cdn.livetv435.me Open in urlscan Pro
2606:4700:3033::ac43:9903 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Submission Tags: falconsandbox
Submission: On June 27 via api (June 27th 2021, 5:19:41 pm UTC) from US

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 28 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3033::ac43:9903, located in United States and belongs to CLOUDFLARENET, US. The main domain is cdn.livetv435.me.

This is the only time cdn.livetv435.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3033::ac43:9903	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2606:4700:303... 2606:4700:3033::6815:1db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:84c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
4	172.67.165.252 172.67.165.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:b683	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:2cac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:2ed2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
5 5	2606:4700:303... 2606:4700:3035::6815:3588	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::6815:8f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.89.225.89 159.89.225.89	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	174.137.133.18 174.137.133.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	174.137.133.17 174.137.133.17	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	174.137.133.16 174.137.133.16	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	51.195.131.26 51.195.131.26	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3031::ac43:8cc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	25

4 2606:4700:3033::ac43:9903 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.livetv435.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.livetv435.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:1db (United States)

ASN13335 (CLOUDFLARENET, US)

www.sportsfix.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:84c5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.livetv1000.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

luvaihoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.165.252 (United States)

ASN13335 (CLOUDFLARENET, US)

wigistream.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:b683 (United States)

ASN13335 (CLOUDFLARENET, US)

swarm.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:2cac (United States)

ASN13335 (CLOUDFLARENET, US)

asacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6815:3588 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

zap.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:8f0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xml.revrtb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.225.89 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.toromclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.18 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.popmonetizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.17 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.adxnexus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.zeusadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.16 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.acertb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.131.26 (France)

ASN16276 (OVH, FR)
PTR: ip26.ip-51-195-131.eu

khandragthresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:8cc9 (United States)

ASN13335 (CLOUDFLARENET, US)

nsparket.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	zap.buzz 5 redirects zap.buzz	4 KB
4	wigistream.to wigistream.to	37 KB
4	livetv435.me cdn.livetv435.me ads.livetv435.me	6 KB
3	google-analytics.com www.google-analytics.com	36 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	asacdn.com asacdn.com	20 KB
2	amung.us 1 redirects whos.amung.us widgets.amung.us	2 KB
2	luvaihoo.com luvaihoo.com	20 KB
1	nsparket.top nsparket.top
1	khandragthresh.com khandragthresh.com	1 KB
1	zeusadx.com xml.zeusadx.com	165 B
1	acertb.com xml.acertb.com	165 B
1	adxnexus.com xml.adxnexus.com	165 B
1	popmonetizer.net xml.popmonetizer.net	165 B
1	toromclick.com www.toromclick.com	383 B
1	revrtb.net 1 redirects xml.revrtb.net	1 KB
1	onclickgenius.com onclickgenius.com	1 KB
1	ufpcdn.com ufpcdn.com	2 KB
1	googleapis.com fonts.googleapis.com	491 B
1	rtmark.net my.rtmark.net	491 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	jsdelivr.net cdn.jsdelivr.net	138 KB
1	swarm.video swarm.video	119 KB
1	livetv1000.me cdn.livetv1000.me	159 KB
1	sportsfix.org www.sportsfix.org	994 B
1	aspnetcdn.com ajax.aspnetcdn.com	31 KB
0	xmlking.com Failed xml.xmlking.com Failed
0	poprtb.com Failed xml.poprtb.com Failed
37	28

	Domain	Requested by
5	zap.buzz	5 redirects
4	wigistream.to	www.sportsfix.org wigistream.to
3	www.google-analytics.com	cdn.livetv435.me www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	asacdn.com	wigistream.to cdn.livetv435.me
2	luvaihoo.com	www.sportsfix.org luvaihoo.com
2	ads.livetv435.me	cdn.livetv435.me ads.livetv435.me
2	cdn.livetv435.me	cdn.livetv435.me
1	nsparket.top	wigistream.to
1	khandragthresh.com	wigistream.to
1	xml.zeusadx.com	wigistream.to
1	xml.acertb.com	wigistream.to
1	xml.adxnexus.com	wigistream.to
1	xml.popmonetizer.net	wigistream.to
1	www.toromclick.com	wigistream.to
1	xml.revrtb.net	1 redirects
1	onclickgenius.com	cdn.livetv435.me
1	ufpcdn.com	cdn.livetv435.me
1	fonts.googleapis.com	wigistream.to
1	my.rtmark.net	luvaihoo.com
1	widgets.amung.us	wigistream.to
1	whos.amung.us	1 redirects
1	www.googletagmanager.com	wigistream.to
1	cdn.jsdelivr.net	wigistream.to
1	swarm.video	wigistream.to
1	cdn.livetv1000.me	ads.livetv435.me
1	www.sportsfix.org	cdn.livetv435.me
1	ajax.aspnetcdn.com	cdn.livetv435.me
0	xml.xmlking.com Failed	wigistream.to
0	xml.poprtb.com Failed	wigistream.to
37	30

This site contains no links.

Subject Issuer	Validity	Valid
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
luvaihoo.com R3	`2021-06-19` - `2021-09-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
onclickgenius.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-01-22`	a year	crt.sh
www.toromclick.com R3	`2021-05-23` - `2021-08-21`	3 months	crt.sh
*.popmonetizer.net Sectigo RSA Domain Validation Secure Server CA	`2020-12-14` - `2021-12-14`	a year	crt.sh
*.adxnexus.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-09` - `2022-03-09`	a year	crt.sh
*.acertb.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-09` - `2022-03-09`	a year	crt.sh
*.zeusadx.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2021-11-01`	a year	crt.sh
khandragthresh.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Frame ID: 162CEED8D38D0D541A8E3D5B6A1B1E4D
Requests: 5 HTTP requests in this frame

Frame: http://ads.livetv435.me/getbanner.php?zone_id=120&rnd=245536465
Frame ID: D759BCCA2ACF341BE31AAC2E5D2905DF
Requests: 3 HTTP requests in this frame

Frame: https://www.sportsfix.org/videos/video-1.htm
Frame ID: 9C1A54731F029E6521AC945B2043B7CE
Requests: 2 HTTP requests in this frame

Frame: https://wigistream.to/embed/sv4u2cng56fezb
Frame ID: 69DE6CF68E6BC41833BD6087A0EC80E4
Requests: 15 HTTP requests in this frame

