 bytes)
Hash
e5cbe15bc7254ef8b7ba3fd0fb7b96e4
8c6e0a466c69d83f7982fd4a721ad6484dbffd66
0daa95e10cbe117c2aae215e36592b06233b617a90be8a4ba2dd1c8cef766a80

HTTP Headers

GET /css?family=Open+Sans:400,600,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 29 May 2023 08:34:43 GMT
date: Mon, 29 May 2023 08:34:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.simsdom.com/js/hey.v1635116895.js

188.114.97.1

200 OK

155 kB

URL GET HTTP/3
www.simsdom.com/js/hey.v1635116895.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type

Size
155 kB (154798 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/hey.v1635116895.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=154912
etag: W/"63d57e9f-25d20"
last-modified: Sat, 28 Jan 2023 19:59:27 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Azp7s7Zy0MgOrOa%2Fe9W5bPKFjY5mC5o6lMM8C3KG9LYqGoX3smaDs8A9B85HqLcXB%2FIMV0ErCHXjVt%2BzFFz4NerIEnXjeTo6VcsZpqHVa%2BPjImvzQo8MzHqojs8jmtlhT0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced665ddb47b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.simsdom.com/download/24051850/2021/08/15/d5385c4cfe9020a993ef20b72feb4459-gnd.jpg

188.114.97.1

200 OK

245 kB

URL GET HTTP/3
www.simsdom.com/download/24051850/2021/08/15/d5385c4cfe9020a993ef20b72feb4459-gnd.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced\012- data
Size
245 kB (244659 bytes)
Hash
0723eed8e963926b7d04740cafef6438
ce0d81099623d79dd9c5f019e96d6a8b7fbbe2ec
5864e783ba316943a0a46570264763b04f7f954d2a204d5458a2cd5e9c9b9437

HTTP Headers

GET /download/24051850/2021/08/15/d5385c4cfe9020a993ef20b72feb4459-gnd.jpg HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/jpeg
content-length: 244659
last-modified: Mon, 25 Oct 2021 13:04:34 GMT
etag: "6176ab62-3bbb3"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzXdwTev0qML437yeHrGurD111CrkQ82SYelyDe%2FK6W4b3na0kdCFG2h8fvhS7Nxx5TRChPbSEwtYZPVI6JM4JnLsxe56pN3YwUxKwTDODTHoyfQSyuFQFbDnwtrNLiOAsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66646c0cb50f-OSL
alt-svc: h3=":443"; ma=86400

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:46 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:45 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lZlk3WNZRvPK5aQWB7xxnsV9Hixbewrmc1krP71HvD3imHCak1kOzuPtRWL1RQK%2Fq7EOaPAfgeAtQHRhVwAj1BSHZK5RdJTCHePUaKtoLPTgYjgA22uB8d5736QhayRS0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66705d9fb4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:46 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:45 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOKyXZt8WR6u1IEM%2BlELrmEymnNpJhyrIkXo%2FOryKyvoTZi78e3U7MKRkVAfcuM%2ByxBnPUiKu4AUYfKqKwb8JTzPZVSZ%2FurkQM8q2R%2FPRsIWIb5UubiUHkhx1OpFYJXrXss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66717f0db4ee-OSL
X-Firefox-Spdy: h2

optyruntchan.com/400/4674982

139.45.197.237

200 OK

83 kB

URL GET HTTP/2
optyruntchan.com/400/4674982
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectoptyruntchan.com
FingerprintF9:7C:18:C1:3D:2E:10:99:CB:06:41:CD:80:6B:3D:0D:CC:C9:3F:C0
ValidityWed, 05 Apr 2023 08:27:01 GMT - Tue, 04 Jul 2023 08:27:00 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
83 kB (83355 bytes)
Hash
926ce977b9ccf22e0c961200d9bff284
2c7de5e4951ae28e6465522f312e5ec1c5675c0e
8f257706de139f1de81a237c0f5c9fa32774b73275a9844a3bbbd4dd149829f1

HTTP Headers

GET /400/4674982 HTTP/1.1
Host: optyruntchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:44 GMT
content-type: application/javascript
x-trace-id: 8696d3a3019915d375cd89519b371423
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5c2e1f89a28a40848340a9a2d51b48e9; expires=Tue, 28 May 2024 08:34:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

www.simsdom.com/favicon.ico

188.114.97.1

200 OK

1.2 kB

URL GET HTTP/3
www.simsdom.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
b970d8461d56fb1fc648384504043a2c
1841b91a054708910e7756a0e943fd7e911fc106
aa6c9a31f6641fc2d3bef487d08710f41edc8e04e614236ff742ab3b30c40eab

