urlscan.io logo urlscan.io
SecurityTrails logo

nowagoal.com Open in urlscan Pro
2606:4700:3037::6815:5271  Public Scan

Go To Rescan Add Verdict Report
URL: https://nowagoal.com/embed/ch7.php
Submission: On March 02 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 7 countries across 33 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3037::6815:5271, located in United States and belongs to CLOUDFLARENET, US. The main domain is nowagoal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2020. Valid for: a year.
This is the only time nowagoal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.243.59.12 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 83.147.204.12 202492 (SGHL1-AS)
1 2600:9000:206... 16509 (AMAZON-02)
1 151.101.12.193 54113 (FASTLY)
2 2 67.202.114.212 32748 (STEADFAST)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 172.67.177.35 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 83.147.204.15 202492 (SGHL1-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 46.105.201.240 16276 (OVH)
1 35.190.71.96 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:3::729 54113 (FASTLY)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.99.0.58 16276 (OVH)
4 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 174.137.133.18 27257 (WEBAIR-IN...)
2 174.137.133.17 27257 (WEBAIR-IN...)
1 174.137.133.16 27257 (WEBAIR-IN...)
1 51.68.161.25 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 208.95.113.2 53334 (TUT-AS)
63 34
3    2606:4700:3037::6815:5271 (United States)

ASN13335 (CLOUDFLARENET, US)
nowagoal.com
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
hadsokz.com
1    2606:4700:3033::ac43:d4e4 (United States)

ASN13335 (CLOUDFLARENET, US)
nowagoal.stream
3    83.147.204.12 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)
refbanners.com
1    2600:9000:206f:4400:1d:a62b:6a40:21 (United States)

ASN16509 (AMAZON-02, US)
d3cod80thn7qnd.cloudfront.net
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
2    67.202.114.212 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
2    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    172.67.177.35 (United States)

ASN13335 (CLOUDFLARENET, US)
wigistream.to
2    2606:4700::6810:a610 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnondemand.org
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    83.147.204.15 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)
refpa.top
1    2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
3    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
3    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
5    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
shvve0fqubox.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
shvve0fqubox.n4.adsco.re
1    185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
shvve0fqubox.s4.adsco.re
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
2    2606:4700::6812:461 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vdosupreme.com
2    2a04:4e42:3::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700::6811:ac3e (United States)

ASN13335 (CLOUDFLARENET, US)
velocecdn.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.99.0.58 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net
s4.histats.com
4    2606:4700:3034::ac43:d521 (United States)

ASN13335 (CLOUDFLARENET, US)
zap.buzz
1    174.137.133.18 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.popmonetizer.net
2    174.137.133.17 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.adxnexus.com
xml.zeusadx.com
1    174.137.133.16 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.acertb.com
1    51.68.161.25 (France)

ASN16276 (OVH, FR)
PTR: ip25.ip-51-68-161.eu
khandragthresh.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    208.95.113.2 (United States)

ASN53334 (TUT-AS, US)
antiadblocksystems.com
Apex Domain
Subdomains		 Transfer
14 adsco.re
c.adsco.re
6.adsco.re
4.adsco.re
adsco.re
shvve0fqubox.l4.adsco.re
shvve0fqubox.n4.adsco.re
shvve0fqubox.s4.adsco.re
40 KB
4 zap.buzz
zap.buzz
3 KB
4 wigistream.to
wigistream.to
34 KB
4 amung.us
whos.amung.us
widgets.amung.us
4 KB
3 refbanners.com
refbanners.com
3 KB
3 nowagoal.com
nowagoal.com
5 KB
2 zencdn.net
vjs.zencdn.net
440 KB
2 vdosupreme.com
cdn.vdosupreme.com
294 KB
2 histats.com
s10.histats.com
s4.histats.com
5 KB
2 google-analytics.com
www.google-analytics.com
37 KB
2 cdnondemand.org
cdnondemand.org
20 KB
2 googletagmanager.com
www.googletagmanager.com
78 KB
1 gstatic.com
fonts.gstatic.com
14 KB
1 khandragthresh.com
khandragthresh.com
1 KB
1 zeusadx.com
xml.zeusadx.com
165 B
1 acertb.com
xml.acertb.com
165 B
1 adxnexus.com
xml.adxnexus.com
165 B
1 popmonetizer.net
xml.popmonetizer.net
165 B
1 googleapis.com
fonts.googleapis.com
498 B
1 velocecdn.com
velocecdn.com
6 KB
1 jsdelivr.net
cdn.jsdelivr.net
62 KB
1 onclickgenius.com
onclickgenius.com
1 KB
1 ufpcdn.com
ufpcdn.com
2 KB
1 refpa.top
refpa.top
104 KB
1 imgur.com
i.imgur.com
236 KB
1 cloudfront.net
d3cod80thn7qnd.cloudfront.net
10 KB
1 nowagoal.stream
nowagoal.stream
4 KB
1 antiadblocksystems.com
www.antiadblocksystems.com Failed
antiadblocksystems.com
140 B
1 hadsokz.com
hadsokz.com
0 uthorner.info Failed
uthorner.info Failed
0 xmlking.com Failed
xml.xmlking.com Failed
0 poprtb.com Failed
xml.poprtb.com Failed
0 revrtb.net Failed
xml.revrtb.net Failed
63 33
Domain Requested by
4 zap.buzz 4 redirects
4 wigistream.to nowagoal.stream
wigistream.to
3 4.adsco.re nowagoal.com
c.adsco.re
3 6.adsco.re nowagoal.com
c.adsco.re
3 c.adsco.re d3cod80thn7qnd.cloudfront.net
c.adsco.re
3 refbanners.com nowagoal.com
refbanners.com
3 nowagoal.com nowagoal.com
2 vjs.zencdn.net wigistream.to
2 cdn.vdosupreme.com wigistream.to
2 adsco.re c.adsco.re
2 www.google-analytics.com www.googletagmanager.com
2 cdnondemand.org nowagoal.com
2 www.googletagmanager.com nowagoal.stream
wigistream.to
2 widgets.amung.us nowagoal.stream
wigistream.to
2 whos.amung.us 2 redirects
1 antiadblocksystems.com d3cod80thn7qnd.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 khandragthresh.com wigistream.to
1 xml.zeusadx.com wigistream.to
1 xml.acertb.com wigistream.to
1 xml.adxnexus.com wigistream.to
1 xml.popmonetizer.net wigistream.to
1 s4.histats.com s10.histats.com
1 fonts.googleapis.com wigistream.to
1 velocecdn.com wigistream.to
1 cdn.jsdelivr.net wigistream.to
1 onclickgenius.com nowagoal.com
1 s10.histats.com nowagoal.com
1 shvve0fqubox.s4.adsco.re c.adsco.re
1 shvve0fqubox.n4.adsco.re c.adsco.re
1 shvve0fqubox.l4.adsco.re c.adsco.re
1 ufpcdn.com nowagoal.com
1 refpa.top refbanners.com
1 i.imgur.com nowagoal.stream
1 d3cod80thn7qnd.cloudfront.net nowagoal.com
1 nowagoal.stream nowagoal.com
1 hadsokz.com nowagoal.com
0 uthorner.info Failed wigistream.to
0 xml.xmlking.com Failed wigistream.to
0 xml.poprtb.com Failed wigistream.to
0 xml.revrtb.net Failed wigistream.to
0 www.antiadblocksystems.com Failed nowagoal.com
63 42

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-19 -
2021-07-19		 a year crt.sh
hadsokz.com
R3		 2021-02-21 -
2021-05-22		 3 months crt.sh
*.refbanners.com
R3		 2021-03-02 -
2021-05-31		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
refpa.top
R3		 2020-12-19 -
2021-03-19		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2020-09-15 -
2021-09-26		 a year crt.sh
*.l4.adsco.re
R3		 2021-01-19 -
2021-04-19		 3 months crt.sh
*.n4.adsco.re
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
*.s4.adsco.re
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
histats.com
R3		 2021-02-22 -
2021-05-23		 3 months crt.sh
onclickgenius.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-22 -
2022-01-22		 a year crt.sh
*.vdosupreme.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-17 -
2021-12-17		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.popmonetizer.net
Sectigo RSA Domain Validation Secure Server CA		 2020-12-14 -
2021-12-14		 a year crt.sh
*.adxnexus.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-19 -
2021-03-19		 a year crt.sh
*.acertb.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-03 -
2021-04-03		 a year crt.sh
*.zeusadx.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-03 -
2021-11-01		 a year crt.sh
khandragthresh.com
R3		 2021-02-24 -
2021-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
antiadblocksystems.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-19 -
2022-07-22		 2 years crt.sh

This page contains 16 frames:

Primary Page: https://nowagoal.com/embed/ch7.php
Frame ID: 9A55AEB5A831A6DACC33CF16A87950C9
Requests: 18 HTTP requests in this frame

Frame: https://nowagoal.stream/ch7.html
Frame ID: 364539092F9E5DEFDDFFC3931A5BC071
Requests: 8 HTTP requests in this frame

Frame: https://nowagoal.com/ad.html
Frame ID: 11B5204F03ABF6CCE6B208C40E4CF073
Requests: 1 HTTP requests in this frame

Frame: https://refbanners.com/I?tag=d_437623m_25707c_&site=437623&ad=25707
Frame ID: 68B10DCD44114B910F9C149D7EE50074
Requests: 4 HTTP requests in this frame

Frame: https://wigistream.to/embed/497ob4y
Frame ID: DD484E0CBB4E79FD37C6A9D32455E101
Requests: 17 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 0F66832A14D1F091750667DFE5C57AD6
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 5F2EE1CF17F08637BE570FC5338BF240
Requests: 6 HTTP requests in this frame

Frame: https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074
Frame ID: F9ED88A838AA32B8DE1E0E6BFEFF330F
Requests: 1 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Frame ID: 82080593E9D34E9C0CF4B19EF5F599E5
Requests: 1 HTTP requests in this frame

Frame: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Frame ID: 89CA418668D6861CE69A42899C529E83
Requests: 1 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Frame ID: F3A3E298303B690FF71CF7AA49BB07F1
Requests: 1 HTTP requests in this frame

Frame: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Frame ID: 60A6370B94EAEA4B9893A03FD55A7D00
Requests: 1 HTTP requests in this frame

Frame: https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249
Frame ID: B7C35D55E9A11413F3394D43A37B396A
Requests: 1 HTTP requests in this frame

Frame: https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248
Frame ID: 70682FEAC95D0C5AC5CA5062F4E2B3B3
Requests: 1 HTTP requests in this frame

Frame: https://khandragthresh.com/iBsoG511Gsf7/28749
Frame ID: AF07C6E80065FB4550945830343E74C2
Requests: 1 HTTP requests in this frame

Frame: https://uthorner.info/redirect?tid=756113&ref=wigistream.to
Frame ID: D05AF38AA3A9AACFAD4695DBF9BB78F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

63
Requests

87 %
HTTPS

49 %
IPv6

33
Domains

42
Subdomains

34
IPs

7
Countries

1406 kB
Transfer

4181 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://whos.amung.us/cwidget/sportsonpw/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=7841&c=000000ffffff&p=
Request Chain 43
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=69200&c=000000ffffff&p=
Request Chain 48
  • https://zap.buzz/4kN HTTP 302
  • https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074
Request Chain 49
  • https://zap.buzz/QYn HTTP 302
  • https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Request Chain 50
  • https://zap.buzz/ll4 HTTP 302
  • https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Request Chain 51
  • https://zap.buzz/Y7MvP0W HTTP 302
  • https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Request Chain 52
  • https://zap.buzz/BVwkdEK HTTP 302
  • https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Request Chain 53
  • https://popxyz.com/KdORxkr HTTP 302
  • https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249
Request Chain 54
  • https://yuppyads.com/aaKkk4M HTTP 302
  • https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ch7.php
nowagoal.com/embed/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5271 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
567144c03493d068fdb4f82ce76d51656c6f0641a1fb01c53055e818d8550612

Request headers

:method
GET
:authority
nowagoal.com
:scheme
https
:path
/embed/ch7.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db64f40db6cd3f07f9d2ab1e3408bf9ca1614715239; expires=Thu, 01-Apr-21 20:00:39 GMT; path=/; domain=.nowagoal.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
089620533900001f31951df000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j08V6HuHIhQNqzxVXScCNjJa%2BK7lmjKNu5sUFt9XEvvA%2Fiubt9q0P%2FYaOCRLSrr7%2Fg%2FbR2ABIzPAuo3PcQ8tEsoiWVBCsvW2OUVuN1qXPJveVI5jV%2BpIhzM%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
629d36652be41f31-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
close.png
nowagoal.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nowagoal.com/close.png
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5271 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978abd7ea535d083504ba6d602b6a98aa6402076456c58afdfe7d774b2e11703

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3117
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1404
cf-request-id
089620537900001f31a6a4a000000001
last-modified
Tue, 20 Aug 2019 15:35:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yd442OlF%2FjM7CenDkbZKenvj8tWTX18tbAuqLIC2mTCoRIRDIPCp42lWkBF7KiPxWrmcZB486Br3O4u8VG0fGB1WM%2FwZ4PcbU2CpP3xJ80%2FH8rzGElD4g%2FA%3D"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
629d36658c6c1f31-FRA
fe6c3460b32adac5297329cc588f0ffa.js
hadsokz.com/fe/6c/34/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hadsokz.com/fe/6c/34/fe6c3460b32adac5297329cc588f0ffa.js
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 20:00:39 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alpaca.min.css
www.antiadblocksystems.com/ 		0
0
ch7.html
nowagoal.stream/ Frame 3645 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nowagoal.stream/ch7.html
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d4e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90a63f2b89d5e17ae30690f00117467aed7100fac364093c91837251fc5effb

Request headers

:method
GET
:authority
nowagoal.stream
:scheme
https
:path
/ch7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nowagoal.com/embed/ch7.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nowagoal.com/embed/ch7.php

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-type
text/html
set-cookie
__cfduid=db2c403872416aa9beb4fb9a8a24d5e051614715239; expires=Thu, 01-Apr-21 20:00:39 GMT; path=/; domain=.nowagoal.stream; HttpOnly; SameSite=Lax
last-modified
Wed, 17 Feb 2021 00:30:19 GMT
cf-cache-status
DYNAMIC
cf-request-id
08962053a100004e0eaf1f8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Ajb5mIxFNhssfn3oDr5jp7RdP43gFfJpkdHFt893EW5O7Z5GEgEjoQLzRYdoj7xdbSEKohN3QKm%2B43fYfTLtwsaIKfSTrBMIXjCOhe3IlAomEppuP%2BILsnw8eA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
629d3665c9254e0e-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
ad.html
nowagoal.com/ Frame 11B5 		229 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nowagoal.com/ad.html
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5271 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ea9d96b71fbb25f7f091a337cb4d1f06e6cafcd0ecdc3e49ed467f976d2348

Request headers

:method
GET
:authority
nowagoal.com
:scheme
https
:path
/ad.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nowagoal.com/embed/ch7.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=db64f40db6cd3f07f9d2ab1e3408bf9ca1614715239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nowagoal.com/embed/ch7.php

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-type
text/html
last-modified
Mon, 22 Jun 2020 08:32:03 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
089620538600001f31dea01000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ov64%2FGbUrZ%2Bc3jN9ChDHjjRr24DVwVaRDWBIOfzgXBRh5gkshFEuapO13uiBWvo3m5lWUZUBWWagSDWjlI5vudqNniICxG4b2X%2BPMpRvmf6TIpHiR9EsNqY%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
629d3665ac801f31-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
I
refbanners.com/ Frame 68B1 		619 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://refbanners.com/I?tag=d_437623m_25707c_&site=437623&ad=25707
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/ad.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2695ad69c9594e3b55c5fff4093d1e995bacf73e1e94d6fa0e93265652943ed4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

:method
GET
:authority
refbanners.com
:scheme
https
:path
/I?tag=d_437623m_25707c_&site=437623&ad=25707
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nowagoal.com/ad.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nowagoal.com/ad.html

Response headers

server
nginx
date
Tue, 02 Mar 2021 20:00:39 GMT
content-type
text/html; charset=utf-8
content-length
409
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
x-aspnetmvc-version
5.0
strict-transport-security
max-age=63072000; includeSubDomains; preload
bigvideo.min.js
d3cod80thn7qnd.cloudfront.net/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cod80thn7qnd.cloudfront.net/bigvideo.min.js
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4400:1d:a62b:6a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1458413c132a80f781b9cc8ae84aa1d3ab0095e17f4e75d2970c1a4ea916bff5

Request headers

Origin
https://nowagoal.com
Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 14:49:22 GMT
content-encoding
gzip
age
450677
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
x-amz-cf-pop
FRA56-C1
link
<https://antiadblocksystems.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
content-length
9600
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
x-amz-cf-id
wwUOYrQIPUVy0_OmoMsQFSnXTvv_KhXZceSseBK9Kh4FJ0P-HjCLMw==
expires
Thu, 04 Mar 2021 14:49:22 GMT
NZy1Qoi.png
i.imgur.com/ Frame 3645 		236 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/NZy1Qoi.png
Requested by
Host: nowagoal.stream
URL: https://nowagoal.stream/ch7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f2356de4206d31787867005c288937cfb451de205ae7e3663565b7017481c0d7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://nowagoal.stream/ch7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
x-content-type-options
nosniff
age
2290231
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
241600
x-served-by
cache-bwi5140-BWI, cache-fra19136-FRA
last-modified
Wed, 26 Sep 2018 12:55:07 GMT
server
cat factory 1.0
x-timer
S1614715239.473851,VS0,VE1
etag
"deb4de2a26230c601c279d8c50995bb8"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 2
/
widgets.amung.us/draw/ Frame 3645
Redirect Chain
  • https://whos.amung.us/cwidget/sportsonpw/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=7841&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=7841&c=000000ffffff&p=
Requested by
Host: nowagoal.stream
URL: https://nowagoal.stream/ch7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd762b23eefdf0ae5a15c31abe2f6128128c9681bd31c1deb37a6c5ca836604

Request headers

Referer
https://nowagoal.stream/ch7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
cf-cache-status
HIT
server
cloudflare
age
5361
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
629d3668bca596f8-FRA
cf-request-id
089620556f000096f86bbfc000000001
expires
Wed, 03 Mar 2021 18:31:18 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=7841&c=000000ffffff&p=
date
Tue, 02 Mar 2021 20:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ Frame 3645 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119404274-1
Requested by
Host: nowagoal.stream
URL: https://nowagoal.stream/ch7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
795efeb2068d7020eba7d3eeb94c46c446a9ae4d78c5a65fa021e54fe9f5e357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nowagoal.stream/ch7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39451
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 19:17:14 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Mar 2021 20:00:39 GMT
497ob4y
wigistream.to/embed/ Frame DD48 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wigistream.to/embed/497ob4y
Requested by
Host: nowagoal.stream
URL: https://nowagoal.stream/ch7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3874d34ba4572ca34c4cdeab6d144223574864d3cddb57cdee7367be38b135b

Request headers

:method
GET
:authority
wigistream.to
:scheme
https
:path
/embed/497ob4y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nowagoal.stream/ch7.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nowagoal.stream/ch7.html

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfaab1b95578c4a9205da2101f1aa2ff01614715239; expires=Thu, 01-Apr-21 20:00:39 GMT; path=/; domain=.wigistream.to; HttpOnly; SameSite=Lax hf1=1; expires=Wed, 03-Mar-2021 20:00:39 GMT; Max-Age=86400; path=/
cf-cache-status
DYNAMIC
cf-request-id
089620542b00004c44681f9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q9joh3Y9UutXrQEEq4nvbLPq%2BW8IkV9Cc3UIblw1Ry8tVaSviQ9mafjpAPEPc9I2PXSvqigG0qNNhb%2FPaJLuGu5oERE1y1zO9DIME9oP"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
629d3666ab7d4c44-AMS
content-encoding
br
compatibility.js
cdnondemand.org/script/ Frame 3645 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnondemand.org/script/compatibility.js
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a610 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer
https://nowagoal.stream/ch7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2093
x-guploader-uploadid
ABg5-UxPLKOTDR9kGu-Ls01SZvVUn8xBaBjf5mZgVVBtLJm2ITZavJ34yNL0CVudzsFOZ7VpBYPeeekf5A4ptfUe7kkK1uuZVA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
089620540d00004e50da0bb000000001
last-modified
Tue, 15 Sep 2020 12:10:32 GMT
server
cloudflare
etag
W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
x-goog-generation
1600171832181211
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
20647
cf-ray
629d36667bf44e50-FRA
expires
Wed, 03 Mar 2021 00:00:39 GMT
analytics.js
www.google-analytics.com/ Frame 3645 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119404274-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nowagoal.stream/ch7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
7083
date
Tue, 02 Mar 2021 18:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 02 Mar 2021 20:02:36 GMT
184da99d-e59e-422c-bf77-de7085003a7c.gif
refpa.top/img/AdAgent_1/ Frame 68B1 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refpa.top/img/AdAgent_1/184da99d-e59e-422c-bf77-de7085003a7c.gif
Requested by
Host: refbanners.com
URL: https://refbanners.com/I?tag=d_437623m_25707c_&site=437623&ad=25707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.15 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0f812c5ce8827f801bc0a124fa731ce92856fb1738fdc632ee9e10e740c613fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://refbanners.com/I?tag=d_437623m_25707c_&site=437623&ad=25707
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
last-modified
Wed, 09 Oct 2019 09:32:31 GMT
server
nginx
etag
"80a11c79847ed51:0"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
106046
checker.js
refbanners.com/checker/ Frame 68B1 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refbanners.com/checker/checker.js
Requested by
Host: refbanners.com
URL: https://refbanners.com/I?tag=d_437623m_25707c_&site=437623&ad=25707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c3bbce28d032f99fb228d9570593f8c51d5c898d50ad5c214d033c84c22a53c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://refbanners.com/I?tag=d_437623m_25707c_&site=437623&ad=25707
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
last-modified
Tue, 18 Aug 2020 08:08:27 GMT
server
nginx
etag
W/"5f3b8c7b-1832"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=63072000; includeSubDomains; preload
expires
Tue, 02 Mar 2021 21:00:39 GMT
identify.html
ufpcdn.com/script/ Frame 0F66 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method
GET
:authority
ufpcdn.com
:scheme
https
:path
/script/identify.html?frmt=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nowagoal.stream/ch7.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nowagoal.stream/ch7.html

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-type
text/html
set-cookie
__cfduid=d1195faeb95a18a870941e581f53a66ab1614715239; expires=Thu, 01-Apr-21 20:00:39 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=06aab10476d8c06c3edb5fbf75d2d2ca8a4be91c-1614715239-1800-AXvXCxpBqFCemRLcFdlZa3okC6mFK5KfwyoInVpUSYeaSVsQvQRPbvvXyfqhcBaXgU6V0WIwEj6wsWyODQjwzIM=; path=/; expires=Tue, 02-Mar-21 20:30:39 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
cf-request-id
0896205454000097a29c1b4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wQcUvNrVRYMC9LpL4Vq0M2Cr9wqFszSwLJeTC2JGemn2m4iboH3KEpqIv3JuTAzcgv6FWBG8PKvcQCJIC1QZMXqJ3HNFAduMZRT9lX7V%2BMKNiXc%2FWYDd"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
629d3666eb1097a2-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
/
c.adsco.re/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: d3cod80thn7qnd.cloudfront.net
URL: https://d3cod80thn7qnd.cloudfront.net/bigvideo.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
344322
etag
W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
629d36674d31536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08962054910000536a6c3cb000000001
expires
Fri, 02 Apr 2021 20:00:39 GMT
/
6.adsco.re/ 		0
469 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://nowagoal.com
Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://nowagoal.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
629d36678d4d4edf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08962054b300004edf3f14c000000001
/
4.adsco.re/ 		0
459 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://nowagoal.com
Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 20:00:39 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://nowagoal.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
p
adsco.re/ 		0
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 02 Mar 2021 20:00:39 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK
Access-Control-Allow-Origin
https://nowagoal.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		46 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
64289e960ca421b448a5fcde7d499eb4d61e51f1744135818301035574ae4671

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 20:00:39 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://nowagoal.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://nowagoal.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
629d36678d494edf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08962054b300004edfe5965000000001
/
shvve0fqubox.l4.adsco.re/ 		0
464 B 		Other
General
Check archive.org
Download Go to
Full URL
https://shvve0fqubox.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 02 Mar 2021 20:00:39 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
shvve0fqubox.n4.adsco.re/ 		0
464 B 		Other
General
Check archive.org
Download Go to
Full URL
https://shvve0fqubox.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 02 Mar 2021 20:00:39 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
shvve0fqubox.s4.adsco.re/ 		0
464 B 		Other
General
Check archive.org
Download Go to
Full URL
https://shvve0fqubox.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 02 Mar 2021 20:00:40 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 5F2E 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

:method
GET
:authority
c.adsco.re
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nowagoal.com/embed/ch7.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nowagoal.com/embed/ch7.php

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Fri, 02 Apr 2021 20:00:39 GMT
etag
W/"49M/vRKXL5pROhm5uOGH7A=="
cf-cache-status
HIT
age
344322
cf-request-id
08962054af0000536a08a6c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
629d36677d90536a-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
/
6.adsco.re/ Frame 5F2E 		0
143 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://c.adsco.re
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://c.adsco.re
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
629d36688f314edf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089620555700004edfe2b8a000000001
/
4.adsco.re/ Frame 5F2E 		0
457 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://c.adsco.re
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 20:00:39 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 19:52:26 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
342917561
suurl.php
onclickgenius.com/script/ Frame 3645 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onclickgenius.com/script/suurl.php?r=2384231&cbrandom=0.7725260186256184&cbiframe=1&cbWidth=1584&cbHeight=1184&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
74d2c53aead8482ba65859094be4ea5a1f1c41af06ffea09b3d464a4eb761c2d

Request headers

Referer
https://nowagoal.stream/ch7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
chrome.js
cdnondemand.org/script/ Frame 3645 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnondemand.org/script/chrome.js
Requested by
Host: nowagoal.com
URL: https://nowagoal.com/embed/ch7.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a610 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer
https://nowagoal.stream/ch7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
62
x-guploader-uploadid
ABg5-Ux1q8cflVMEYRXY3m4KWsDwxLAPLFmbzWxMO_zf1mHeMhOS3SzK2aT4_FG9fyUOdIy5fGrEdzkeNG-CNmjRI0U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
089620555e00004e500e3e3000000001
last-modified
Mon, 14 Sep 2020 09:15:29 GMT
server
cloudflare
etag
W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
x-goog-generation
1600074929755781
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
37300
cf-ray
629d36689fcf4e50-FRA
expires
Wed, 03 Mar 2021 00:00:39 GMT
/
refbanners.com/redirect/stat/run/ Frame 68B1 		14 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refbanners.com/redirect/stat/run/
Requested by
Host: refbanners.com
URL: https://refbanners.com/checker/checker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://refbanners.com/I?tag=d_437623m_25707c_&site=437623&ad=25707
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-requested-with
XMLHttpRequest

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 20:00:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
14
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
c.adsco.re/ Frame 5F2E 		35 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
344322
etag
W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
629d3668afc9536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08962055690000536a37af1000000001
expires
Fri, 02 Apr 2021 20:00:39 GMT
embed.min.css
wigistream.to/css/ Frame DD48 		1 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wigistream.to/css/embed.min.css?v=0.3
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
4563
etag
W/"5fa984ce-484"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PethFLACkAqa9UGCPEO%2FisfUZ%2Ffuuh6uPifQ%2FeBV%2FFXEgV1vZU2au59t00nxlMGzVsd15GtULIeBhUdPdRHMvfxG16yOxZ%2Bd%2FUwXVIDM"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
629d3668b97a4c44-AMS
cf-request-id
089620557700004c447e89e000000001
icon.png
wigistream.to/imgs/ Frame DD48 		469 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wigistream.to/imgs/icon.png
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
214c55aeae4c8972f62d276447d68481b964e5f98fdac62494da0a09293dc284

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4444
content-length
469
cf-request-id
089620557700004c4436ba9000000001
last-modified
Wed, 11 Nov 2020 18:38:04 GMT
server
cloudflare
etag
"5fac2f8c-1d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JY1Z3sP07d2c%2BKTM4uYfiqOrhl0c957GtfFrytWe4NGpNNQby2CHLZiesKZuqFJJyr1dtcYuro4tNzc2CJwCGw3XUOfTkAbX0VM3%2B0wJ"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
629d3668b97e4c44-AMS
jquery.min.js
wigistream.to/js/ Frame DD48 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wigistream.to/js/jquery.min.js
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
4560
etag
W/"5fa984ce-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=urMBSXnpUXXkuHEMmta9lfYOA5sTA9waMQX5gl%2BM3DC5DKxt4lTNX3aE11cHlrj6WicM0OgnhoRTnbV7Ee%2BQg0KT08HtKQR%2FI4luV%2BXV"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
629d3668c9924c44-AMS
cf-request-id
089620557c00004c44523b0000000001
vdo.js
cdn.vdosupreme.com/ Frame DD48 		544 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vdosupreme.com/vdo.js?id=6gzf9nfdh3gafs8bfzm1
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:461 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
be99a666e7dfb4e8822914e039d7aca37f651ba5c847fe2a4877a6814f63db10

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
43212
x-powered-by
Express
x-cache-status
HIT
cf-request-id
08962055910000c272912da000000001
server
cloudflare
etag
W/"87f22-YqfSWO/c7g7Rm71zWsVXaDELwwQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
629d3668ea98c272-FRA
expires
Tue, 02 Mar 2021 20:30:39 GMT
vdo.videojs6.plugin.js
cdn.vdosupreme.com/ Frame DD48 		482 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vdosupreme.com/vdo.videojs6.plugin.js
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:461 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835ada2e5000667946b940aac2ab2e890bc91d67577bd637a604ba29d0c0837d

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 07:50:20 GMT
server
cloudflare
age
43097
etag
W/"603dee3c-78811"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
629d3668ea9bc272-FRA
cf-request-id
08962055970000c272a1103000000001
expires
Tue, 02 Mar 2021 20:30:39 GMT
video-js.css
vjs.zencdn.net/7.6.0/ Frame DD48 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.6.0/video-js.css
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc7ea95ae64202eeafc1c6574aa1d657b253f0bd9bcc455150ba6bf19d0243a1

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 20:16:26 GMT
etag
"96369f5987e570f0f97df2d98536a31f"
x-served-by
cache-fra19182-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
10719
x-cache-hits
3405
video.js
vjs.zencdn.net/7.6.0/ Frame DD48 		2 MB
429 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.6.0/video.js
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d1a2e7e248bb11616c4a99f9fd57a43796837e35d3d63e8e2ad18948d025f37

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 20:16:26 GMT
etag
"5d606620401acfc0fcfc88b99e96b63c"
x-served-by
cache-fra19182-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
439292
x-cache-hits
9
videojs-contrib-hls.js@latest
cdn.jsdelivr.net/npm/ Frame DD48 		215 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-contrib-hls.js@latest
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68d06147587e7d2b843eae88b2cc30a8556a584a2e6d5dfb441e7bc1351ad2d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
28612
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
62843
etag
W/"35ce5-qfpgfeQEWgNuKxw4uDOhlbC6N08"
x-served-by
cache-fra19146-FRA, cache-hhn4078-HHN
date
Tue, 02 Mar 2021 20:00:39 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
suv4.js
velocecdn.com/script/ Frame DD48 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocecdn.com/script/suv4.js
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ac3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de53446baeeef6a824711b3499a80513b805e11717255ce00e23d9baac2d3ce8

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1568
x-guploader-uploadid
ABg5-UwHJcfKIvJovVLiqPv46IWLO1pn6LrmVb_9IHZTVqGhqCpY30OSj6o4pZbwGuE8a8mYhnscVvblrFS26GVA-BTcgGzgBg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
089620559000002bc6a7a41000000001
last-modified
Mon, 01 Mar 2021 08:47:42 GMT
server
cloudflare
etag
W/"9fa280c16f6423448074c1c7b2d93335"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=xY49wg==, md5=n6KAwW9kI0SAdMHHstkzNQ==
x-goog-generation
1614588462397250
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
17166
cf-ray
629d3668e8bf2bc6-FRA
expires
Wed, 03 Mar 2021 00:00:39 GMT
js
www.googletagmanager.com/gtag/ Frame DD48 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
873d13f326705142c464f44a8699bddde8a12eac3863056177cb15cdcc7bbf77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39452
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 19:17:14 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Mar 2021 20:00:39 GMT
/
widgets.amung.us/draw/ Frame DD48
Redirect Chain
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=69200&c=000000ffffff&p=
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=69200&c=000000ffffff&p=
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aba05112c255f438e838d083e7b52a334a9653aa10698adce8af27b07896882

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 20:00:40 GMT
cf-cache-status
HIT
server
cloudflare
age
54
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
629d366aad7196f8-FRA
cf-request-id
08962056a6000096f85c097000000001
expires
Wed, 03 Mar 2021 19:59:46 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=69200&c=000000ffffff&p=
date
Tue, 02 Mar 2021 20:00:39 GMT
cache-control
max-age=295
content-type
text/html; charset=UTF-8
/
6.adsco.re/ Frame 5F2E 		0
0
/
4.adsco.re/ Frame 5F2E 		0
0
css
fonts.googleapis.com/ Frame DD48 		1 KB
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: wigistream.to
URL: https://wigistream.to/css/embed.min.css?v=0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93dc85c2bcba85e8068ae224062692d3f40e9c2f160328047d88201553be4a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wigistream.to/css/embed.min.css?v=0.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 18:29:26 GMT
server
ESF
date
Tue, 02 Mar 2021 20:00:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 20:00:39 GMT
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4299852&@f16&@g1&@h1&@i1&@j1614715239864&@k0&@l1&@mChannel%207&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-52806995&@b3:1614715240&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fnowagoal.com%2Fembed%2Fch7.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.0.58 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500326.ip-192-99-0.net
Software
/
Resource Hash
15b4e5014be2cefc65c7ad89bf3bc61edf25ed3880ae3a7fe9205c4c6a25fb61

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 20:00:40 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
redirect
xml.revrtb.net/ Frame F9ED
Redirect Chain
  • https://zap.buzz/4kN
  • https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074
0
0
redirect
xml.popmonetizer.net/ Frame 8208
Redirect Chain
  • https://zap.buzz/QYn
  • https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
0
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Requested by
Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
xml.popmonetizer.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wigistream.to/embed/497ob4y
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wigistream.to/embed/497ob4y

Response headers

Server
nginx
Date
Tue, 02 Mar 2021 20:00:40 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store
Age
0
Pragma
no-cache

Redirect headers

date
Tue, 02 Mar 2021 20:00:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d41107fde1a5651193cf37268a88ac1bc1614715240; expires=Thu, 01-Apr-21 20:00:40 GMT; path=/; domain=.zap.buzz; HttpOnly; SameSite=Lax session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YD6ZaA.OMZWWF24jmd9PT3mLMdirFBryb4; Expires=Tue, 02-Mar-2021 20:30:40 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=6fbe361d347f4b3079feac7ebc39e67f; path=/; HttpOnly __cf_bm=221915d48c52bc3d3a98c15df5c854652978f2b9-1614715240-1800-AZS24YQB5sjxBFQjhCz1+9dX9dJUCmIY69bcOpMvm0qMRzfuZRuJm1P5p1L6HBbPrP0PCV3/CebLwwbvgRB/E/U=; path=/; expires=Tue, 02-Mar-21 20:30:40 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
location
https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
vary
Cookie
cf-cache-status
DYNAMIC
cf-request-id
089620569c00002b1a622e0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4k1%2FrmxouqP7b4RpFcihtRppD2PeZXtXt1a5F8RwY49nD4aBiTEUANJUSTrcBV%2F70srvdz%2B%2Btg8dVU5c9VbdZPyhkTQX1kUsGuJR%2BwjgR9W%2BF2NXUg%3D%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
629d366a9d142b1a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
redirect
xml.adxnexus.com/ Frame 89CA
Redirect Chain
  • https://zap.buzz/ll4
  • https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
0
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Requested by
Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
xml.adxnexus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wigistream.to/embed/497ob4y
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wigistream.to/embed/497ob4y

Response headers

Server
nginx
Date
Tue, 02 Mar 2021 20:00:40 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store
Age
0
Pragma
no-cache

Redirect headers

date
Tue, 02 Mar 2021 20:00:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d41107fde1a5651193cf37268a88ac1bc1614715240; expires=Thu, 01-Apr-21 20:00:40 GMT; path=/; domain=.zap.buzz; HttpOnly; SameSite=Lax session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YD6ZaA.OMZWWF24jmd9PT3mLMdirFBryb4; Expires=Tue, 02-Mar-2021 20:30:40 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=66edb80186f7a7524e659ff3ff7c2e4e; path=/; HttpOnly __cf_bm=71dd372e7ab13910bf41b91553ad579eeb429f32-1614715240-1800-AUsUaTlHxpxcI8hu/NfUCKYvo3qzQDHnPZS45DyFprzI4CnRDRNhZrvTrHPwTW8cwlgJ7Cdpomk6AvRM7NrzwRE=; path=/; expires=Tue, 02-Mar-21 20:30:40 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
location
https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
vary
Cookie
cf-cache-status
DYNAMIC
cf-request-id
089620569c00002b1a4da9d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7NVXqXFWye%2F9Mi8jxI6w%2FGD5tU1I%2BxC63%2Bc98aEGQm1oMZtJo2tqiHTm%2FDpy6RI6NpNNgaM0AC%2Fqi4KHT4AyKK2jEO%2BhWLg9heTh74eA8u%2Bk%2Fefk%2FA%3D%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
629d366a9d152b1a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
redirect
xml.acertb.com/ Frame F3A3
Redirect Chain
  • https://zap.buzz/Y7MvP0W
  • https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
0
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Requested by
Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.16 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
xml.acertb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wigistream.to/embed/497ob4y
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wigistream.to/embed/497ob4y

Response headers

Server
nginx
Date
Tue, 02 Mar 2021 20:00:40 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store
Age
0
Pragma
no-cache

Redirect headers

date
Tue, 02 Mar 2021 20:00:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d41107fde1a5651193cf37268a88ac1bc1614715240; expires=Thu, 01-Apr-21 20:00:40 GMT; path=/; domain=.zap.buzz; HttpOnly; SameSite=Lax session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YD6ZaA.OMZWWF24jmd9PT3mLMdirFBryb4; Expires=Tue, 02-Mar-2021 20:30:40 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=bb2f745ae09bacc8e5e9eff1bfebfca1; path=/; HttpOnly __cf_bm=4b38a0803855c3b7919fa8137800463c42c2c3a2-1614715240-1800-ASNa7Su/Vduan/qWKFdWJ1S1FcDyWp31pxcHf4SKe7eOhAz3u0r8tG+o2kPHqdklytOzQo4iRfh4t+dokpqiVgA=; path=/; expires=Tue, 02-Mar-21 20:30:40 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
location
https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
vary
Cookie
cf-cache-status
DYNAMIC
cf-request-id
089620569c00002b1a952c1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NZk11A8bKHD8wDH8YmrnndMIMWjxfRe6qc0MDcvxr9bS3Wt2UecwB8CzcD%2BF14LTEXUmOm%2F%2BHyXZBakwbH3R2i17i1gBBnUdpLpN049uwMorsYTD8w%3D%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
629d366a9d162b1a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
redirect
xml.zeusadx.com/ Frame 60A6
Redirect Chain
  • https://zap.buzz/BVwkdEK
  • https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
0
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Requested by
Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
xml.zeusadx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wigistream.to/embed/497ob4y
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wigistream.to/embed/497ob4y

Response headers

Server
nginx
Date
Tue, 02 Mar 2021 20:00:40 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store
Age
0
Pragma
no-cache

Redirect headers

date
Tue, 02 Mar 2021 20:00:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d41107fde1a5651193cf37268a88ac1bc1614715240; expires=Thu, 01-Apr-21 20:00:40 GMT; path=/; domain=.zap.buzz; HttpOnly; SameSite=Lax session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YD6ZaA.OMZWWF24jmd9PT3mLMdirFBryb4; Expires=Tue, 02-Mar-2021 20:30:40 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=66edb80186f7a7524e659ff3ff7c2e4e; path=/; HttpOnly __cf_bm=2ab5b5c56c9495d6bf3da78422ea1a23a72c48f1-1614715240-1800-AZQjjPQ6UZR/ypBmq5iaWzq39Uu8U+FIpTpboSQaPWIErjD6I4wKlMU7bo0v9id0QyCG8zg+f04FENY+UYLJFdQ=; path=/; expires=Tue, 02-Mar-21 20:30:40 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
location
https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
vary
Cookie
cf-cache-status
DYNAMIC
cf-request-id
089620569d00002b1aa0227000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oc6ObEvg3ZtyWOLbZ%2FLs%2FUm2FJmNIXGaHZRyIiO3cAHXPdHLH7uNFZuVOIJawUM3JVTRoQBv%2BY8rbFNmAkocb26KzueR0xy3aL034dgRg52NFvB%2BAQ%3D%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
629d366a9d172b1a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
redirect
xml.poprtb.com/ Frame B7C3
Redirect Chain
  • https://popxyz.com/KdORxkr
  • https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249
0
0
redirect
xml.xmlking.com/ Frame 7068
Redirect Chain
  • https://yuppyads.com/aaKkk4M
  • https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248
0
0
Cookie set 28749
khandragthresh.com/iBsoG511Gsf7/ Frame AF07 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://khandragthresh.com/iBsoG511Gsf7/28749
Requested by
Host: wigistream.to
URL: https://wigistream.to/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
51.68.161.25 , France, ASN16276 (OVH, FR),
Reverse DNS
ip25.ip-51-68-161.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
khandragthresh.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wigistream.to/embed/497ob4y
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wigistream.to/embed/497ob4y

Response headers

Server
nginx
Date
Tue, 02 Mar 2021 20:00:40 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Set-Cookie
GL_UI4=eJw9Tktug0AUC98kSkG1xAE4AgTSJMuq66qLbrpD83kQGuBFwzRpb99RpWZjW7Yle7FY%2BFkK7xr7CL7EDvm%2BbNtdTVJrWVJxLFrZlvtKH59oW9VbdcC6nxsr5EA2xENHE5leNYo1JXh00b9znvg2hYikEZNOEI2uMSRYSsO3mUwWIJzESIhfToYdR6P4ZAP%2FUDnZT056BXyesyBdY%2FUqVP72nn%2BkG%2FhlkSYOa2wug7Atm7HptfsfdUZogveMlRKWOjY%2FWGqaz5YvAA%2B6uff%2FlgOevxFruvbKzbM9kfkFQllLUQ%3D%3D; expires=Wed, 03-Mar-2021 20:00:40 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjM1qwkAUhWNSxoj150AfIC%2BgVCtt3Y64003B9RDiNQwkc4eZSWn69EZFcXHgnA%2FOF0VR%2FDZGrC1G38v54r3Ler74%2BERSEiOWW7wW3JjgWmXymtCXVJW6qSEclZoNEvlzwPA2VMFHgpDb2TO8%2FqbSNd5T5bNNbnXIK7wUOrRI7xyDy74ZhhfDnSfaW6T75eor24UjBoaC8paoqxt2ll0eCOMHvRpEglR7ZR3%2FtaKHSdA1%2FbMhxaeTp9Ch3q%2BIz4KUS3I%3D; expires=Wed, 03-Mar-2021 20:00:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding
gzip
Vary
Accept-Encoding
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
redirect
uthorner.info/ Frame D05A 		0
0
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ Frame DD48 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wigistream.to
Referer
https://fonts.googleapis.com/css?family=Lato:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 13:34:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
109549
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Tue, 01 Mar 2022 13:34:51 GMT
p
adsco.re/ 		362 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
6c0cd3980f9337d501554add5af84086b855281f2583eef611bc3a549c842f86

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G
OK
Date
Tue, 02 Mar 2021 20:00:40 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
https://nowagoal.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
a9d8a618-e685-4705-90fa-57bd97b3131b
https://wigistream.to/ Frame DD48 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wigistream.to/a9d8a618-e685-4705-90fa-57bd97b3131b
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/497ob4y
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
truncated
/ Frame DD48 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://wigistream.to
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
analytics.js
www.google-analytics.com/ Frame DD48 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wigistream.to/embed/497ob4y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
7084
date
Tue, 02 Mar 2021 18:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 02 Mar 2021 20:02:36 GMT
LIjTG.asp
antiadblocksystems.com/ 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://antiadblocksystems.com/LIjTG.asp?_=BAoAYD6ZaAFgPplogAGBAsAAICclOjAILMJvuiNZZpiGLmgORqCyTLquKplRwH5VuQsZwQBHMEUCIQCTLEFv8MxZfFrQYUb8Ua90dP4nlLfsyil8vx_oUVouOQIgY8QZPEz2ocnyofTa-YEAJ-hbG4jM5LN0kilHTZnlANXCACDlxT9Erk9NcfIFeABWCj5siuY0_6tXNmVkTTMdiwL4EsQAECoBBPgBklQUAAAAAAAAAALFABAEiQtrx7wnbuwhqIsiYfDJwwBGMEQCIG20RVnSnIFXfX8qOjHSTbSCm8KmZjjK24SGkOf-jHN2AiBqQadc9QzAcMKOsxi0Enc6dRk2Qju7HBTo7JyF2B62yQ&v=4&mlJsTQjV=3530676&minBid=&oXmMlUgS=0,0&ZgwRFiSV=&cmqsWpkr=&s=1600,1200,1,1600,1200,0
Requested by
Host: d3cod80thn7qnd.cloudfront.net
URL: https://d3cod80thn7qnd.cloudfront.net/bigvideo.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.95.113.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Referer
https://nowagoal.com/embed/ch7.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Mar 2021 20:00:40 GMT
popads-ec
ASB
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.antiadblocksystems.com
URL
https://www.antiadblocksystems.com/alpaca.min.css
Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
xml.revrtb.net
URL
https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074
Domain
xml.poprtb.com
URL
https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249
Domain
xml.xmlking.com
URL
https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248
Domain
uthorner.info
URL
https://uthorner.info/redirect?tid=756113&ref=wigistream.to

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _pop object| detectZoom object| AdservingModule object| iframe object| where object| win object| _pao function| AdscoreInit string| txt number| a function| ed number| t string| property number| r number| g number| b string| bt object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

14 Cookies

Domain/Path Name / Value
khandragthresh.com/ Name: GL_GI10
Value: eJxNjM1qwkAUhWNSxoj150AfIC%2BgVCtt3Y64003B9RDiNQwkc4eZSWn69EZFcXHgnA%2FOF0VR%2FDZGrC1G38v54r3Ler74%2BERSEiOWW7wW3JjgWmXymtCXVJW6qSEclZoNEvlzwPA2VMFHgpDb2TO8%2FqbSNd5T5bNNbnXIK7wUOrRI7xyDy74ZhhfDnSfaW6T75eor24UjBoaC8paoqxt2ll0eCOMHvRpEglR7ZR3%2FtaKHSdA1%2FbMhxaeTp9Ch3q%2BIz4KUS3I%3D
.ufpcdn.com/ Name: __cf_bm
Value: 06aab10476d8c06c3edb5fbf75d2d2ca8a4be91c-1614715239-1800-AXvXCxpBqFCemRLcFdlZa3okC6mFK5KfwyoInVpUSYeaSVsQvQRPbvvXyfqhcBaXgU6V0WIwEj6wsWyODQjwzIM=
nowagoal.com/ Name: _popprepop
Value: 1
nowagoal.com/ Name: HstPn4299852
Value: 1
nowagoal.com/ Name: HstCmu4299852
Value: 1614715239864
nowagoal.com/ Name: HstCns4299852
Value: 1
.nowagoal.com/ Name: __cfduid
Value: db64f40db6cd3f07f9d2ab1e3408bf9ca1614715239
nowagoal.com/ Name: HstCnv4299852
Value: 1
nowagoal.com/ Name: HstCfa4299852
Value: 1614715239864
khandragthresh.com/ Name: GL_UI4
Value: eJw9Tktug0AUC98kSkG1xAE4AgTSJMuq66qLbrpD83kQGuBFwzRpb99RpWZjW7Yle7FY%2BFkK7xr7CL7EDvm%2BbNtdTVJrWVJxLFrZlvtKH59oW9VbdcC6nxsr5EA2xENHE5leNYo1JXh00b9znvg2hYikEZNOEI2uMSRYSsO3mUwWIJzESIhfToYdR6P4ZAP%2FUDnZT056BXyesyBdY%2FUqVP72nn%2BkG%2FhlkSYOa2wug7Atm7HptfsfdUZogveMlRKWOjY%2FWGqaz5YvAA%2B6uff%2FlgOevxFruvbKzbM9kfkFQllLUQ%3D%3D
nowagoal.com/ Name: HstCla4299852
Value: 1614715239864
nowagoal.com/ Name: a
Value: OndqP0V4XbQci6JX0OEd45s7E58L0rcI
nowagoal.com/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAoAYD6ZaAFgPplogAGBAsAAICclOjAILMJvuiNZZpiGLmgORqCyTLquKplRwH5VuQsZwQBHMEUCIQCTLEFv8MxZfFrQYUb8Ua90dP4nlLfsyil8vx_oUVouOQIgY8QZPEz2ocnyofTa-YEAJ-hbG4jM5LN0kilHTZnlANXCACDlxT9Erk9NcfIFeABWCj5siuY0_6tXNmVkTTMdiwL4EsQAECoBBPgBklQUAAAAAAAAAALFABAEiQtrx7wnbuwhqIsiYfDJwwBGMEQCIG20RVnSnIFXfX8qOjHSTbSCm8KmZjjK24SGkOf-jHN2AiBqQadc9QzAcMKOsxi0Enc6dRk2Qju7HBTo7JyF2B62yQ
nowagoal.com/ Name: HstPt4299852
Value: 1

2 Console Messages

Source Level URL
Text
console-api log URL: https://c.adsco.re/(Line 14)
Message:
console-api debug URL: https://c.adsco.re/(Line 15)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
antiadblocksystems.com
c.adsco.re
cdn.jsdelivr.net
cdn.vdosupreme.com
cdnondemand.org
d3cod80thn7qnd.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hadsokz.com
i.imgur.com
khandragthresh.com
nowagoal.com
nowagoal.stream
onclickgenius.com
refbanners.com
refpa.top
s10.histats.com
s4.histats.com
shvve0fqubox.l4.adsco.re
shvve0fqubox.n4.adsco.re
shvve0fqubox.s4.adsco.re
ufpcdn.com
uthorner.info
velocecdn.com
vjs.zencdn.net
whos.amung.us
widgets.amung.us
wigistream.to
www.antiadblocksystems.com
www.google-analytics.com
www.googletagmanager.com
xml.acertb.com
xml.adxnexus.com
xml.popmonetizer.net
xml.poprtb.com
xml.revrtb.net
xml.xmlking.com
xml.zeusadx.com
zap.buzz
4.adsco.re
6.adsco.re
uthorner.info
www.antiadblocksystems.com
xml.poprtb.com
xml.revrtb.net
xml.xmlking.com
151.101.12.193
162.252.214.5
172.67.177.35
174.137.133.16
174.137.133.17
174.137.133.18
185.200.116.90
185.200.118.90
192.243.59.12
192.99.0.58
208.95.113.2
2600:9000:206f:4400:1d:a62b:6a40:21
2606:4700:10::6816:4aab
2606:4700:3033::ac43:d4e4
2606:4700:3034::ac43:d521
2606:4700:3037::6815:5271
2606:4700:3037::ac43:8e31
2606:4700::6810:a610
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6811:ac3e
2606:4700::6812:461
2a00:1450:4001:803::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200a
2a00:1450:4001:827::2008
2a04:4e42:1b::621
2a04:4e42:3::729
35.190.71.96
38.132.109.186
46.105.201.240
51.68.161.25
67.202.114.212
83.147.204.12
83.147.204.15
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f812c5ce8827f801bc0a124fa731ce92856fb1738fdc632ee9e10e740c613fc
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
1458413c132a80f781b9cc8ae84aa1d3ab0095e17f4e75d2970c1a4ea916bff5
15b4e5014be2cefc65c7ad89bf3bc61edf25ed3880ae3a7fe9205c4c6a25fb61
214c55aeae4c8972f62d276447d68481b964e5f98fdac62494da0a09293dc284
2695ad69c9594e3b55c5fff4093d1e995bacf73e1e94d6fa0e93265652943ed4
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3bd762b23eefdf0ae5a15c31abe2f6128128c9681bd31c1deb37a6c5ca836604
4d1a2e7e248bb11616c4a99f9fd57a43796837e35d3d63e8e2ad18948d025f37
567144c03493d068fdb4f82ce76d51656c6f0641a1fb01c53055e818d8550612
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
64289e960ca421b448a5fcde7d499eb4d61e51f1744135818301035574ae4671
68d06147587e7d2b843eae88b2cc30a8556a584a2e6d5dfb441e7bc1351ad2d7
6aba05112c255f438e838d083e7b52a334a9653aa10698adce8af27b07896882
6c0cd3980f9337d501554add5af84086b855281f2583eef611bc3a549c842f86
74d2c53aead8482ba65859094be4ea5a1f1c41af06ffea09b3d464a4eb761c2d
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
795efeb2068d7020eba7d3eeb94c46c446a9ae4d78c5a65fa021e54fe9f5e357
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b
835ada2e5000667946b940aac2ab2e890bc91d67577bd637a604ba29d0c0837d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
873d13f326705142c464f44a8699bddde8a12eac3863056177cb15cdcc7bbf77
93dc85c2bcba85e8068ae224062692d3f40e9c2f160328047d88201553be4a3c
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
978abd7ea535d083504ba6d602b6a98aa6402076456c58afdfe7d774b2e11703
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
a90a63f2b89d5e17ae30690f00117467aed7100fac364093c91837251fc5effb
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b0ea9d96b71fbb25f7f091a337cb4d1f06e6cafcd0ecdc3e49ed467f976d2348
be99a666e7dfb4e8822914e039d7aca37f651ba5c847fe2a4877a6814f63db10
c3bbce28d032f99fb228d9570593f8c51d5c898d50ad5c214d033c84c22a53c6
cc7ea95ae64202eeafc1c6574aa1d657b253f0bd9bcc455150ba6bf19d0243a1
de53446baeeef6a824711b3499a80513b805e11717255ce00e23d9baac2d3ce8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2356de4206d31787867005c288937cfb451de205ae7e3663565b7017481c0d7
f3874d34ba4572ca34c4cdeab6d144223574864d3cddb57cdee7367be38b135b
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a