Frame: https://luvaihoo.com/fac.php
Frame ID: A3FCD2394BDAF45CE6684C6B3915AA8F
Requests: 2 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 6A93C633D734F94E602C2E5C1DB2E117
Requests: 1 HTTP requests in this frame

Frame: https://www.toromclick.com/feed/click/?t1=128&tid=265&uid=90&subid=304022&id=6521c36821dfc31938ce075c04fc7a0d:ae0083afbc60212d4f1c303db41ef5cad26f346f56a3691f701bb3bf01390d684aa86c48994ae1440e2809bc42cc8c0a88b1cde9880e0597a039fdac366ccbcbc50043e8e7526ac1231c914bb1db804dcc4044ae0622f749d35d4c915fe8f745be33b4bbe8673621072f3450da09ea32d3f035419c6adf5764bfbde234491714f6c53412fa3fdc05ad4b5809c4d9fe3d8c853f027a6fc849c848b1f211d99c1c6f44d3a262e37c2a3e60d7d05e015196713549d6a7fa2a1489310887136ddd827e6ec7cceb263555dd6872cb8b40fd7f217226494d48a1be1975821b4813d6f53a24eb3bc8da3be0e585507a4f185d0f5a2fde6ff3ea22f318471fefcd17d51fa727ace2630c5f63186ab11f82e622e65ffa852f206cc7db7ec214e82ad4cab412d23bce134158de24a715a86fae89af1a5ef76fe032fc75b69322022c79e4b45629ec0416bf3b17a210164f48900543
Frame ID: 9CD01963E4BF810BE8F09F7EC6CE1496
Requests: 1 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Frame ID: 0258845F0C47B14E1278D297DDA795A3
Requests: 1 HTTP requests in this frame

Frame: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Frame ID: F60C3034E48C19A6EF3F409D7034DF10
Requests: 1 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Frame ID: 9D05671C6442780814A82B557BD1489C
Requests: 1 HTTP requests in this frame

Frame: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Frame ID: 868590CAAE1CBFF553537AB876028606
Requests: 1 HTTP requests in this frame

Frame: https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249
Frame ID: E15F737B57316B51E278DCE298B2571A
Requests: 1 HTTP requests in this frame

Frame: https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248
Frame ID: 065841172B8ABF04D9AD75DE2A4399A7
Requests: 1 HTTP requests in this frame

Frame: https://khandragthresh.com/iBsoG511Gsf7/28749
Frame ID: C2F6424BF15CF740BF8C61829FF5227F
Requests: 1 HTTP requests in this frame

Frame: https://nsparket.top/redirect?tid=756113&file=Watch_Live
Frame ID: 2A6031512F8B19D8A80F81CD0B43552F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

81 %
HTTPS

59 %
IPv6

28
Domains

30
Subdomains

25
IPs

4
Countries

658 kB
Transfer

1721 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 5

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1200854345&utmhn=cdn.livetv435.me&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=LiveTV%20%2F%20WebPlayer&utmhid=1268449197&utmr=-&utmp=%2Fexport%2Fwebplayer.iframe.php%3Ft%3Difr%26c%3D1620338%26lang%3Den%26eid%3D1084222%26lid%3D1620338%26ci%3D2534%26si%3D1&utmht=1624814362969&utmac=UA-321536-3&utmcc=__utma%3D242990032.745248286.1624814363.1624814363.1624814363.1%3B%2B__utmz%3D242990032.1624814363.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=685181339&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1200854345&utmhn=cdn.livetv435.me&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=LiveTV%20%2F%20WebPlayer&utmhid=1268449197&utmr=-&utmp=%2Fexport%2Fwebplayer.iframe.php%3Ft%3Difr%26c%3D1620338%26lang%3Den%26eid%3D1084222%26lid%3D1620338%26ci%3D2534%26si%3D1&utmht=1624814362969&utmac=UA-321536-3&utmcc=__utma%3D242990032.745248286.1624814363.1624814363.1624814363.1%3B%2B__utmz%3D242990032.1624814363.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=685181339&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 17

https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=95900&c=000000ffffff&p=

Request Chain 27

https://zap.buzz/4kN HTTP 302
https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074 HTTP 302
https://www.toromclick.com/feed/click/?t1=128&tid=265&uid=90&subid=304022&id=6521c36821dfc31938ce075c04fc7a0d:ae0083afbc60212d4f1c303db41ef5cad26f346f56a3691f701bb3bf01390d684aa86c48994ae1440e2809bc42cc8c0a88b1cde9880e0597a039fdac366ccbcbc50043e8e7526ac1231c914bb1db804dcc4044ae0622f749d35d4c915fe8f745be33b4bbe8673621072f3450da09ea32d3f035419c6adf5764bfbde234491714f6c53412fa3fdc05ad4b5809c4d9fe3d8c853f027a6fc849c848b1f211d99c1c6f44d3a262e37c2a3e60d7d05e015196713549d6a7fa2a1489310887136ddd827e6ec7cceb263555dd6872cb8b40fd7f217226494d48a1be1975821b4813d6f53a24eb3bc8da3be0e585507a4f185d0f5a2fde6ff3ea22f318471fefcd17d51fa727ace2630c5f63186ab11f82e622e65ffa852f206cc7db7ec214e82ad4cab412d23bce134158de24a715a86fae89af1a5ef76fe032fc75b69322022c79e4b45629ec0416bf3b17a210164f48900543

Request Chain 28

https://zap.buzz/QYn HTTP 302
https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075

Request Chain 29

https://zap.buzz/ll4 HTTP 302
https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381

Request Chain 30

https://zap.buzz/Y7MvP0W HTTP 302
https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759

Request Chain 31

https://zap.buzz/BVwkdEK HTTP 302
https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610

Request Chain 32

https://popxyz.com/KdORxkr HTTP 302
https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

Request Chain 33

https://yuppyads.com/aaKkk4M HTTP 302
https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request webplayer.iframe.php Show response
cdn.livetv435.me/export/ 7 KB
3 KB 57ms
51ms Document
text/html 2606:4700:3033::ac43:9903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:9903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 054ded0652980ad77a893434b61a39fafebb02f2473bc7194abb946932da10ee

Request headers

Host: cdn.livetv435.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 17:19:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
cf-request-id: 0af014b8220000beabf484b000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cGM9NK%2FaV3Wx9cXGA5MkgbR41htFUHGuuaWWWg5nOnrdo6etyFMsPQ79cG%2BzLLje47WzjXEvV8Rl9YqyqHIci2pBw7HfSxXpsAmQSXYW7Tqw%2BQ%2BBdSg9vMFLXKzZ9yvaNjBAJgmgovwtQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 666057069f10beab-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 jquery-1.6.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 88 KB
31 KB 166ms
41ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.6.min.js

Requested by

Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA1) /

Resource Hash

6cc24742d2f13a0481a674f9b06ffcc8a9d721bfe742b83e1d53e9ad67b0c66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://cdn.livetv435.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 17:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1183093
x-cache: HIT
content-length: 31689
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:58 GMT
server: ECAcc (frc/8FA1)
etag: "06dec9cc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK main.webplayer.css
cdn.livetv435.me/css/ 555 B
1 KB 17ms
17ms Stylesheet
text/css 2606:4700:3033::ac43:9903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.livetv435.me/css/main.webplayer.css?2
Requested by: Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:9903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7c212f8c9c7bb94779e51267a7d3e49f01bfaba2c75a3c713038d32334947a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.livetv435.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 17:19:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 93215
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af014b8580000beab8e1f2000000001
Last-Modified: Wed, 18 Feb 2015 22:47:19 GMT
Server: cloudflare
ETag: W/"54e51677-22b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r5M5ldwCOE%2BjNa8y41xhZF0Q37tOAzvkGCfEvNppq9xWjQmrBP5nqGU6t6D481sL9swxA7kZtaDokbXqGuHU1P%2BwnGLCjAzWMmqv0gGXI7CcCimb4kluiJzOUE4OhT1o4Noi9JH48Xsp8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
CF-RAY: 66605706ff57beab-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK getbanner.php Show response
ads.livetv435.me/ Frame D759 446 B
1 KB 71ms
56ms Document
text/html 2606:4700:3033::ac43:9903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.livetv435.me/getbanner.php?zone_id=120&rnd=245536465
Requested by: Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:9903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78f3981a6c2bc117b85b2b7ffdd2ac4618085392a7c1e0aadd529038eff3b319

Request headers

Host: ads.livetv435.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://cdn.livetv435.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cdn.livetv435.me/

Response headers

Date: Sun, 27 Jun 2021 17:19:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Cache-Status: HIT
CF-Cache-Status: DYNAMIC
cf-request-id: 0af014b9530000323cc20e7000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zTIbcQo%2FCsJJXA5%2B896PMTwYcrfwPiouCKwKcZJV33NkF0YfskdRoMz%2FyVfpntwQdsLAOn33eW%2BjbP3hlbWmo%2FGZ3xgEIngrriatcXEIAufVT7kb9Xsjcnpf0LtYKmDoQ%2Bt3XuMcD23VIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 666057088ce5323c-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 video-1.htm Show response
www.sportsfix.org/videos/ Frame 9C1A 869 B
994 B 99ms
70ms Document
text/html 2606:4700:3033::6815:1db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sportsfix.org/videos/video-1.htm
Requested by: Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd8992cffd45887ac09c63f02fa2f415c57abf100e30ce71873430bfebc8bc

Request headers

:method: GET
:authority: www.sportsfix.org
:scheme: https
:path: /videos/video-1.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://cdn.livetv435.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cdn.livetv435.me/

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
content-type: text/html
last-modified: Wed, 09 Jun 2021 09:17:14 GMT
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
cf-request-id: 0af014b961000005f9d611d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cwGiMCuu0HXjAest4n2D%2B3oH89qr%2F1DPkd8jN7pvt9Na8QaDjKvWZ%2FkFIjk78TspIPYORhZTG%2BQD6MUo5AREqKp0fLnDmrWqrQxdji0g1z5ji3HETdHy4DE%2BG3M%2Flrn6T5oHJvwvUyG6%2FgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 666057089bf405f9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://cdn.livetv435.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 489
date: Sun, 27 Jun 2021 17:11:13 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 27 Jun 2021 19:11:13 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H3-29

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1200854345&utmhn=cdn.livetv435.me&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1200854345&utmhn=cdn.livetv435.me&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...

35 B
54 B

15ms
15ms

Image
image/gif

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1200854345&utmhn=cdn.livetv435.me&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=LiveTV%20%2F%20WebPlayer&utmhid=1268449197&utmr=-&utmp=%2Fexport%2Fwebplayer.iframe.php%3Ft%3Difr%26c%3D1620338%26lang%3Den%26eid%3D1084222%26lid%3D1620338%26ci%3D2534%26si%3D1&utmht=1624814362969&utmac=UA-321536-3&utmcc=__utma%3D242990032.745248286.1624814363.1624814363.1624814363.1%3B%2B__utmz%3D242990032.1624814363.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=685181339&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://cdn.livetv435.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 17:19:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1200854345&utmhn=cdn.livetv435.me&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=LiveTV%20%2F%20WebPlayer&utmhid=1268449197&utmr=-&utmp=%2Fexport%2Fwebplayer.iframe.php%3Ft%3Difr%26c%3D1620338%26lang%3Den%26eid%3D1084222%26lid%3D1620338%26ci%3D2534%26si%3D1&utmht=1624814362969&utmac=UA-321536-3&utmcc=__utma%3D242990032.745248286.1624814363.1624814363.1624814363.1%3B%2B__utmz%3D242990032.1624814363.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=685181339&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 1179160960.gif
cdn.livetv1000.me/img/ads/new2/ Frame D759 158 KB
159 KB 22ms
15ms Image
image/gif 2606:4700:3037::ac43:84c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.livetv1000.me/img/ads/new2/1179160960.gif
Requested by: Host: ads.livetv435.me
URL: http://ads.livetv435.me/getbanner.php?zone_id=120&rnd=245536465
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:84c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3191173872a560fec2699124680ca3449a33e1f910af488f0f966f1d8f45862e

Request headers

Referer: http://ads.livetv435.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 17:19:23 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1129760
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 161825
cf-request-id: 0af014b9c10000dfc75e229000000001
Last-Modified: Mon, 14 Jun 2021 15:29:18 GMT
Server: cloudflare
ETag: "60c775ce-27821"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SscIQM3LFmR6%2F95wHAB%2FaZkX0LsKv6NN6a%2BVOjE9JuDTTdGLWSJEYlK6azgfLgnuc9BLe9SYYFxEaGV9DxU%2Ff7bOEw2yhlFk4OtWv4hjXLBAdfKZmvX0uUUuqlZPTc2XyeWa%2FtT%2BC3m5npA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 666057093c01dfc7-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK counter.php
ads.livetv435.me/ Frame D759 0
682 B 120ms
120ms Image
application/octet-stream 2606:4700:3033::ac43:9903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.livetv435.me/counter.php?bid=2319&timestamp=1624814339&hash=418570628
Requested by: Host: ads.livetv435.me
URL: http://ads.livetv435.me/getbanner.php?zone_id=120&rnd=245536465
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:9903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ads.livetv435.me/getbanner.php?zone_id=120&rnd=245536465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 17:19:23 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FcJJ8BeLo%2FcQGnmxVgAPiWWeWz0NEsANvVR5OLuiK8vqpaK7CKZ8f9WtQoyHgYH%2FonufLDNBQfljupy03g21ODFSfb302FFLNDiEPnMLVegdwwGJhUPiRd1lPF2zfDHxgJOApz74GEPR8g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Connection: keep-alive
CF-RAY: 666057092e49323c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0af014b9bb0000323c76085000000001

GET
H2 200 3327218 Show response
luvaihoo.com/5/ Frame 9C1A 50 KB
20 KB 184ms
80ms Script
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luvaihoo.com/5/3327218
Requested by: Host: www.sportsfix.org
URL: https://www.sportsfix.org/videos/video-1.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 645e3f8a9af6db1a6b2d8dd9b3b1b835edd71bb17511ebe0a5456fcafac51afb

Request headers

Referer: https://www.sportsfix.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: ebe9beefe4bc12f52c45d529a0074267
pragma: no-cache, no-cache
date: Sun, 27 Jun 2021 17:19:21 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sv4u2cng56fezb Show response
wigistream.to/embed/ Frame 69DE 16 KB
6 KB 213ms
110ms Document
text/html 172.67.165.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wigistream.to/embed/sv4u2cng56fezb
Requested by: Host: www.sportsfix.org
URL: https://www.sportsfix.org/videos/video-1.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf238a23d859614fdca394cb07d5f4401a76aeac4e62d30ad36c5275130e3040

Request headers

:method: GET
:authority: wigistream.to
:scheme: https
:path: /embed/sv4u2cng56fezb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sportsfix.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sportsfix.org/

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: hf1=1; expires=Mon, 28-Jun-2021 17:19:23 GMT; Max-Age=86400; path=/
cf-cache-status: DYNAMIC
cf-request-id: 0af014ba4200004e50fc3d9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gyr%2BxqyZ%2FV%2FMoNurb0%2BU89aF9XmyOv0J7OgN9F1RQNXkxyY0644aTwvuXKc4a4GIzlMgdn18uRxXht9wU%2Bl0fEPfilozmACi0%2BXOJe%2FiTyuDmbL3U3xyh6I2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6660570a08694e50-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 fac.php Show response
luvaihoo.com/ Frame A3FC 203 B
646 B 49ms
49ms Document
text/html 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://luvaihoo.com/fac.php

Requested by

Host: luvaihoo.com
URL: https://luvaihoo.com/5/3327218

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

dcc67bc80e654f874dd803b2bf4667740ac72877acdb8d110dfa7d7456078fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: luvaihoo.com
:scheme: https
:path: /fac.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sportsfix.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OAID=ad649bcc9c004a4487f2f8b1d2a427df; oaidts=1624814363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sportsfix.org/

Response headers

server: nginx
date: Sun, 27 Jun 2021 17:19:21 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: 02716e5e040546cca6ed1dc7609ab3a3
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H3-29 200 embed.min.css
wigistream.to/css/ Frame 69DE 1 KB
1010 B 129ms
82ms Stylesheet
text/css 172.67.165.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wigistream.to/css/embed.min.css?v=0.3
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/sv4u2cng56fezb
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.165.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Referer: https://wigistream.to/embed/sv4u2cng56fezb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5499
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af014bb02000005e9761d6000000001
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
server: cloudflare
etag: W/"5fa984ce-484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QwX8frC4sQcu%2F7alcFsbYmqf%2BOzUKgu1O8WLgQ0DL60H6OmI2h4c%2FgpXxDCQNEofS8mDx2Ys12NRLjX53Y1%2FeN0PIIa8JziJL%2F4S%2FNu%2BZHK2q1AnGEuOXLHwbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6660570b39f305e9-FRA

GET
H3-29 200 icon.png
wigistream.to/imgs/ Frame 69DE 469 B
1 KB 98ms
51ms Image
image/png 172.67.165.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wigistream.to/imgs/icon.png
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/sv4u2cng56fezb
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.165.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214c55aeae4c8972f62d276447d68481b964e5f98fdac62494da0a09293dc284

Request headers

Referer: https://wigistream.to/embed/sv4u2cng56fezb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 469
cf-request-id: 0af014bb00000005e990300000000001
last-modified: Wed, 11 Nov 2020 18:38:04 GMT
server: cloudflare
etag: "5fac2f8c-1d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CsEwCQy5XRi5%2BjidXDzStc3HZLg7WeWZl%2BqsIHIHYush675VbxXGbUuML8VM8u7S17tTXkKohe8DJH2zV5zA%2Fz7kJPdKkXyqf7zFhWaMgMBIHjGZGAdj01Un%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6660570b39f705e9-FRA

GET
H3-29 200 jquery.min.js Show response
wigistream.to/js/ Frame 69DE 85 KB
29 KB 104ms
59ms Script
application/javascript 172.67.165.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wigistream.to/js/jquery.min.js
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/sv4u2cng56fezb
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.165.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://wigistream.to/embed/sv4u2cng56fezb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4548
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af014bb00000005e9513b7000000001
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
server: cloudflare
etag: W/"5fa984ce-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HLyPos6PaDRp8cZ5DzgbNnIAhRxzxaGR1gWDa9143z0PZdzRCSI%2FQShSXmpCRrQEaBc4ue%2FzwC8u5Wi2Lck3qb2EA0Imw30MChN1oyykqy2BU0FX7UQENHXYeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6660570b39f605e9-FRA

GET
H2 200 wigistream.js Show response
swarm.video/ Frame 69DE 506 KB
119 KB 72ms
44ms Script
application/javascript 2606:4700:3034::ac43:b683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarm.video/wigistream.js?version=0.0.70
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/sv4u2cng56fezb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 907aa364d473bdb7e92fa2ad67a97e34b95437bebc703967c7ea955090e184ec

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101036
x-powered-by: Express
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af014bad4000005c4ddbda000000001
last-modified: Sat, 26 Jun 2021 13:11:52 GMT
server: cloudflare
etag: W/"7ee24-17a4872ad3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jpIrAGEZLWU8gC8lKMmudSUriyDBxmeK4IEE3YjV%2FNNOIfVYVNv1hj%2BMNBCsWf9PK%2FH1bCFO5MFwwfzMNHyjbb5O%2FpUoBaiuQLpLNtA5D4CP%2Fc%2FxARn1XlnCG7yxzSiM9ZUNABA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-polished: origSize=519716
cf-ray: 6660570ae89205c4-FRA
cf-bgj: minify

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 69DE 513 KB
138 KB 20ms
7ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: wigistream.to
URL: https://wigistream.to/embed/sv4u2cng56fezb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 8053
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19153-FRA
date: Sun, 27 Jun 2021 17:19:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 69DE 90 KB
36 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184968220-1

Requested by

Host: wigistream.to
URL: https://wigistream.to/embed/sv4u2cng56fezb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9db64d52e31bfaefdd83ca79fde6ad7463ddc8bd61706782652801e9e091c6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36363
x-xss-protection: 0
last-modified: Sun, 27 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 27 Jun 2021 17:19:23 GMT

GET
H2

200

/
widgets.amung.us/draw/ Frame 69DE
Redirect Chain

https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=95900&c=000000ffffff&p=

1 KB
2 KB

46ms
22ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=95900&c=000000ffffff&p=
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/sv4u2cng56fezb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef7b23334321eee3d0b5f0fb402688e0696306d4634f1124038037e05df7bf3

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
cf-cache-status: HIT
server: cloudflare
age: 89603
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 6660570db9d02b7d-FRA
cf-request-id: 0af014bc8e00002b7d29aa7000000001
expires: Sun, 27 Jun 2021 16:26:00 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=95900&c=000000ffffff&p=
date: Sun, 27 Jun 2021 17:19:23 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H2 200 img.gif
my.rtmark.net/ Frame A3FC 43 B
491 B 154ms
52ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=ad649bcc9c004a4487f2f8b1d2a427df

Requested by

Host: luvaihoo.com
URL: https://luvaihoo.com/fac.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://luvaihoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame 69DE 1 KB
491 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: wigistream.to
URL: https://wigistream.to/css/embed.min.css?v=0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Jun 2021 15:46:06 GMT
server: ESF
date: Sun, 27 Jun 2021 17:19:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Jun 2021 17:19:23 GMT

GET
H2 200 compatibility.js Show response
asacdn.com/script/ Frame 69DE 20 KB
8 KB 91ms
69ms Script
application/javascript 2606:4700:3035::6815:2cac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/compatibility.js
Requested by: Host: wigistream.to
URL: https://wigistream.to/embed/sv4u2cng56fezb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2cac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
date: Sun, 27 Jun 2021 17:19:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3160
x-guploader-uploadid: ABg5-Uzy1wNDdDHDHJ9qxn8FO-IYxsbVa48z4IrXM0ccJ8cdub-HmhKeA_Jq4l7XjDoq9hgk48wb4MAHcNIb5FxXFuDsyEm6nQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af014bbbd00004a6e162be000000001
last-modified: Tue, 15 Sep 2020 12:10:32 GMT
server: cloudflare
etag: W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FodBD5tokoKwr6bz1R1Kb9ZV9CPhttHjgZIMYmnaLfOBGpL0qngl1lXGdMTcZllvEZV%2FoUJGZ%2B94w%2F0%2FzTDDBEIQtlfyIA3IStUPNSjVOwQF7lE6iULE6cEBbgaA0qOAVgNoeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600171832181211
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 20647
cf-ray: 6660570c38c94a6e-FRA
expires: Sun, 27 Jun 2021 16:48:56 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 69DE 22 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://wigistream.to
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 03:05:48 GMT
x-content-type-options: nosniff
age: 310415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 03:05:48 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 69DE 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://wigistream.to
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 16:52:32 GMT
x-content-type-options: nosniff
age: 433611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:52:32 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 69DE 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6458
date: Sun, 27 Jun 2021 15:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sun, 27 Jun 2021 17:31:45 GMT

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 6A93 2 KB
2 KB 230ms
195ms Document
text/html 2606:4700:3030::6815:2ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wigistream.to/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

date: Sun, 27 Jun 2021 17:19:23 GMT
content-type: text/html
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0af014bc0a00004e145723c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=51f1eb769c19de3f28ba46983e30964354245e93-1624814363-1800-AdDbpigR+XLRlM0a15/5cCwDp9P8zrLPxn+vNJF32fYf2upS20RWOxCKNEUwdxYM745RM6ZO4vmoTw5CcUYBqkA=; path=/; expires=Sun, 27-Jun-21 17:49:23 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hlzuKDkInjt2yKy1iwazG5rn8H4rlE8CSYkko2FhhrbARx5LLsYAzWMw1fnJIKu3OYWRtzMU0Da3Au60vu6EOG%2FC%2B3Ewx0JvzclJx2O%2FnlQMMXVHue%2FUokYdJjbO433SRVdwGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6660570cdca14e14-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 suurl.php Show response
onclickgenius.com/script/ Frame 69DE 5 KB
1 KB 352ms
254ms Script
application/javascript 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=3939411&cbrandom=0.6762772825407772&cbiframe=1&cbWidth=700&cbHeight=480&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com
Requested by: Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 1105ac9629deac158d214b7bfa181c324264acef094cc9274ce0a353a27d52f4

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Jun 2021 17:19:24 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H3-29 200 chrome.js Show response
asacdn.com/script/ Frame 69DE 36 KB
12 KB 40ms
28ms Script
application/javascript 2606:4700:3035::6815:2cac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/chrome.js
Requested by: Host: cdn.livetv435.me
URL: http://cdn.livetv435.me/export/webplayer.iframe.php?t=ifr&c=1620338&lang=en&eid=1084222&lid=1620338&ci=2534&si=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2cac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: https://wigistream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
date: Sun, 27 Jun 2021 17:19:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABg5-UyI37W8tz8yfF0mTbdYOrcF8YYHBVe_yU1V9KNq5sEk7zllZwdDbakhe9KKpDJMqYcmBAADg2dI8lNAlpdbNCfh43NIyQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af014bcbc00004e44b9b27000000001
last-modified: Mon, 14 Sep 2020 09:15:29 GMT
server: cloudflare
etag: W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=beHgKyABrTIoE7FDS9a8aJAR5vdnYizOsVPtpuPqgVc%2FaqbDTocZc%2FfihFkFEGqVxvesNpS9xQf%2Bq0TjAquIlSzQKn8mL%2BrZLas%2Bm%2FkR6jpPOlg8rSnVKLVoECuvb1ATodsLjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600074929755781
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 37300
cf-ray: 6660570dfcc04e44-FRA
expires: Sun, 27 Jun 2021 17:24:56 GMT

GET
H/1.1

200
OK

/ Show response
www.toromclick.com/feed/click/ Frame 9CD0
Redirect Chain

https://zap.buzz/4kN
https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074
https://www.toromclick.com/feed/click/?t1=128&tid=265&uid=90&subid=304022&id=6521c36821dfc31938ce075c04fc7a0d:ae0083afbc60212d4f1c303db41ef5cad26f346f56a3691f701bb3bf01390d684aa86c48994ae1440e2809b...

42 B
383 B

512ms
231ms

Document
application/json

159.89.225.89
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.toromclick.com/feed/click/?t1=128&tid=265&uid=90&subid=304022&id=6521c36821dfc31938ce075c04fc7a0d:ae0083afbc60212d4f1c303db41ef5cad26f346f56a3691f701bb3bf01390d684aa86c48994ae1440e2809bc42cc8c0a88b1cde9880e0597a039fdac366ccbcbc50043e8e7526ac1231c914bb1db804dcc4044ae0622f749d35d4c915fe8f745be33b4bbe8673621072f3450da09ea32d3f035419c6adf5764bfbde234491714f6c53412fa3fdc05ad4b5809c4d9fe3d8c853f027a6fc849c848b1f211d99c1c6f44d3a262e37c2a3e60d7d05e015196713549d6a7fa2a1489310887136ddd827e6ec7cceb263555dd6872cb8b40fd7f217226494d48a1be1975821b4813d6f53a24eb3bc8da3be0e585507a4f185d0f5a2fde6ff3ea22f318471fefcd17d51fa727ace2630c5f63186ab11f82e622e65ffa852f206cc7db7ec214e82ad4cab412d23bce134158de24a715a86fae89af1a5ef76fe032fc75b69322022c79e4b45629ec0416bf3b17a210164f48900543
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.225.89 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: 24be33ead1981d7d02a0f68c945750c31c49ecf654eec2e77c8bd5e7d7c435e8

Request headers

Host: www.toromclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Content-Type: application/json; charset=utf-8
Content-Length: 42
ETag: W/"2a-SfbAal+6QpiSG1ceOQo6xAzaIiE"
Date: Sun, 27 Jun 2021 17:19:29 GMT
Connection: keep-alive

Redirect headers

date: Sun, 27 Jun 2021 17:19:29 GMT
content-length: 0
cache-control: no-store
age: 0
location: https://www.toromclick.com/feed/click/?t1=128&tid=265&uid=90&subid=304022&id=6521c36821dfc31938ce075c04fc7a0d:ae0083afbc60212d4f1c303db41ef5cad26f346f56a3691f701bb3bf01390d684aa86c48994ae1440e2809bc42cc8c0a88b1cde9880e0597a039fdac366ccbcbc50043e8e7526ac1231c914bb1db804dcc4044ae0622f749d35d4c915fe8f745be33b4bbe8673621072f3450da09ea32d3f035419c6adf5764bfbde234491714f6c53412fa3fdc05ad4b5809c4d9fe3d8c853f027a6fc849c848b1f211d99c1c6f44d3a262e37c2a3e60d7d05e015196713549d6a7fa2a1489310887136ddd827e6ec7cceb263555dd6872cb8b40fd7f217226494d48a1be1975821b4813d6f53a24eb3bc8da3be0e585507a4f185d0f5a2fde6ff3ea22f318471fefcd17d51fa727ace2630c5f63186ab11f82e622e65ffa852f206cc7db7ec214e82ad4cab412d23bce134158de24a715a86fae89af1a5ef76fe032fc75b69322022c79e4b45629ec0416bf3b17a210164f48900543
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0af014cff8000006106e223000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QKFNpbN5ruY99gbXnBmlTZRvf5FCIEhhhNoqSlS7ITFxv%2Fftv3tkRsjETYNfXdH7EWD7Fd1pfTSNk6%2FzO%2BZDqdudzg0Mzv1JZC5Gf75Ws9pJSo64SrSWUKYs9yJDBntgL9wcCbszhKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6660572cb8090610-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame 0258
Redirect Chain

https://zap.buzz/QYn
https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075

0
165 B

508ms
124ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.popmonetizer.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 17:19:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Sun, 27 Jun 2021 17:19:28 GMT
content-type: text/html; charset=utf-8
location: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YNizIA.LzcyAlOsZi4-3lNsFcea-oCeAVE; Expires=Sun, 27-Jun-2021 17:49:28 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=d0debba765f89f25a8549b5839cb4ad4; path=/; HttpOnly __cf_bm=1b690e4879b0e7f275b0b7ccf7e510935fd30af8-1624814368-1800-ARz7/gUxx00JNWKec8UUPE7yUIU/E5yy2A3J78x1y2EgOnBNP3VEiq97TEjk+SW3tTud2hIqmo+6aqPYtBN9nss=; path=/; expires=Sun, 27-Jun-21 17:49:28 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0af014cf1c00004dee4c961000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Qd2uX%2B%2B03NA3S9ccx2%2Fgm8A3cI1cVyLAZM093z3WeoEHhtDfZ5PMPmWLy4WejIJO0B0kOC27lKoMj9DHIqvfi%2BncAbER%2F6bsXh8k0Pcp%2FYRnEwY8l9bCQg5RC6n54qvSQ7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6660572b59df4dee-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.adxnexus.com/ Frame F60C
Redirect Chain

https://zap.buzz/ll4
https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381

0
165 B

387ms
127ms

Document
text/plain

174.137.133.17
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.adxnexus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 17:19:28 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Sun, 27 Jun 2021 17:19:28 GMT
content-type: text/html; charset=utf-8
location: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YNizIA.LzcyAlOsZi4-3lNsFcea-oCeAVE; Expires=Sun, 27-Jun-2021 17:49:28 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=8bb2197ae75737be8342e5203bc4070b; path=/; HttpOnly __cf_bm=24e069cd4c58abb7da1d42924409f25988217e08-1624814368-1800-AcVE+8Bv47s6cTumi5iJV69u3bFZRhHjzo9Ph+Xj71UUlkVVPBEGrM/HOXk6KCvopFXrRjja+fG+ZBcWIOsW75w=; path=/; expires=Sun, 27-Jun-21 17:49:28 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0af014cf1c00004deee6aa2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=loqU3xBceFAdxF7PSJZAi8pubT4X6ihXMflICXIeKbREoCDV5%2B9VqKdxfCJKsOTr%2F21FzoBjGJSO0ZxKGCEgaoaM5JIfx9tLB8IlgDHBKzl%2FhQFTYNEc2S8BM%2FqzMA03h1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6660572b59e14dee-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.acertb.com/ Frame 9D05
Redirect Chain

https://zap.buzz/Y7MvP0W
https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759

0
165 B

418ms
126ms

Document
text/plain

174.137.133.16
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.16 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.acertb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 17:19:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Sun, 27 Jun 2021 17:19:28 GMT
content-type: text/html; charset=utf-8
location: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YNizIA.LzcyAlOsZi4-3lNsFcea-oCeAVE; Expires=Sun, 27-Jun-2021 17:49:28 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=e30de099c519eea3d96b5962f2cb7082; path=/; HttpOnly __cf_bm=c0df76443b38161ccb739c68eba88434c1ee938d-1624814368-1800-AcnyXSzNMBapTztC4QUDJjX36waarAIZtx7MPTUM3XVDLeN/TtBcibifllosu3qEOiNJEo4pCAk6plxuHOCqf3A=; path=/; expires=Sun, 27-Jun-21 17:49:28 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0af014cf1c00004deeb20e3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QIMD5PYKn4w1V70bljYeizv9YpsQRHe4G2TDq3Qx%2BUxkvz2CQ4eJ%2FrfmraIfDwt8ed3p6pIuyTbyLrK57I4Qmrv5XlmDAxm9u7czuegyWSkIj%2BdQaaW4q4Tq4gfP1uH3F7w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6660572b59e24dee-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.zeusadx.com/ Frame 8685
Redirect Chain

https://zap.buzz/BVwkdEK
https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610

0
165 B

381ms
126ms

Document
text/plain

174.137.133.17
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.zeusadx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 17:19:28 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Sun, 27 Jun 2021 17:19:28 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YNizIA.LzcyAlOsZi4-3lNsFcea-oCeAVE; Expires=Sun, 27-Jun-2021 17:49:28 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=45735785186a9cd13dd10d58bf05d0c7; path=/; HttpOnly __cf_bm=319b04c0beab8a4c0fc16fe474bd407ddef1f2e9-1624814368-1800-ATUAU/tqBgRUucxeUqfBfRRRLch84qyd7Bkd9Vy948Xngq+D0TEv+tSRsMcIWEHBkJKjzlVVwZ/j0F5XqBaQPoI=; path=/; expires=Sun, 27-Jun-21 17:49:28 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0af014cf1c00004dee519c8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NLJ%2Fk6JYRjdfM413alPHTSp6NXGf4R3X1FobXhV1Y%2BoGXgn0GUARnh1E0Y1ItDFECCVMKNlRW96TWphVLEvgNpMtW%2F9pMEk7GZAecDt5T4PQZLZC0uYmCZasURUs5jlaEgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6660572b59e34dee-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET

redirect
xml.poprtb.com/ Frame E15F
Redirect Chain

https://popxyz.com/KdORxkr
https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

0
0

GET

redirect
xml.xmlking.com/ Frame 0658
Redirect Chain

https://yuppyads.com/aaKkk4M
https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

0
0

GET
H/1.1 200
OK Cookie set 28749 Show response
khandragthresh.com/iBsoG511Gsf7/ Frame C2F6 0
1 KB 224ms
57ms Document
text/html 51.195.131.26
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://khandragthresh.com/iBsoG511Gsf7/28749

Requested by

Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

51.195.131.26 , France, ASN16276 (OVH, FR),

Reverse DNS

ip26.ip-51-195-131.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: khandragthresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wigistream.to/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 17:19:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jVtOhDAYhbnjZIR4EhYwSwARMzwaF%2BEj6eUvUwfaSalD3L2NiT6dL%2BeSE0VR0tSI70WC9IsNOKn%2BhcbXcRykVL1SA%2FGOK0ldfxaKnkeBg94mz%2FhCPsPjTIacFpOwkio8hejPuRq7mww5d8zICvkaGkuFkju7b%2BSaFJlhK6F4vzgbNF%2FZp3VIzmNAbQLGLRK7NWl9QPmhjQy7%2Boika%2BuqiHC8Lcwr69ZJyyJGPjsmCfEbHgTzNFv3jVLSdvX2BthFTv%2F939t071oUku5ahG%2FrL%2BR%2BAFOVS6g%3D; expires=Mon, 28-Jun-2021 17:19:28 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjL1OwzAUhVMHLKKgwJF4AF6ASBlKyxyGDGxsXSzLuW2v1NiWcwukT4%2FSSIjpfDp%2FWZappwqKI6rtW91sN3Xzuq6b9Qb5gQJU2%2BHehbOXNBlvB0L5%2Bc1yoXSyvodOdODgoXYdyoWNCz3htu1e%2FnnXpd6dE7sjbhzLVJUoZl3qxVxf0pzHiMd3K9bZIT5%2F8MBCPQpPYsZIM7YhxZCsEKo%2F9%2Fqjc9zxaGIKP5Ne4UF4oEvwZMJ%2BP5JohdWXVr8HGUjz; expires=Mon, 28-Jun-2021 17:19:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 204 redirect
nsparket.top/ Frame 2A60 0
0 136ms
118ms Document
text/plain 2606:4700:3031::ac43:8cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsparket.top/redirect?tid=756113&file=Watch_Live
Requested by: Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: nsparket.top
:scheme: https
:path: /redirect?tid=756113&file=Watch_Live
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wigistream.to/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wigistream.to/

Response headers

date: Sun, 27 Jun 2021 17:19:28 GMT
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
x-cache: Miss from cloudfront
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: _ohTBC4Ghf_bWZppE7_FzM8hbFfvx6R_E9zR1dTODx4Mapl_jhX74g==
cf-cache-status: DYNAMIC
cf-request-id: 0af014cf21000063cbd7b59000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YIuNdsFHkOkMyhX6iXIRV%2FGfa6bCXpV4YQkQZsbETQZH1%2BkVHe4u5GmfXcV9PEUVbEU8XhUIbLP0hKBhtSA%2B%2BYKYFgmxlxtxVUcwxUCUzgGQt5yrK%2B4D75HYu9oMPdorBqVNbRgM"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6660572b6c3a63cb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xml.poprtb.com
URL: https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

Domain: xml.xmlking.com
URL: https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
luvaihoo.com/	1970-01-20 04:05:50	Name: oaidts Value: 1624814363
luvaihoo.com/	1970-01-20 04:05:50	Name: OAID Value: ad649bcc9c004a4487f2f8b1d2a427df
.cdn.livetv435.me/	1970-01-19 19:20:14	Name: __utmt Value: 1
.cdn.livetv435.me/	1970-01-20 12:51:26	Name: __utma Value: 242990032.745248286.1624814363.1624814363.1624814363.1
.cdn.livetv435.me/	1970-01-19 19:20:16	Name: __utmb Value: 242990032.1.10.1624814363
.ufpcdn.com/	1970-01-19 19:20:16	Name: __cf_bm Value: 51f1eb769c19de3f28ba46983e30964354245e93-1624814363-1800-AdDbpigR+XLRlM0a15/5cCwDp9P8zrLPxn+vNJF32fYf2upS20RWOxCKNEUwdxYM745RM6ZO4vmoTw5CcUYBqkA=
.cdn.livetv435.me/	1970-01-19 23:43:02	Name: __utmz Value: 242990032.1624814363.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.cdn.livetv435.me/	1969-12-31 23:59:59	Name: __utmc Value: 242990032

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.livetv435.me
ajax.aspnetcdn.com
asacdn.com
cdn.jsdelivr.net
cdn.livetv1000.me
cdn.livetv435.me
fonts.googleapis.com
fonts.gstatic.com
khandragthresh.com
luvaihoo.com
my.rtmark.net
nsparket.top
onclickgenius.com
swarm.video
ufpcdn.com
whos.amung.us
widgets.amung.us
wigistream.to
www.google-analytics.com
www.googletagmanager.com
www.sportsfix.org
www.toromclick.com
xml.acertb.com
xml.adxnexus.com
xml.popmonetizer.net
xml.poprtb.com
xml.revrtb.net
xml.xmlking.com
xml.zeusadx.com
zap.buzz
xml.poprtb.com
xml.xmlking.com
139.45.195.8
139.45.197.244
152.199.19.160
159.89.225.89
172.67.165.252
174.137.133.16
174.137.133.17
174.137.133.18
2606:4700:10::ac43:88d
2606:4700:3030::6815:2ed2
2606:4700:3031::ac43:8cc9
2606:4700:3033::6815:1db
2606:4700:3033::ac43:9903
2606:4700:3034::6815:8f0
2606:4700:3034::ac43:b683
2606:4700:3035::6815:2cac
2606:4700:3035::6815:3588
2606:4700:3037::ac43:84c5
2a00:1450:4001:801::2003
2a00:1450:4001:811::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a04:4e42:3::485
35.190.71.96
51.195.131.26
67.202.94.86
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
054ded0652980ad77a893434b61a39fafebb02f2473bc7194abb946932da10ee
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397
1105ac9629deac158d214b7bfa181c324264acef094cc9274ce0a353a27d52f4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
214c55aeae4c8972f62d276447d68481b964e5f98fdac62494da0a09293dc284
24be33ead1981d7d02a0f68c945750c31c49ecf654eec2e77c8bd5e7d7c435e8
2ecd8992cffd45887ac09c63f02fa2f415c57abf100e30ce71873430bfebc8bc
3191173872a560fec2699124680ca3449a33e1f910af488f0f966f1d8f45862e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
645e3f8a9af6db1a6b2d8dd9b3b1b835edd71bb17511ebe0a5456fcafac51afb
6cc24742d2f13a0481a674f9b06ffcc8a9d721bfe742b83e1d53e9ad67b0c66e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
78f3981a6c2bc117b85b2b7ffdd2ac4618085392a7c1e0aadd529038eff3b319
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
907aa364d473bdb7e92fa2ad67a97e34b95437bebc703967c7ea955090e184ec
9a7c212f8c9c7bb94779e51267a7d3e49f01bfaba2c75a3c713038d32334947a
9db64d52e31bfaefdd83ca79fde6ad7463ddc8bd61706782652801e9e091c6c7
aef7b23334321eee3d0b5f0fb402688e0696306d4634f1124038037e05df7bf3
bf238a23d859614fdca394cb07d5f4401a76aeac4e62d30ad36c5275130e3040
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dcc67bc80e654f874dd803b2bf4667740ac72877acdb8d110dfa7d7456078fe5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

cdn.livetv435.me Open in urlscan Pro 2606:4700:3033::ac43:9903 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

81 %HTTPS

59 %IPv6

28 Domains

30 Subdomains

25 IPs

4 Countries

658 kBTransfer

1721 kBSize

8 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cdn.livetv435.me Open in urlscan Pro
2606:4700:3033::ac43:9903 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

81 %
HTTPS

59 %
IPv6

28
Domains

30
Subdomains

25
IPs

4
Countries

658 kB
Transfer

1721 kB
Size

8
Cookies

37 HTTP transactions
0 data transactions