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Cookie: cukiez=ok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:44 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 25 Oct 2021 15:04:21 GMT
etag: W/"47e-5cf2eacf90740"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 2331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E08mGrvy1DlnL4kQjn85rgC4nrgVnBSU%2F5IYKq3S9t8In7cg0JW8CqEoIlhgJZbr1XZDlgl3xgrshRUDOlGocx03l%2BC6InfEy0DrIztlSMmutG%2F7usIZfCYoNiV5gAahA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6665de34b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:47 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:46 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4vJmWINaOqfc8pR2%2FBgidrStACv57DLMJI03W9mRp4yH8j9YNA6YjymajOz7VnY7LLZKrJy8ewoc9UhZMnm1aiwMCFrv76%2Bq4stvATJaCha1IrwXZpPQES9oviOJFHNG8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6674bb91b4ee-OSL
X-Firefox-Spdy: h2

cdn.itskiddien.club/apu.php?zoneid=4806906

139.45.197.236

200 OK

77 kB

URL GET HTTP/2
cdn.itskiddien.club/apu.php?zoneid=4806906
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
Fingerprint05:B4:FA:98:FF:39:CF:99:9F:C4:7F:BF:97:01:52:34:66:25:30:6E
ValidityWed, 22 Mar 2023 00:04:59 GMT - Tue, 20 Jun 2023 00:04:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
77 kB (76866 bytes)
Hash
36290055d24da62edf39536134c05562
c779a8e530a64b3e1614a126fb03e40989aaf9f4
7f49e64574d28a16e27891846b378707125396ac9daef4fa2638e083974317a8

HTTP Headers

GET /apu.php?zoneid=4806906 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:44 GMT
content-type: application/javascript
x-trace-id: fb7c1ffc2c776185928a3259254be06f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8e9416aa95da42648a4719a8921841ab; expires=Tue, 28 May 2024 08:34:44 GMT; path=/; secure; SameSite=None
oaidts=1685349284; expires=Tue, 28 May 2024 08:34:44 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

www.simsdom.com/sw.js

188.114.97.1

200 OK

5.2 kB

URL GET HTTP/3
www.simsdom.com/sw.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (5217), with no line terminators
Size
5.2 kB (5215 bytes)
Hash
5bc7fdd0d292257eb70144fa53851f07
d13cfe53155707c2053e7a5aa1415eb52c06a321
7c2e5c60d8cfb6c8d417329b4c183876c7a8e54f3c85050bfb9a0ec398c1f4a7

HTTP Headers

GET /sw.js HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Cookie: cukiez=ok
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 May 2023 08:34:45 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5242
etag: W/"623c4b4c-147a"
last-modified: Thu, 24 Mar 2022 10:43:24 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 1595
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2K4i4ymj4uffFsX%2FRNYNbdkoVMT9gfYjRXuCwuxe5eApDxQm9KO9IfbnJt1D9TUvIqhpWpKnnrf87jATVc2dJ0NVoFfdVWYQ6dEvA2Sei5JUxUZ2Us5PqRhLySxTBpSbo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced66673862b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:47 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:46 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGT%2B1nkzhiQFl2Ft4rNGtPnfqxkkSapHLDkNjUqKffROxAs3g2oD4I99waFaKK5HJlkarKpj1ZWttLbjQEj5e0wOWSY4wueycaHIpvIIsLRcxKnp3aKHrI1ez4DcjfjmB4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced6673aa1fb4ee-OSL
X-Firefox-Spdy: h2

yonhelioliskor.com/pfe/current/tag.min.js?z=4621931

139.45.197.251

200 OK

15 kB

URL GET HTTP/2
yonhelioliskor.com/pfe/current/tag.min.js?z=4621931
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectyonhelioliskor.com
Fingerprint77:04:F0:44:6A:64:12:4C:33:16:17:89:03:D0:78:3C:43:77:C3:F1
ValidityMon, 27 Mar 2023 05:10:41 GMT - Sun, 25 Jun 2023 05:10:40 GMT

