www.vivoplay.sigue.la Open in urlscan Pro
216.239.34.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vivoplay.sigue.la/p/net-1.html
Submission: On May 11 via manual (May 11th 2021, 6:11:34 pm UTC) from US

Summary HTTP 78 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 44 domains to perform 78 HTTP transactions. The main IP is 216.239.34.21, located in United States and belongs to GOOGLE, US. The main domain is www.vivoplay.sigue.la.
TLS certificate: Issued by GTS CA 1D2 on April 13th 2021. Valid for: 3 months.

This is the only time www.vivoplay.sigue.la was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
11	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:0:6:2e3c:5fc0:21	16509 (AMAZON-02) (AMAZON-02)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	172.67.201.184 172.67.201.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5c06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:461	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
7	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	65.9.97.94 65.9.97.94	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3033::6815:e93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
5 5	18.195.54.133 18.195.54.133	16509 (AMAZON-02) (AMAZON-02)
1	34.96.106.9 34.96.106.9	15169 (GOOGLE) (GOOGLE)
2 2	35.210.178.101 35.210.178.101	19527 (GOOGLE-2) (GOOGLE-2)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	2606:4700:303... 2606:4700:3035::6815:3588	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:9e20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	159.89.225.89 159.89.225.89	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	174.137.133.18 174.137.133.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	174.137.133.17 174.137.133.17	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	174.137.133.16 174.137.133.16	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	142.91.159.108 142.91.159.108	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:303... 2606:4700:3031::ac43:8cc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
78	34

2 216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

www.vivoplay.sigue.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:0:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)

dmmzkfd82wayn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

surgicalexpectingdecisive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.201.184 (United States)

ASN13335 (CLOUDFLARENET, US)

wigistream.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5c06 (United States)

ASN13335 (CLOUDFLARENET, US)

celeritascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:461 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.vdosupreme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.97.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:e93 (United States)

ASN13335 (CLOUDFLARENET, US)

asacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.54.133 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-54-133.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.106.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.106.96.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6815:3588 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

zap.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9e20 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xml.revrtb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.225.89 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.toromclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.18 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.blueparrot.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.popmonetizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.17 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.adxnexus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.zeusadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.16 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.acertb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.159.108 (Netherlands)

ASN7979 (SERVERS-COM, US)

khandragthresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:8cc9 (United States)

ASN13335 (CLOUDFLARENET, US)

nsparket.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	203 KB
5	zap.buzz 5 redirects zap.buzz	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	google.com apis.google.com	149 KB
5	blogger.com www.blogger.com	184 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	wigistream.to wigistream.to	37 KB
4	blogblog.com resources.blogblog.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	gstatic.com fonts.gstatic.com	65 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	699 B
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	758 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	asacdn.com asacdn.com	20 KB
2	onclickgenius.com onclickgenius.com	3 KB
2	amung.us 1 redirects whos.amung.us widgets.amung.us	2 KB
2	vdosupreme.com cdn.vdosupreme.com	180 KB
2	ufpcdn.com ufpcdn.com	3 KB
2	celeritascdn.com celeritascdn.com	20 KB
2	sigue.la www.vivoplay.sigue.la	17 KB
1	nsparket.top nsparket.top
1	khandragthresh.com khandragthresh.com	1 KB
1	zeusadx.com xml.zeusadx.com	165 B
1	acertb.com xml.acertb.com	165 B
1	adxnexus.com xml.adxnexus.com	165 B
1	popmonetizer.net xml.popmonetizer.net	165 B
1	blueparrot.media xml.blueparrot.media	165 B
1	toromclick.com 1 redirects www.toromclick.com	372 B
1	revrtb.net 1 redirects xml.revrtb.net	1 KB
1	idealmedia.io cm.idealmedia.io	449 B
1	lentainform.com cm.lentainform.com	514 B
1	seedtag.com s.seedtag.com	508 B
1	google-analytics.com www.google-analytics.com	19 KB
1	googleapis.com fonts.googleapis.com	395 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	jsdelivr.net cdn.jsdelivr.net	138 KB
1	googlesyndication.com pagead2.googlesyndication.com	578 B
1	googleusercontent.com themes.googleusercontent.com	218 KB
1	surgicalexpectingdecisive.com surgicalexpectingdecisive.com
1	cloudfront.net dmmzkfd82wayn.cloudfront.net	127 KB
0	xmlking.com Failed xml.xmlking.com Failed
0	poprtb.com Failed xml.poprtb.com Failed
78	44

	Domain	Requested by
7	cm.mgid.com	jsc.mgid.com www.vivoplay.sigue.la
5	zap.buzz	5 redirects
5	x.bidswitch.net	5 redirects
5	apis.google.com	www.vivoplay.sigue.la apis.google.com www.blogger.com
5	www.blogger.com	www.vivoplay.sigue.la apis.google.com
4	wigistream.to	www.vivoplay.sigue.la wigistream.to
4	resources.blogblog.com	www.vivoplay.sigue.la www.blogger.com
3	s-img.mgid.com	www.vivoplay.sigue.la
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com www.vivoplay.sigue.la
3	fonts.gstatic.com	www.vivoplay.sigue.la fonts.googleapis.com
3	c.mgid.com	jsc.mgid.com
2	cm.g.doubleclick.net	2 redirects
2	a.volvelle.tech	2 redirects
2	match.adsrvr.org	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	creativecdn.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	asacdn.com	wigistream.to www.vivoplay.sigue.la
2	onclickgenius.com	www.vivoplay.sigue.la
2	cdn.vdosupreme.com	wigistream.to
2	cdn.mgid.com	www.vivoplay.sigue.la
2	ufpcdn.com	www.vivoplay.sigue.la
2	celeritascdn.com	www.vivoplay.sigue.la
2	jsc.mgid.com	www.vivoplay.sigue.la
2	www.vivoplay.sigue.la	www.vivoplay.sigue.la
1	nsparket.top	wigistream.to
1	khandragthresh.com	wigistream.to
1	xml.zeusadx.com	wigistream.to
1	xml.acertb.com	wigistream.to
1	xml.adxnexus.com	wigistream.to
1	xml.popmonetizer.net	wigistream.to
1	xml.blueparrot.media	wigistream.to
1	www.toromclick.com	1 redirects
1	xml.revrtb.net	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.idealmedia.io	www.vivoplay.sigue.la
1	cm.lentainform.com	www.vivoplay.sigue.la
1	s.seedtag.com	www.vivoplay.sigue.la
1	secure-assets.rubiconproject.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	wigistream.to
1	widgets.amung.us	wigistream.to
1	whos.amung.us	1 redirects
1	www.googletagmanager.com	wigistream.to
1	cdn.jsdelivr.net	wigistream.to
1	servicer.mgid.com	jsc.mgid.com
1	pagead2.googlesyndication.com	www.vivoplay.sigue.la
1	themes.googleusercontent.com	www.vivoplay.sigue.la
1	surgicalexpectingdecisive.com	www.vivoplay.sigue.la
1	dmmzkfd82wayn.cloudfront.net	www.vivoplay.sigue.la
0	xml.xmlking.com Failed	wigistream.to
0	xml.poprtb.com Failed	wigistream.to
78	52

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
herbeauty.co
www.blogger.com

Subject Issuer	Validity	Valid
www.vivoplay.sigue.la GTS CA 1D2	`2021-04-13` - `2021-07-12`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
surgicalexpectingdecisive.com R3	`2021-05-10` - `2021-08-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.vdosupreme.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-17` - `2021-12-17`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-11` - `2022-03-26`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
onclickgenius.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-01-22`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-04-14`	2 years	crt.sh
*.blueparrot.media AlphaSSL CA - SHA256 - G2	`2020-09-07` - `2021-10-09`	a year	crt.sh
*.popmonetizer.net Sectigo RSA Domain Validation Secure Server CA	`2020-12-14` - `2021-12-14`	a year	crt.sh
*.adxnexus.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-09` - `2022-03-09`	a year	crt.sh
*.acertb.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-09` - `2022-03-09`	a year	crt.sh
*.zeusadx.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2021-11-01`	a year	crt.sh
khandragthresh.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.vivoplay.sigue.la/p/net-1.html
Frame ID: 7E038B06D07C50E40F427F0D50FB9FF1
Requests: 42 HTTP requests in this frame

Frame: https://wigistream.to/embed/6aki36z
Frame ID: 50238ED1802754A2CE39C5E50A6D4EFC
Requests: 17 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&targetPageID=362582093974193535&blogPostOrPageUrl=https://www.vivoplay.sigue.la/p/net-1.html&vt=-2546959981113289591&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
Frame ID: FE8EA00C22453DD4BA41764A5DDDAEFA
Requests: 5 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 53B9CB947C96F767EF75A04DCEAC39F5
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1620756674984634860427
Frame ID: 67057F41B15BBDA3CDC5B101D8A6AA63
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 092150BE7CC995AEF1B2AE6B7B89210F
Requests: 3 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 4F4A21D73693F4D1BC867D54773463F4
Requests: 1 HTTP requests in this frame

Frame: https://xml.blueparrot.media/click?i=bAne*4iN6NY_0
Frame ID: AF2D3347E04CDA947B52D54EE6BEF902
Requests: 1 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Frame ID: 209788CA266352F2885CD5B5203CA025
Requests: 1 HTTP requests in this frame

Frame: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Frame ID: A66CD1048F9E588D8330404D5B74B8AF
Requests: 1 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Frame ID: DB6CE2C5ED0F1118BCE2FCC39622CB09
Requests: 1 HTTP requests in this frame

Frame: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Frame ID: 1EE7E71F31D51AA3FE8F084B2E1A5D78
Requests: 1 HTTP requests in this frame

Frame: https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249
Frame ID: CB4E391EF75956433182BDB824022F62
Requests: 1 HTTP requests in this frame

Frame: https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248
Frame ID: 97E2CCDB72ECDB6DC26EFA486A28F2F2
Requests: 1 HTTP requests in this frame

Frame: https://khandragthresh.com/iBsoG511Gsf7/28749
Frame ID: 3A0842B24DD2CFD15A8769FD9E0F35B8
Requests: 1 HTTP requests in this frame

Frame: https://nsparket.top/redirect?tid=756113&file=Watch_Live
Frame ID: D3ADEEEF32D1C1E73A576C73975DF20D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

78
Requests

96 %
HTTPS

43 %
IPv6

44
Domains

52
Subdomains

34
IPs

4
Countries

1437 kB
Transfer

3471 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=www.vivoplay.sigue.la&utm_medium=referral&utm_campaign=widgets&utm_content=826808
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/relationships/top-10-questions-you-should-be-asking-matches-on-tinder/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/beauty/how-attractive-are-you/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/lifestyle/9-of-the-best-family-friendly-dog-breeds/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=166200&c=000000ffffff&p=

Request Chain 53

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1620756675270&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY%3A%20NET%201&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1620756675270&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY%3A%20NET%201&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&c9=

Request Chain 54

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 55

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=UlBe9YY8a69kvifxi2lA&pi=mgid&tc=1

Request Chain 56

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=f1f6de35-6841-42ba-9d3f-8a64ca9333f8

Request Chain 57

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=9aa3f7cb-088d-4d18-b0a7-2b6022800ff3&ttl=1623348675

Request Chain 58

https://x.bidswitch.net/sync?dsp_id=303&user_id=l4bedRIbc7bb HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l4bedRIbc7bb HTTP 302
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=d0f01fc9-b94f-4b9a-ab2b-ea9315d46036

Request Chain 59

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=33340b99-cf53-457f-8f5f-a5fc349d33e4&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=d0f01fc9-b94f-4b9a-ab2b-ea9315d46036&gdpr=&gdpr_consent=&us_privacy=

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDRiZWRSSWJjN2Ji&muidn=l4bedRIbc7bb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDRiZWRSSWJjN2Ji&muidn=l4bedRIbc7bb&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l4bedRIbc7bb&google_ula={guid},5&google_gid=CAESEEGhCE2LBuR9dZghwh6ma-E&google_cver=1

Request Chain 69

https://zap.buzz/4kN HTTP 302
https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074 HTTP 302
https://www.toromclick.com/feed/click/?t1=128&tid=269&uid=90&subid=304022&id=26450925781f5ffd0a6021b00df25a69:09e250a43e4ef6e83f337fb1100adf727cc2c6ecb4e5183efbd61c04a28bb0486114a3c44680d72de629c781b1bdeb8bfc3a6294e9d7592bdb6fa5cd46b21b93232f9eac91c0c6dc7bf77905bb2b0e7193e02a0aa9e99912a8b68023fb2c828cc1d95c9f750604004ac155c70fc747bbc1f7392cf17bb3c54b2de684d0113351f152f31f23d9362445cf55edaa71d4dabd2dc299de88ce1ec946264c3ec2d63766def572a6d4e31dd2e8f020ffe637b6d952d767f1190c67649e7baf00bb3ad6065e83c0f7baff99e009c6199a6674759bf5d00e56b293bfa1df581ae9d902dc54127796e2691099c54599e1249726466192099d3b709cb5f01c2c1de17bb96775612624e84d66189fdd95e1700f52fef36d36a23878b933e6e832a079a0bf32d32cf59aa6d9a84f32b34ace4afd266861ab0027e8ff969d3eb4dd03ef03a3929520290454a23c1b9e09f94570cbc62e HTTP 302
https://xml.blueparrot.media/click?i=bAne*4iN6NY_0

Request Chain 70

https://zap.buzz/QYn HTTP 302
https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075

Request Chain 71

https://zap.buzz/ll4 HTTP 302
https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381

Request Chain 72

https://zap.buzz/Y7MvP0W HTTP 302
https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759

Request Chain 73

https://zap.buzz/BVwkdEK HTTP 302
https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610

Request Chain 74

https://popxyz.com/KdORxkr HTTP 302
https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

Request Chain 75

https://yuppyads.com/aaKkk4M HTTP 302
https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request net-1.html Show response
www.vivoplay.sigue.la/p/ 57 KB
15 KB 166ms
126ms Document
text/html 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vivoplay.sigue.la/p/net-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

GSE /

Resource Hash

18fbade0cd7f9800703d64e6113629975c3e913ca2e1faacdc6ee548580099a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.vivoplay.sigue.la
:scheme: https
:path: /p/net-1.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
expires: Tue, 11 May 2021 18:11:14 GMT
date: Tue, 11 May 2021 18:11:14 GMT
cache-control: private, max-age=0
last-modified: Tue, 11 May 2021 14:20:52 GMT
etag: W/"ed20f2fc630d052203ede5b2e0bf4cb62088d49327ec3f30989e38907f9f240a"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15327
server: GSE

GET
H2 200 115981500-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
37 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:55:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 00:18:49 GMT
server: sffe
age: 526532
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Thu, 05 May 2022 15:55:42 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 55ms
33ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0593a255a01933e26823747656a39bc1fc7188582e67ac5223eefa74f7c2c021

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FNbuXcRXZmYM01oWExWqJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "4fc60c8cf782c16d4329b84dfda715b7"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-FNbuXcRXZmYM01oWExWqJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 11 May 2021 18:11:14 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
612 B 10ms
6ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 05:47:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 May 2021 09:09:59 GMT
server: sffe
age: 303823
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Sat, 15 May 2021 05:47:31 GMT

GET
H2 200 cndf79.blogspot.com.826808.js Show response
jsc.mgid.com/c/n/ 283 KB
70 KB 97ms
55ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826808.js
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff5964eccd731d50855bce6f7db5b9192f1af4155bbfc304996fea58fc903f46

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 3919
cf-polished: origSize=289455
last-modified: Sat, 24 Apr 2021 05:52:58 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RVX6YSGGNM0APTXH
x-amz-id-2: Uqj7URS9zts0ryq3zloYZjo5W/rY3Cv5Wd/vs+HQNpSaU0w5t6clw9civP/CW1nj3BvZgNlQNks=
cf-bgj: minify
server: cloudflare
etag: W/"faf53bfefb5eee95e03fcdad61d17765"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 09fe39501a000033163a8be000000001
cf-ray: 64dd5e602f9c3316-CDG
expires: Tue, 11 May 2021 21:11:14 GMT

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 364 KB
127 KB 231ms
191ms Script
text/plain 2600:9000:2127:0:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=674579
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:0:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c90984a98dd5b9d501bff5d087f8131ce43331cf9bfcb006b3b999f11122287f

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 129257
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-amz-cf-id: m48hkhLNNknTmKLmlITty2zAk-Y-mD-wodbSUEKqOsULlJioUnwsGw==

GET
H2 200 cndf79.blogspot.com.826817.js Show response
jsc.mgid.com/c/n/ 283 KB
70 KB 84ms
42ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d836c51c3172a1a7d2ce015053e8641a24997f3c61438e2845ea321528cf1a6

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 5325
cf-polished: origSize=289351
last-modified: Thu, 22 Apr 2021 10:38:34 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: GRZ30XFEHYZBS5HC
x-amz-id-2: v62ImFTWltxDUB8mO3RHZv/A6cbCkm4H8OPJ7ixhs6uG/qsWtHwwwTTqwX6y2MiR8ucH58H3F6M=
cf-bgj: minify
server: cloudflare
etag: W/"950cc8b8a3b08541ef09b13ba0b417e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 09fe39501b00003316751c1000000001
cf-ray: 64dd5e602f9e3316-CDG
expires: Tue, 11 May 2021 21:11:14 GMT

GET
H/1.1 403
Forbidden 805b341738096b4eb8ffc34d81f94171.js
surgicalexpectingdecisive.com/80/5b/34/ 0
0 329ms
105ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://surgicalexpectingdecisive.com/80/5b/34/805b341738096b4eb8ffc34d81f94171.js
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 11 May 2021 18:11:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 128ms
113ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5364089433529495526&zx=79d3dc2d-4503-49f4-b661-ce8102e1b9a9

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:11:14 GMT
server: GSE
date: Tue, 11 May 2021 18:11:14 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookienotice.js Show response
www.vivoplay.sigue.la/js/ 6 KB
2 KB 17ms
15ms Script
text/javascript 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vivoplay.sigue.la/js/cookienotice.js

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.vivoplay.sigue.la
referer: https://www.vivoplay.sigue.la/p/net-1.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vivoplay.sigue.la/p/net-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 11:30:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Tue, 18 May 2021 18:11:14 GMT

GET
H3-29 200 75914390-widgets.js Show response
www.blogger.com/static/v1/widgets/ 145 KB
145 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/75914390-widgets.js

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c733c892b5b0c222708477ba428d1838215af99ef8b04c5934c8a32d07fe82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:37:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:14:17 GMT
server: sffe
age: 491600
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148194
x-xss-protection: 0
expires: Fri, 06 May 2022 01:37:54 GMT

GET
H2 200 image
themes.googleusercontent.com/ 218 KB
218 KB 257ms
235ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=1IklOAY2G5rECi3_MpjLOcuc-xSezl_d4fGssxb7G4imfdcXscGbiLCVEgznQMsSvm4kA&options=w1600

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3c4d6cef43f8feed794408ea9dc937abb6a1615910a03a18297f4a02aed80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222827
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ 142 KB
50 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4f01e3784c081814429943d9a1cafcaa556bae64e786806e2e757be1fbb013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 17:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 22:19:55 GMT
server: sffe
age: 2581
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50899
x-xss-protection: 0
expires: Wed, 11 May 2022 17:28:13 GMT

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ 53 KB
17 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e9d56fb21c3de205d7566fca85f8272159c55be887503215277701c9528d0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 00:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 22:19:55 GMT
server: sffe
age: 149730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17378
x-xss-protection: 0
expires: Tue, 10 May 2022 00:35:44 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
578 B 26ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 07:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 May 2021 07:42:42 GMT

GET
H3-29 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
424 B 7ms
7ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 07:42:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 10:25:27 GMT
server: sffe
age: 37710
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
expires: Tue, 18 May 2021 07:42:44 GMT

GET
H2 200 6aki36z Show response
wigistream.to/embed/ Frame 5023 14 KB
6 KB 150ms
93ms Document
text/html 172.67.201.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wigistream.to/embed/6aki36z
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6671b56c0e7c940463171866b9cba1d88fb2857d2d4c44fb81c776cbc9a7b0

Request headers

:method: GET
:authority: wigistream.to
:scheme: https
:path: /embed/6aki36z
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vivoplay.sigue.la/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.vivoplay.sigue.la/

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: hf1=1; expires=Wed, 12-May-2021 18:11:14 GMT; Max-Age=86400; path=/
cf-cache-status: DYNAMIC
cf-request-id: 09fe3950620000eda373b91000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bJPW%2BmFL36YN89LQEzO1fvdmKg6MLozIhUaHhw0wZBQ4t5adgTe2rdkFgB54XUoRqHS9NLgc9KfSB2p%2BlFuZTmgCAQA6b2jch%2F4yPMGx"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64dd5e609827eda3-CDG
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 compatibility.js Show response
celeritascdn.com/script/ 20 KB
8 KB 47ms
30ms Script
application/javascript 2606:4700::6810:5c06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/compatibility.js
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1707
x-guploader-uploadid: ABg5-UzsJxtnMyBmV_3tToUIjtpy58NFAtyi3hUeFYfj8ZQG6dz4gK_xA6cbu-4yQBYPrTz7nlE0OjqmGWmAT_HnVno6XGjXJg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 09fe39503b0000dfe703890000000001
last-modified: Tue, 15 Sep 2020 12:10:32 GMT
server: cloudflare
etag: W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
x-goog-generation: 1600171832181211
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 20647
cf-ray: 64dd5e605f44dfe7-FRA
expires: Tue, 11 May 2021 22:11:14 GMT

GET
H3-29 200 navbar.g Show response
www.blogger.com/ Frame FE8E 7 KB
3 KB 126ms
126ms Document
text/html 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&targetPageID=362582093974193535&blogPostOrPageUrl=https://www.vivoplay.sigue.la/p/net-1.html&vt=-2546959981113289591&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87a464ae92acdd21ae398f472f9f7f082cafd2d641bf3e2bf144cd4eabccae5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&targetPageID=362582093974193535&blogPostOrPageUrl=https://www.vivoplay.sigue.la/p/net-1.html&vt=-2546959981113289591&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vivoplay.sigue.la/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.vivoplay.sigue.la/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2629
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 53B9 2 KB
2 KB 221ms
197ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vivoplay.sigue.la/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.vivoplay.sigue.la/

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-type: text/html
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 09fe39507a00004d893c30d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=d1126dc3e90d18308894ee7eb00b899d704602b9-1620756674-1800-Ac87vuC4ebXwGTDsb6ngMmAjTghuCFyTMUIyOtehapAFjFAeRtgHAyrv0c/ynVYlh+CqCPuqE45QG4ksBYB9qA0=; path=/; expires=Tue, 11-May-21 18:41:14 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YAP9WfuJGqQDCBAJV%2BKye1j8Q06PJncGzi63mTiw7VQD02rqOu2qqf7Yau4QQoxhnscQJtnm0YY%2FT6U5qdD5a7UdeXHNqloGliFFXNtq0S9YxQKymL1q"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64dd5e60cf5b4d89-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
c.mgid.com/pv/ 0
306 B 75ms
74ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1620756674733921887625&uniqId=0f536&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&lu=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&pageView=1&site=343057&pvid=1795ca038ad83f1d156&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826808.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e612a293316-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3950b5000033162da02000000001

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 39ms
38ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 4356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09fe3950bc0000331674204000000001
cf-ray: 64dd5e612a363316-CDG
expires: Wed, 12 May 2021 18:11:14 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
883 B 27ms
26ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 4356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1D76EA8A206ECCA7
x-amz-id-2: lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09fe3950ba000033164835b000000001
cf-ray: 64dd5e612a3a3316-CDG
expires: Wed, 12 May 2021 18:11:14 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.vivoplay.sigue.la
Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 11:06:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jan 2015 22:48:53 GMT
server: sffe
age: 457499
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19684
x-xss-protection: 0
expires: Fri, 06 May 2022 11:06:15 GMT

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 110ms
110ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5364089433529495526&zx=79d3dc2d-4503-49f4-b661-ce8102e1b9a9

Requested by

Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:11:14 GMT
server: GSE
date: Tue, 11 May 2021 18:11:14 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/826808/ 3 KB
1 KB 91ms
90ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/826808/1?pv=5&cbuster=1620756674797775511173&uniqId=0f536&niet=4g&nisd=false&w=730&h=287&cols=3&ref=&cxurl=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&lu=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&pageView=1&pvid=1795ca038edb1d53078&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826808.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2367738b0be7bf02f508318a14665721c527433099dac9903f34b7d4d878314d

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e618b133316-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3950f400003316692d6000000001

GET
H3-29 200 embed.min.css
wigistream.to/css/ Frame 5023 1 KB
965 B 68ms
45ms Stylesheet
text/css 172.67.201.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wigistream.to/css/embed.min.css?v=0.3
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.201.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Referer: https://wigistream.to/embed/6aki36z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4058
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe39510c0000cddb8e347000000001
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
server: cloudflare
etag: W/"5fa984ce-484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lsQz2PgknSD2b41vWCuH00idZAJVbtTSJc1Hl%2F3%2BiEGx5uySas%2FH4G5JObqPgHMBMpHVTqdiZXwCiY47DpCNGxbQ%2FfvTFxuUi6mvHzGi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 64dd5e61aa00cddb-CDG

GET
H3-29 200 icon.png
wigistream.to/imgs/ Frame 5023 469 B
1 KB 67ms
44ms Image
image/png 172.67.201.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wigistream.to/imgs/icon.png
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.201.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214c55aeae4c8972f62d276447d68481b964e5f98fdac62494da0a09293dc284

Request headers

Referer: https://wigistream.to/embed/6aki36z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4022
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 469
cf-request-id: 09fe39510c0000cddbcc9d8000000001
last-modified: Wed, 11 Nov 2020 18:38:04 GMT
server: cloudflare
etag: "5fac2f8c-1d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R58mpXkemrU89tirvufGx8dCHnsOs4%2FfXInNJ0VxiAnd%2FUZivDF2ciuosAnZqWV4Nbd9icblr6E7%2FEYos%2FZHRUUi66ZTjwF2wiyjCyyj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64dd5e61a9fdcddb-CDG

GET
H3-29 200 jquery.min.js Show response
wigistream.to/js/ Frame 5023 85 KB
29 KB 68ms
48ms Script
application/javascript 172.67.201.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wigistream.to/js/jquery.min.js
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.201.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://wigistream.to/embed/6aki36z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4022
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe39510b0000cddbcf888000000001
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
server: cloudflare
etag: W/"5fa984ce-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Bn2KIrjcaUsv5RrewunvHfGRrN3lVsk06lwAVg1uJCen5VE1HYDEYwQHyvhkBZOtsj2t6WSiUFPXTLkJ6vtEMKWGMRo9nlfw1qEkFzZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 64dd5e61a9facddb-CDG

GET
H2 200 vdo.js Show response
cdn.vdosupreme.com/ Frame 5023 576 KB
169 KB 120ms
88ms Script
application/javascript 2606:4700::6812:461
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vdosupreme.com/vdo.js?id=6gzf9nfdh3gafs8bfzm1
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:461 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ad001c31a13cbeffd5a81e308fddd9e2ddb7541875681681715fd82e43e82df3

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 37005
x-powered-by: Express
x-cache-status: HIT
cf-request-id: 09fe3951160000dfad711ab000000001
server: cloudflare
etag: W/"8fe3f-AMi04Zg1moLi++VhEYwkIuw4h94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 64dd5e61b9d5dfad-FRA
expires: Tue, 11 May 2021 18:41:14 GMT

GET
H2 200 vdo.clappr.plugin.js Show response
cdn.vdosupreme.com/ Frame 5023 36 KB
10 KB 131ms
99ms Script
application/javascript 2606:4700::6812:461
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vdosupreme.com/vdo.clappr.plugin.js
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:461 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd93fb56772df67888dba6ab8be7698107888d7eb03195d2ad7e22c084daecdb

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 07:40:22 GMT
server: cloudflare
age: 37006
etag: W/"609a34e6-9032"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 64dd5e61b9d7dfad-FRA
cf-request-id: 09fe3951190000dfadd1212000000001
expires: Tue, 11 May 2021 18:41:14 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 5023 513 KB
138 KB 9ms
8ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 33668
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19138-FRA
date: Tue, 11 May 2021 18:11:14 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5023 88 KB
35 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184968220-1

Requested by

Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5895751956a4067822db115b239883914585d4b054336b09b4c1bb15a1743e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35755
x-xss-protection: 0
expires: Tue, 11 May 2021 18:11:14 GMT

GET
H2

200

/
widgets.amung.us/draw/ Frame 5023
Redirect Chain

https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=166200&c=000000ffffff&p=

2 KB
2 KB

44ms
19ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=166200&c=000000ffffff&p=
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25e107c767d2545e64a24d18d954bdcf698b03e738c7dd22b396114d064cd88

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: HIT
server: cloudflare
age: 202
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 64dd5e644828634d-FRA
cf-request-id: 09fe3952ae0000634db23cd000000001
expires: Wed, 12 May 2021 18:07:53 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=166200&c=000000ffffff&p=
date: Tue, 11 May 2021 18:11:15 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H3-29 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame FE8E 54 KB
20 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&targetPageID=362582093974193535&blogPostOrPageUrl=https://www.vivoplay.sigue.la/p/net-1.html&vt=-2546959981113289591&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

734529a3a64866ff2246bea653417c5e441ea5845e99cd9a1ba3208a2f88b11e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d5Qle751njeXNQn7zMLfPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "b0cef9f306010e267929ffcafdad122e"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-d5Qle751njeXNQn7zMLfPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 11 May 2021 18:11:14 GMT

GET
H3-29 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame FE8E 907 B
928 B 7ms
7ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 03:54:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 11:21:35 GMT
server: sffe
age: 397032
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
expires: Fri, 14 May 2021 03:54:02 GMT

GET
H3-29 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame FE8E 117 B
138 B 7ms
7ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:13:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 17:22:25 GMT
server: sffe
age: 374265
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Fri, 14 May 2021 10:13:29 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5023 1 KB
395 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: wigistream.to
URL: https://wigistream.to/css/embed.min.css?v=0.3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 May 2021 17:53:24 GMT
server: ESF
date: Tue, 11 May 2021 18:11:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 May 2021 18:11:14 GMT

GET
H2 200 suurl.php Show response
onclickgenius.com/script/ 5 KB
1 KB 183ms
160ms Script
application/javascript 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=2084715&cbrandom=0.12088249303633192&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Vivo%20PLAY%3A%20NET%201&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e65e2328dc1f9862a772f553faa0658e07bbaa0868d935de19fa21de7322a73f

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 11 May 2021 18:11:15 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2 200 chrome.js Show response
celeritascdn.com/script/ 36 KB
11 KB 21ms
21ms Script
application/javascript 2606:4700::6810:5c06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/chrome.js
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 505
x-guploader-uploadid: ABg5-UyI37W8tz8yfF0mTbdYOrcF8YYHBVe_yU1V9KNq5sEk7zllZwdDbakhe9KKpDJMqYcmBAADg2dI8lNAlpdbNCfh43NIyQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 09fe39516d0000dfe792b98000000001
last-modified: Mon, 14 Sep 2020 09:15:29 GMT
server: cloudflare
etag: W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
x-goog-generation: 1600074929755781
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 37300
cf-ray: 64dd5e624b95dfe7-FRA
expires: Tue, 11 May 2021 22:11:14 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ Frame FE8E 120 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14be71b06f44ee41e37f6154420bb3b59dd5052551a81870c4dbf1d04b7baa4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 17:53:46 GMT
server: sffe
age: 595038
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41333
x-xss-protection: 0
expires: Wed, 04 May 2022 20:53:56 GMT

GET
H3-29 200 / Show response
c.mgid.com/pv/ 0
400 B 118ms
95ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?w=330&h=950&cols=1&pv=5&cbuster=1620756674970701105926&uniqId=0d548&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&lu=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&pageView=0&site=343057&pvid=1795ca0399aa848cc4a&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e62cc8a3318-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3951ba000033184d86b000000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
707 B 88ms
81ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1620756674979304776826
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826808.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e011b01f5b36472a12eb24a1b684606cef79f87f91bac299c114522b7a150c

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 15d2af38-f204-4de5-b991-6ea282249d64
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e62bdf13316-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3951b2000033168e82c000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 6705 19 B
189 B 101ms
98ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1620756674984634860427
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826808.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: afb928ac-9ef3-45e4-a06e-d8d08e089884
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e62bdf53316-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3951b00000331666b49000000001
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 75ms
24ms Script
application/javascript 65.9.97.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826808.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:06:46 GMT
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: h9ciHIeszW2F-rwdfYFz8UwDQZO-K2x5pQalbHhOIabq0TaDUNyG3Q==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.mgid.com/g/8164868/492x328/0x183x565x376/ 21 KB
22 KB 26ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164868/492x328/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1620756674-oxVvRSN3rP8Cm9bmzUJgFZUFL1Eqf6V_HCLojYe01XU
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554d6c0c19894181bda353ad2f1ca53894deb79e8e7b97f5881c7837b6f419a1

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: HIT
x-mg-request-uuid: 4c118ed8-17b5-4547-a0af-551268835af8
age: 1602937
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21762
cf-request-id: 09fe3951b20000331677bc5000000001
last-modified: Mon, 08 Feb 2021 10:20:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 64dd5e62bdfb3316-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp
s-img.mgid.com/g/8164841/492x328/14x0x549x366/ 15 KB
15 KB 26ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164841/492x328/14x0x549x366/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp?v=1620756674-EDPTtiAUCsLGTQMGmqx3Ba7qHTySidl90RPfVg4ooao
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04c30903955952385ab83e89ca76f2259c76d62dd3bfe08e2d30df982a367a0b

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: HIT
x-mg-request-uuid: c1dc26bf-478a-44b5-8118-e557cbf8eb20
age: 1602910
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15138
cf-request-id: 09fe3951b2000033160c047000000001
last-modified: Mon, 08 Feb 2021 10:20:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 64dd5e62bdfc3316-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x328/0x26x798x532/ 19 KB
19 KB 28ms
26ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1620756674-vHEoEzc9ntcFw81YhqexEQctSp1m_ULeyyP70QLJhmU
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8882124ecc46145f8dd2c4723888f2510a0ef0fc2ad527786b21b7ea6801361a

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: HIT
x-mg-request-uuid: f2823b8e-3139-4e11-a149-8976962a6404
age: 1602965
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19080
cf-request-id: 09fe3951b2000033161f80a000000001
last-modified: Wed, 10 Feb 2021 07:15:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 64dd5e62bdfd3316-CDG

GET
H2 200 compatibility.js Show response
asacdn.com/script/ Frame 5023 20 KB
8 KB 49ms
25ms Script
application/javascript 2606:4700:3033::6815:e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/compatibility.js
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
date: Tue, 11 May 2021 18:11:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1953
x-guploader-uploadid: ABg5-Uzy1wNDdDHDHJ9qxn8FO-IYxsbVa48z4IrXM0ccJ8cdub-HmhKeA_Jq4l7XjDoq9hgk48wb4MAHcNIb5FxXFuDsyEm6nQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe39528e0000dfd761a48000000001
last-modified: Tue, 15 Sep 2020 12:10:32 GMT
server: cloudflare
etag: W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sw9gRDo2EIiqFhSMdK8usUUyQIXhQjpXXfrjAmtB5ignzcjn03Osof4Mkn4ykPBeM6zg7nJJ3YqjOsopO3xve5j9QSLMmi8J7PIFQoqu8d%2FApqRqDRk5"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600171832181211
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 20647
cf-ray: 64dd5e641aaddfd7-FRA
expires: Tue, 11 May 2021 18:05:55 GMT

GET
BLOB 200
OK a79d3cc6-b3aa-4b18-8b35-9d2874272536
https://wigistream.to/ Frame 5023 168 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wigistream.to/a79d3cc6-b3aa-4b18-8b35-9d2874272536
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/6aki36z
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf20a6df38f29dc6dac6119e2bab5678f6d4cc7c7d417e23e4ab5f5d66284935

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 168
Content-Type: text/javascript

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 5023 22 KB
22 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://wigistream.to
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:32:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 59952
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Wed, 11 May 2022 01:32:03 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 5023 23 KB
23 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://wigistream.to
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 440828
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 06 May 2022 15:44:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5023 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6263
date: Tue, 11 May 2021 16:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 11 May 2021 18:26:52 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1620756675270&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY%3A%20NET%201&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1620756675270&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY%3A%20NET%201&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&c9=

64 B
330 B

53ms
53ms

Image
image/gif

65.9.97.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1620756675270&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY%3A%20NET%201&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&c9=
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:15 GMT
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: DvpzEM7wWh5Zo-3Y5UOW033i_cOwnZ2ZdP8KRWszGIMMWRNPn8n6Cg==

Redirect headers

date: Tue, 11 May 2021 18:11:15 GMT
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1620756675270&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY%3A%20NET%201&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2Fp%2Fnet-1.html&c9=
content-length: 207
x-amz-cf-id: z0HFVkIlwP3z_LxRE_sQPl-8qVlptTQIFi4CGCI0NhF6Z0naDKG3Qw==

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0921
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

24ms
7ms

Document
text/html

23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1620756674979304776826
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.vivoplay.sigue.la/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.vivoplay.sigue.la/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "40005-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 11 May 2021 18:11:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Tue, 11 May 2021 18:11:15 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=UlBe9YY8a69kvifxi2lA&pi=mgid&tc=1

43 B
524 B

80ms
79ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=UlBe9YY8a69kvifxi2lA&pi=mgid&tc=1
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 64b5af82-ed6c-41ad-8a1b-8fda46a29b51
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e664cb73318-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3953ed00003318028ae000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=UlBe9YY8a69kvifxi2lA&pi=mgid&tc=1
pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT, Tue, 11 May 2021 18:11:15 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=f1f6de35-6841-42ba-9d3f-8a64ca9333f8

43 B
540 B

76ms
75ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=f1f6de35-6841-42ba-9d3f-8a64ca9333f8
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 01d5d043-5fc5-4f49-ab81-093a0dddbeb8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e6a7e273318-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe39568b000033184d8c8000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=f1f6de35-6841-42ba-9d3f-8a64ca9333f8
date: Tue, 11 May 2021 18:11:16 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=9aa3f7cb-088d-4d18-b0a7-2b6022800ff3&ttl=1623348675

43 B
524 B

95ms
94ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=9aa3f7cb-088d-4d18-b0a7-2b6022800ff3&ttl=1623348675
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 657e4973-99bb-4cf4-95ed-45a41e79dc8e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e667d183318-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe39540900003318150c3000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=9aa3f7cb-088d-4d18-b0a7-2b6022800ff3&ttl=1623348675
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

204

Bidswitch
s.seedtag.com/cs/cookiesync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l4bedRIbc7bb
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l4bedRIbc7bb
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=d0f01fc9-b94f-4b9a-ab2b-ea9315d46036

0
508 B

205ms
18ms

Image
text/plain

34.96.106.9
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=d0f01fc9-b94f-4b9a-ab2b-ea9315d46036
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.106.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:11:15 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: clear
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location: //s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=d0f01fc9-b94f-4b9a-ab2b-ea9315d46036
date: Tue, 11 May 2021 18:11:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=33340b99-cf53-457f-8f5f-a5fc349d33e4&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=d0f01fc9-b94f-4b9a-ab2b-ea9315d46036&gdpr=&gdpr_consent=&us_privacy=

43 B
525 B

75ms
75ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=d0f01fc9-b94f-4b9a-ab2b-ea9315d46036&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a201ba4e-c476-4865-ae30-933af6cb4471
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e665cd53318-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3953f70000331867925000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=d0f01fc9-b94f-4b9a-ab2b-ea9315d46036&gdpr=&gdpr_consent=&us_privacy=
date: Tue, 11 May 2021 18:11:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
514 B 340ms
94ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l4bedRIbc7bb
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 64dd5e660bd3082c-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3953c60000082c28a98000000001

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDRiZWRSSWJjN2Ji&muidn=l4bedRIbc7bb
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDRiZWRSSWJjN2Ji&muidn=l4bedRIbc7bb&google_tc=
https://cm.mgid.com/google?muidn=l4bedRIbc7bb&google_ula={guid},5&google_gid=CAESEEGhCE2LBuR9dZghwh6ma-E&google_cver=1

0
387 B

85ms
84ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l4bedRIbc7bb&google_ula={guid},5&google_gid=CAESEEGhCE2LBuR9dZghwh6ma-E&google_cver=1
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e6509823318-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3953260000331802896000000001

Redirect headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l4bedRIbc7bb&google_ula={guid},5&google_gid=CAESEEGhCE2LBuR9dZghwh6ma-E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
449 B 332ms
85ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l4bedRIbc7bb
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 64dd5e660ddfb7bd-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 09fe3953c50000b7bd2810f000000001

GET
H3-29 200 identify.html Show response
ufpcdn.com/script/ Frame 4F4A 2 KB
1 KB 250ms
239ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wigistream.to/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=d1126dc3e90d18308894ee7eb00b899d704602b9-1620756674-1800-Ac87vuC4ebXwGTDsb6ngMmAjTghuCFyTMUIyOtehapAFjFAeRtgHAyrv0c/ynVYlh+CqCPuqE45QG4ksBYB9qA0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

date: Tue, 11 May 2021 18:11:15 GMT
content-type: text/html
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 09fe3953ce000005c4df248000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3tFrd2u%2F9MYh4VL8dEAsXz6VzndYjHis3sLrnEGC0zqpNralMhlSRlGzmOk3rr4%2BPR%2BROmEd%2F1tnEpXNcCVgAlm32Fy%2FuhUNBAP0ke0CSkTheacLcGIx"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64dd5e660e9a05c4-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 suurl.php Show response
onclickgenius.com/script/ Frame 5023 4 KB
1 KB 163ms
162ms Script
application/javascript 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=3939411&cbrandom=0.9552222905320689&cbiframe=1&cbWidth=730&cbHeight=450&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 8421756b99c835d76d6163db3754624e181e9aac4c32ad4cf2c804aeae76cc0c

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 11 May 2021 18:11:15 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H3-29 200 chrome.js Show response
asacdn.com/script/ Frame 5023 36 KB
12 KB 129ms
94ms Script
application/javascript 2606:4700:3033::6815:e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/chrome.js
Requested by: Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/p/net-1.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
date: Tue, 11 May 2021 18:11:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2665
x-guploader-uploadid: ABg5-UyI37W8tz8yfF0mTbdYOrcF8YYHBVe_yU1V9KNq5sEk7zllZwdDbakhe9KKpDJMqYcmBAADg2dI8lNAlpdbNCfh43NIyQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe3953e5000031400eb08000000001
last-modified: Mon, 14 Sep 2020 09:15:29 GMT
server: cloudflare
etag: W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E2%2FeczCVbp9RRjWMK1cEXnMqWjTPV6Xgg3k6Sli8veuCWJIYOE%2B%2FJfxZT7nkWdbmt9UEClCsdsGvzS1Y4BoFpjUmsStz1aF6uODC0h3AG63SkEoN6Fst"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600074929755781
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 37300
cf-ray: 64dd5e66298a3140-FRA
expires: Tue, 11 May 2021 18:08:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0921 30 KB
9 KB 8ms
8ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 14ece85f8de8c65af2389612fc564a868999d35f7fa5a42fc5fb51f75272875d

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 11 May 2021 18:11:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81126
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Wed, 12 May 2021 16:43:21 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0921 284 B
536 B 50ms
16ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H3-29 200 c
c.mgid.com/ 43 B
454 B 72ms
72ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=236|260|40|I_jhw2wwBNPzntamHMj3n0XSSH6bJflNs4iK-j4wP0xHGGFzw9208iiCDLFDhDkq&fw=1&extjs=66044&v=236|260|8|I_jhw2wwBNPzntamHMj3n3yIwuWgwariIUSe4eFi8lHyfFizWRlJEv1eBlkdmuRD&v=236|260|8|I_jhw2wwBNPzntamHMj3nygtFzCuBeCy9iutwYi7KXKLz1zi-XDMSgMj4_afHBa5&cid=826808&h2=CBvd3SiXK6CDlaashqQY2KhnNLqL3A6-SouWXUUmK6o*&rid=4636d767-b284-11eb-bb92-d094662c1c35&tt=Direct&iv=11&pageImp=1&cbuster=1620756676349140293761&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.vivoplay.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 18:11:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 143f7d37-a7d0-4eb6-87c6-9385d89424a8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64dd5e6b3ff73318-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09fe395703000033185e981000000001
server: cloudflare

GET
H/1.1

200
OK

click Show response
xml.blueparrot.media/ Frame AF2D
Redirect Chain

https://zap.buzz/4kN
https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074
https://www.toromclick.com/feed/click/?t1=128&tid=269&uid=90&subid=304022&id=26450925781f5ffd0a6021b00df25a69:09e250a43e4ef6e83f337fb1100adf727cc2c6ecb4e5183efbd61c04a28bb0486114a3c44680d72de629c78...
https://xml.blueparrot.media/click?i=bAne*4iN6NY_0

0
165 B

476ms
209ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.blueparrot.media/click?i=bAne*4iN6NY_0
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.blueparrot.media
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Tue, 11 May 2021 18:11:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://xml.blueparrot.media/click?i=bAne*4iN6NY_0
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 144
Date: Tue, 11 May 2021 18:11:21 GMT
Connection: keep-alive

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame 2097
Redirect Chain

https://zap.buzz/QYn
https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075

0
165 B

626ms
87ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.popmonetizer.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Tue, 11 May 2021 18:11:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Tue, 11 May 2021 18:11:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YJrIyA.niZlLSlhtAZMOROZer_Aq5VG93s; Expires=Tue, 11-May-2021 18:41:20 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=e30de099c519eea3d96b5962f2cb7082; path=/; HttpOnly __cf_bm=6ecf90268929009e6f5bc42cedfe7eb945fe88e6-1620756680-1800-Ab+oRrbmhI3Tp4Ajf1Tpdic2aTACn09ZxurHHhmCeogohKf2LDGuTCCFGekCo9/2gr0vIv1pCt0g2UeJBGWB02Y=; path=/; expires=Tue, 11-May-21 18:41:20 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09fe39661900004e133ca19000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IgrIwqkXLarvIYYoB5MKEzQ92X%2FLwEuvLrXecLmQyX5CGtZa8%2Fwee9hYDa0ezhamTMr0DubHx1hMAiTgooHBZoOjbagBnjGkM1IdlLYIEfjugbur6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64dd5e835ac34e13-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.adxnexus.com/ Frame A66C
Redirect Chain

https://zap.buzz/ll4
https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381

0
165 B

432ms
93ms

Document
text/plain

174.137.133.17
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.adxnexus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Tue, 11 May 2021 18:11:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Tue, 11 May 2021 18:11:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YJrIyA.niZlLSlhtAZMOROZer_Aq5VG93s; Expires=Tue, 11-May-2021 18:41:20 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=97f6fd07a9574f7f45d06bd8db5e7c2e; path=/; HttpOnly __cf_bm=3b000e2237a8cd68f10aac1a68dac21cc314cdb3-1620756680-1800-ATiqLi5HJtamfEFmdW6dHo0huA0gMR9sFyhAUBbUHOb78rNAhQfYzXNMk3nHPQBuDo1sKJRfmJNOOqBj2L38MKI=; path=/; expires=Tue, 11-May-21 18:41:20 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09fe39661900004e135ab8e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K8zxdF6B%2FGbOPTil9eWqansPUmy1CZ4WBxo%2FAaYrJWbcP6b%2Bcv9Yq7vpjTJrmjiQiwp%2BqyrxW%2BGM5hWuSexVDNePcCeqpvw78jLYat8WNfjtfb647Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64dd5e835ac64e13-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.acertb.com/ Frame DB6C
Redirect Chain

https://zap.buzz/Y7MvP0W
https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759

0
165 B

602ms
158ms

Document
text/plain

174.137.133.16
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.16 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.acertb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Tue, 11 May 2021 18:11:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Tue, 11 May 2021 18:11:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YJrIyA.niZlLSlhtAZMOROZer_Aq5VG93s; Expires=Tue, 11-May-2021 18:41:20 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=6fbe361d347f4b3079feac7ebc39e67f; path=/; HttpOnly __cf_bm=b9e917a276833690321fea9ce32341a3f7ff8af6-1620756680-1800-AQsrJrxH01OwhdnV2FPTusidH0i1xya3GtHehTWymRuxgIqGOzHpMVvaJtj53fxpxVOAKmkOO1/KipOM2iornyQ=; path=/; expires=Tue, 11-May-21 18:41:20 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09fe39661900004e130898f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=omRY3UVap4TmWDmaLZtLVfGwuF8Yk86FK70Sbvd3S0rY9NENywQVOK%2FHN29b7NObBfjjxGDPsdPS%2Fwj7tE6Cd40Sz42o%2FDYN5jDI2KktSOJ2KkaZVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64dd5e835ac44e13-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.zeusadx.com/ Frame 1EE7
Redirect Chain

https://zap.buzz/BVwkdEK
https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610

0
165 B

583ms
133ms

Document
text/plain

174.137.133.17
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.zeusadx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Tue, 11 May 2021 18:11:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Tue, 11 May 2021 18:11:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YJrIyA.niZlLSlhtAZMOROZer_Aq5VG93s; Expires=Tue, 11-May-2021 18:41:20 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=97f6fd07a9574f7f45d06bd8db5e7c2e; path=/; HttpOnly __cf_bm=fa4fcc90651255b358ee6a9d18a56f4ca1734c53-1620756680-1800-AZPXbx+tMXehbUxie/nAU03bMA8nGLahRFLH6CRYF7A7dy8XHJTfax/JhJw8pHh0wEutsCHRjZjn9BUCfWolQp0=; path=/; expires=Tue, 11-May-21 18:41:20 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09fe39661900004e13538d2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TE09G492Ntq1cxPZunIBxIv4TkizA6SPAyMMNRAn4%2BYJvb11GR3w2lJFoXAZzw3NMAhth3JvRRA7AK799dioB8RSBeQHJtisNDhHkT0gDJzMPYwuuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64dd5e835ac54e13-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET

redirect
xml.poprtb.com/ Frame CB4E
Redirect Chain

https://popxyz.com/KdORxkr
https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

0
0

GET

redirect
xml.xmlking.com/ Frame 97E2
Redirect Chain

https://yuppyads.com/aaKkk4M
https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

0
0

GET
H/1.1 200
OK Cookie set 28749 Show response
khandragthresh.com/iBsoG511Gsf7/ Frame 3A08 0
1 KB 70ms
20ms Document
text/html 142.91.159.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://khandragthresh.com/iBsoG511Gsf7/28749

Requested by

Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

142.91.159.108 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: khandragthresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Tue, 11 May 2021 18:11:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jVtOhDAYhbnjZIR4EhYwSwARMzwaF%2BEj6eUvUwfaSalD3L2NiT6dL%2BeSE0VR0tSI70WC9IsNOKn%2BhcbXcRykVL1SA%2FGOK0ldfxaKnkeBg94mz%2FhCPsPjTIacFpOwkio8hejPuRq7mww5d8zICvkaGkuFkju7b%2BSaFJlhK6F4vzgbNF%2FZp3VIzmNAbQLGLRK7NWl9QPmhjQy7%2Boika%2BuqiHC8Lcwr69ZJyyJGPjsmCfEbHgTzNFv3jVLSdvX2BthFTv%2F939t071oUku5ahG%2FrL%2BR%2BAFOVS6g%3D; expires=Wed, 12-May-2021 18:11:20 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxljFFqAjEYhNdsTRWtZcAD7AW6sBLxAHXVBz1DCOu%2FEmTzhySWbk9fqyBC34Zv5pssy8R8BmE93tSyrFRVVstFqRTyEzHEusa04YtLodfOdITXLYXOuB4y0Mmyg9jVmNyzbvhIGK7rjyd2s4Y7ipHw0tjUA5tg3Lm9hFSYrjgY6zD%2BK%2B76%2FKr%2FH%2BQ2eowOC7Uq9umIsaOkoye6xk8OnoNJhNmD3q5kjpGN2gf%2B7uUA78l29MOONLdtpCQFBl9S%2FAKzX0x%2F; expires=Wed, 12-May-2021 18:11:20 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 204 redirect
nsparket.top/ Frame D3AD 0
0 153ms
131ms Document
text/plain 2606:4700:3031::ac43:8cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsparket.top/redirect?tid=756113&file=Watch_Live
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: nsparket.top
:scheme: https
:path: /redirect?tid=756113&file=Watch_Live
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wigistream.to/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

date: Tue, 11 May 2021 18:11:20 GMT
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
x-cache: Miss from cloudfront
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Dj_PSpaWgb4Ot6-8LB6DIk192D6GR1JA799WHmZ3zrOjkAM6-d8AzQ==
cf-cache-status: DYNAMIC
cf-request-id: 09fe39661f0000326051853000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eelgwC0DmFo%2FptS99L19zI3BE%2BfAFdJ0KOi%2Bd0OyInB74O5vleqsYwCSe4ZlIO0ENQLbP5r3ZJZ7bQYzeppfk1XiSgHiiJGLbiJp%2FpWOizz%2FSYl5numvgP4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64dd5e836a7c3260-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xml.poprtb.com
URL: https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

Domain: xml.xmlking.com
URL: https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ufpcdn.com/	1970-01-19 18:12:38	Name: __cf_bm Value: d1126dc3e90d18308894ee7eb00b899d704602b9-1620756674-1800-Ac87vuC4ebXwGTDsb6ngMmAjTghuCFyTMUIyOtehapAFjFAeRtgHAyrv0c/ynVYlh+CqCPuqE45QG4ksBYB9qA0=
www.vivoplay.sigue.la/	1970-01-19 19:39:00	Name: adcashufpv3 Value: 513228320220565137368101508
www.vivoplay.sigue.la/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C826808%22%3A%7B%22page%22%3A1%2C%22time%22%3A1620756674973%7D%2C%22C826817%22%3A%7B%22page%22%3A1%7D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826808.js(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.volvelle.tech
apis.google.com
asacdn.com
c.mgid.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.vdosupreme.com
celeritascdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dmmzkfd82wayn.cloudfront.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
jsc.mgid.com
khandragthresh.com
match.adsrvr.org
nsparket.top
onclickgenius.com
pagead2.googlesyndication.com
resources.blogblog.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.seedtag.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
surgicalexpectingdecisive.com
themes.googleusercontent.com
token.rubiconproject.com
ufpcdn.com
whos.amung.us
widgets.amung.us
wigistream.to
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.toromclick.com
www.vivoplay.sigue.la
x.bidswitch.net
xml.acertb.com
xml.adxnexus.com
xml.blueparrot.media
xml.popmonetizer.net
xml.poprtb.com
xml.revrtb.net
xml.xmlking.com
xml.zeusadx.com
zap.buzz
xml.poprtb.com
xml.xmlking.com
104.16.199.73
104.19.133.78
104.19.135.78
104.19.217.61
13.248.242.197
142.250.186.66
142.91.159.108
159.89.225.89
172.67.201.184
174.137.133.16
174.137.133.17
174.137.133.18
18.195.54.133
185.184.8.30
192.243.59.12
216.239.34.21
23.37.42.132
23.79.143.124
2600:9000:2127:0:6:2e3c:5fc0:21
2606:4700:10::ac43:88d
2606:4700:3030::ac43:9e20
2606:4700:3031::ac43:8cc9
2606:4700:3033::6815:e93
2606:4700:3035::6815:3588
2606:4700:3037::ac43:8e31
2606:4700::6810:5c06
2606:4700::6812:461
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2009
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a04:4e42:3::621
34.96.106.9
35.190.71.96
35.210.178.101
35.212.212.222
65.9.97.94
67.202.94.86
69.173.144.138
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
04c30903955952385ab83e89ca76f2259c76d62dd3bfe08e2d30df982a367a0b
0593a255a01933e26823747656a39bc1fc7188582e67ac5223eefa74f7c2c021
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
14be71b06f44ee41e37f6154420bb3b59dd5052551a81870c4dbf1d04b7baa4c
14ece85f8de8c65af2389612fc564a868999d35f7fa5a42fc5fb51f75272875d
18fbade0cd7f9800703d64e6113629975c3e913ca2e1faacdc6ee548580099a1
214c55aeae4c8972f62d276447d68481b964e5f98fdac62494da0a09293dc284
22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
2367738b0be7bf02f508318a14665721c527433099dac9903f34b7d4d878314d
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e6671b56c0e7c940463171866b9cba1d88fb2857d2d4c44fb81c776cbc9a7b0
554d6c0c19894181bda353ad2f1ca53894deb79e8e7b97f5881c7837b6f419a1
5895751956a4067822db115b239883914585d4b054336b09b4c1bb15a1743e23
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
5b4f01e3784c081814429943d9a1cafcaa556bae64e786806e2e757be1fbb013
5d836c51c3172a1a7d2ce015053e8641a24997f3c61438e2845ea321528cf1a6
5e9d56fb21c3de205d7566fca85f8272159c55be887503215277701c9528d0db
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
734529a3a64866ff2246bea653417c5e441ea5845e99cd9a1ba3208a2f88b11e
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
80e011b01f5b36472a12eb24a1b684606cef79f87f91bac299c114522b7a150c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8421756b99c835d76d6163db3754624e181e9aac4c32ad4cf2c804aeae76cc0c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87a464ae92acdd21ae398f472f9f7f082cafd2d641bf3e2bf144cd4eabccae5b
8882124ecc46145f8dd2c4723888f2510a0ef0fc2ad527786b21b7ea6801361a
8c733c892b5b0c222708477ba428d1838215af99ef8b04c5934c8a32d07fe82f
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8ef3c4d6cef43f8feed794408ea9dc937abb6a1615910a03a18297f4a02aed80
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad001c31a13cbeffd5a81e308fddd9e2ddb7541875681681715fd82e43e82df3
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
bf20a6df38f29dc6dac6119e2bab5678f6d4cc7c7d417e23e4ab5f5d66284935
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c90984a98dd5b9d501bff5d087f8131ce43331cf9bfcb006b3b999f11122287f
c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e25e107c767d2545e64a24d18d954bdcf698b03e738c7dd22b396114d064cd88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65e2328dc1f9862a772f553faa0658e07bbaa0868d935de19fa21de7322a73f
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
fd93fb56772df67888dba6ab8be7698107888d7eb03195d2ad7e22c084daecdb
ff5964eccd731d50855bce6f7db5b9192f1af4155bbfc304996fea58fc903f46
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

www.vivoplay.sigue.la Open in urlscan Pro 216.239.34.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

78 Requests

96 %HTTPS

43 %IPv6

44 Domains

52 Subdomains

34 IPs

4 Countries

1437 kBTransfer

3471 kBSize

3 Cookies

6 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vivoplay.sigue.la Open in urlscan Pro
216.239.34.21 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

96 %
HTTPS

43 %
IPv6

44
Domains

52
Subdomains

34
IPs

4
Countries

1437 kB
Transfer

3471 kB
Size

3
Cookies

78 HTTP transactions
1 data transactions