File type
C source, ASCII text, with very long lines (14672), with no line terminators
Size
15 kB (14672 bytes)
Hash
1f938e5040bfa37e9d20f59fa9782737
caca731480f0130da647e515b69e021e16b5b346
f0d84fad3fd69279b48266e7c652f524f93eb0052d96fdf47e41e452ea631db5

HTTP Headers

GET /pfe/current/tag.min.js?z=4621931 HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 14:20:13 GMT
etag: W/"645cf99d-3950"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=0dc1f6413e4e41c995d176dbde514bf3

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0dc1f6413e4e41c995d176dbde514bf3
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
214cf65abf7891f3965bdee1577cca56
27ee86243358367fdacbb259a62381a22c84cd84
9a1209e97c4e837f4b9058a45a7e55d4bbe36b59e15d1d4f3efdffa8db232d35

HTTP Headers

GET /gid.js?userId=0dc1f6413e4e41c995d176dbde514bf3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Referer: https://www.simsdom.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:44 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.simsdom.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0dc1f6413e4e41c995d176dbde514bf3; expires=Tue, 28 May 2024 08:34:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:46 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:45 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NsF%2Bk%2BEk7RjyIIxk4eolijK9cqD4W3IsWnIUOkQxofyD3qnPfcZHbsirqecfc3u3zTaSDE%2F181YSsb%2BOVVn1VrsCSyBU7lxhabSWhsCw1sUFDkSx3qLQMkqv3%2FY2Fy00XE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced666f4be4b4ee-OSL
X-Firefox-Spdy: h2

s4.simstatic.com/blocked.gif

104.26.7.105

302 Found

0 B

URL GET HTTP/2
s4.simstatic.com/blocked.gif
IP
104.26.7.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.simsdom.com/
Certificate
IssuerCloudflare, Inc.
Subjectsimstatic.com
Fingerprint11:C2:32:FE:C9:3F:27:1B:A1:33:FD:B5:FD:38:F9:84:38:E1:6D:1B
ValiditySat, 02 Jul 2022 00:00:00 GMT - Sun, 02 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blocked.gif HTTP/1.1
Host: s4.simstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 May 2023 08:34:45 GMT
content-type: text/html; charset=iso-8859-1
location: https://s4.simstatic.com/blocked.gif
cache-control: max-age=43200
expires: Mon, 29 May 2023 08:34:44 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIHjTD%2FrYvoYXOT%2FxHJUwiA%2BL7g5OWrgyX5OMxSwOH7hfYmUJHCC6j%2Fpd4fhzsnb%2FBJ%2BDJPUwKl442pK4c9O9bflzEMmdhFFzyiBli%2FtQX1tRdOXNxTEjUgA438bLXCbPFU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ced666adc9db4ee-OSL
X-Firefox-Spdy: h2

www.simsdom.com/

188.114.97.1

200 OK

95 kB

URL User Request GET HTTP/2
www.simsdom.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:C2:E5:FC:77:65:57:A5:0E:A9:71:E5:49:DB:12:6A:17:55:E0:52
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT

File type

Size
95 kB (95143 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.simsdom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 29 May 2023 08:34:43 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.24
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iu%2BYzCkipVE8U9v4YFbs3vlVj8x7hVywrQpPZRf8D1u7AF2Th3fH7JKdrXtmNzbiqEymX0cFwnfEsdPE9Aa30e8gNIeFNktPlgEJmk02xcXMDOv9slANMlJHCCHVGvcDyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ced665bea85b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.434

139.45.197.251

200 OK

104 kB

URL GET HTTP/2
yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.434
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.simsdom.com/
Certificate
IssuerLet's Encrypt
Subjectyonhelioliskor.com
Fingerprint77:04:F0:44:6A:64:12:4C:33:16:17:89:03:D0:78:3C:43:77:C3:F1
ValidityMon, 27 Mar 2023 05:10:41 GMT - Sun, 25 Jun 2023 05:10:40 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (103914 bytes)
Hash
3fbd784e005c26cd47a9a0bc9de49991
9eb40374ae3e34fba59f1f60155e92e387168ac0
471bf3191e1a6f939242c6a656785956d48d33688b2387718869997debafc9e4

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.434 HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.simsdom.com/
Origin: https://www.simsdom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 08:34:43 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 14:20:13 GMT
etag: W/"645cf99d-195ea"
access-control-allow-origin: https://www.simsdom.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML