Submitted URL: http://www.vivoplay.sigue.la/
Effective URL: https://www.vivoplay.sigue.la/
Submission: On April 14 via manual from DE

Summary

This website contacted 22 IPs in 6 countries across 25 domains to perform 53 HTTP transactions. The main IP is 216.239.32.21, located in San Mateo, United States and belongs to GOOGLE, US. The main domain is www.vivoplay.sigue.la.
TLS certificate: Issued by GTS CA 1D2 on April 13th 2021. Valid for: 3 months.
This is the only time www.vivoplay.sigue.la was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 216.239.32.21 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.133 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
15 104.19.136.78 13335 (CLOUDFLAR...)
2 192.243.59.20 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.71.96 15169 (GOOGLE)
1 3 99.84.156.89 16509 (AMAZON-02)
1 1 184.30.212.16 16625 (AKAMAI-AS)
2 104.111.230.142 16625 (AKAMAI-AS)
1 104.19.216.61 13335 (CLOUDFLAR...)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
1 1 52.19.21.254 16509 (AMAZON-02)
2 2 142.250.185.130 15169 (GOOGLE)
1 104.16.221.74 13335 (CLOUDFLAR...)
5 5 35.156.245.144 16509 (AMAZON-02)
1 1 94.23.171.206 16276 (OVH)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 69.173.144.138 26667 (RUBICONPR...)
53 22
Domain Requested by
7 www.blogger.com www.vivoplay.sigue.la
apis.google.com
www.blogger.com
6 cm.mgid.com jsc.mgid.com
www.vivoplay.sigue.la
5 x.bidswitch.net 5 redirects
5 apis.google.com www.vivoplay.sigue.la
apis.google.com
www.blogger.com
4 resources.blogblog.com www.vivoplay.sigue.la
www.blogger.com
3 s-img.mgid.com www.vivoplay.sigue.la
3 sb.scorecardresearch.com 1 redirects jsc.mgid.com
www.vivoplay.sigue.la
3 www.vivoplay.sigue.la 1 redirects www.vivoplay.sigue.la
2 cm.g.doubleclick.net 2 redirects
2 creativecdn.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 cdn.mgid.com www.vivoplay.sigue.la
2 c.mgid.com jsc.mgid.com
2 celeritascdn.com www.vivoplay.sigue.la
2 surgicalexpectingdecisive.com www.vivoplay.sigue.la
1 token.rubiconproject.com eus.rubiconproject.com
1 simage2.pubmatic.com www.vivoplay.sigue.la
1 green.erne.co 1 redirects
1 cm.idealmedia.io www.vivoplay.sigue.la
1 match.adsrvr.org 1 redirects
1 cm.lentainform.com www.vivoplay.sigue.la
1 secure-assets.rubiconproject.com 1 redirects
1 servicer.mgid.com jsc.mgid.com
1 onclickgenius.com www.vivoplay.sigue.la
1 fonts.gstatic.com www.vivoplay.sigue.la
1 ufpcdn.com www.vivoplay.sigue.la
1 pagead2.googlesyndication.com www.vivoplay.sigue.la
1 themes.googleusercontent.com www.vivoplay.sigue.la
1 jsc.mgid.com www.vivoplay.sigue.la
1 dmmzkfd82wayn.cloudfront.net www.vivoplay.sigue.la
1 sc2.elpais.com.uy www.vivoplay.sigue.la
1 as01.epimg.net www.vivoplay.sigue.la
53 32
Subject Issuer Validity Valid
www.vivoplay.sigue.la
GTS CA 1D2
2021-04-13 -
2021-07-12
3 months crt.sh
*.blogger.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.apis.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.epimg.net
R3
2021-03-04 -
2021-06-02
3 months crt.sh
*.elpais.com.uy
Go Daddy Secure Certificate Authority - G2
2020-04-12 -
2022-05-09
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-09 -
2021-07-09
a year crt.sh
surgicalexpectingdecisive.com
R3
2021-03-10 -
2021-06-08
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
onclickgenius.com
Sectigo RSA Domain Validation Secure Server CA
2021-01-22 -
2022-01-22
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh

This page contains 5 frames:

Primary Page: https://www.vivoplay.sigue.la/
Frame ID: A2DA4A45C5F08F7CBD4F251D8866F102
Requests: 44 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&vt=-4587323285458338797&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: 938435A63D98E75E65449E1B9A484FCB
Requests: 5 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 3DBEACAEFE0F07966583AB91C754F0A1
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1618399196671847196077
Frame ID: 3688DE0A1D7B34EA63367B9CA51726AD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: FD7AE8F4626CA4D4AAA0A63D188225CE
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.vivoplay.sigue.la/ HTTP 301
    https://www.vivoplay.sigue.la/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i

Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

53
Requests

100 %
HTTPS

37 %
IPv6

25
Domains

32
Subdomains

22
IPs

6
Countries

1349 kB
Transfer

2309 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.vivoplay.sigue.la/ HTTP 301
    https://www.vivoplay.sigue.la/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 41
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=iUt1mMUrpBRV1NauxQ0Q&pi=mgid&tc=1
Request Chain 42
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=9c1f10e4-4649-4992-99a6-fdefcdb1dd66&ttl=1620991196
Request Chain 43
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDNlVTM5MmVRZmo0&muidn=l3eU392eQfj4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDNlVTM5MmVRZmo0&muidn=l3eU392eQfj4&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=l3eU392eQfj4&google_ula={guid},5&google_gid=CAESELEPHouTPKtKMa9K7949Jow&google_cver=1
Request Chain 45
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=tfNllsJV0xxxD4ebPtLNWo9H&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=84af066f-1dfa-4c89-a2cb-22d3a64a792c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 46
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l3eU392eQfj4 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l3eU392eQfj4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=84af066f-1dfa-4c89-a2cb-22d3a64a792c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 47
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1618399196808&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1618399196808&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&c9=

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.vivoplay.sigue.la/
Redirect Chain
  • http://www.vivoplay.sigue.la/
  • https://www.vivoplay.sigue.la/
73 KB
19 KB
Document
General
Full URL
https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 San Mateo, United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
GSE /
Resource Hash
938ee0f74d4e9d8ca415010a858a9f90d6582bc12f0aadbce91c3aa37fe3d04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.vivoplay.sigue.la
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Wed, 14 Apr 2021 11:19:55 GMT
date
Wed, 14 Apr 2021 11:19:55 GMT
cache-control
private, max-age=0
last-modified
Tue, 13 Apr 2021 21:51:19 GMT
etag
W/"042310c4f4fae0dc6eda8c2f25561d0711884b730bf9292e2543fa42d566cb37"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
19307
server
GSE

Redirect headers

Location
https://www.vivoplay.sigue.la/
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Wed, 14 Apr 2021 11:19:54 GMT
Expires
Wed, 14 Apr 2021 11:19:54 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
X-XSS-Protection
1; mode=block
Content-Length
177
Server
GSE
3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/
36 KB
8 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 14:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 04:11:44 GMT
server
sffe
age
75462
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7982
x-xss-protection
0
expires
Wed, 13 Apr 2022 14:22:13 GMT
plusone.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lf9fRwAwVpPaHqlkNgarYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"0ab444474500f3dd8e11c64dab872e43"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-lf9fRwAwVpPaHqlkNgarYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Wed, 14 Apr 2021 11:19:55 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/
475 B
832 B
Image
General
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 02:26:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 11:22:33 GMT
server
sffe
age
32031
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Wed, 21 Apr 2021 02:26:04 GMT
1593595005_441282_1593611792_noticia_normal.jpg
as01.epimg.net/futbol/imagenes/2020/07/01/primera/
106 KB
107 KB
Image
General
Full URL
https://as01.epimg.net/futbol/imagenes/2020/07/01/primera/1593595005_441282_1593611792_noticia_normal.jpg
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.3.5 epet/0.8.0.2 /
Resource Hash
8d26d3e2340b5ba94a054b60f630c19142b459defaf391be96ff0a9f6ec91c02

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:55 GMT
via
1.1 varnish, 1.1 varnish
age
29909
x-cache
HIT, HIT
edge-control
cache-maxage=1d
x-cache-hits
1, 1
content-length
109048
x-served-by
cache-mad22020-MAD, cache-hhn4030-HHN
last-modified
Wed, 01 Jul 2020 13:56:30 GMT
server
nginx/1.3.5 epet/0.8.0.2
x-timer
S1618399195.435195,VS0,VE1
etag
"5efc960e-1a9f8"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
expires
Fri, 26 Feb 2021 03:42:11 GMT
5e2b91f705554.r_1593604260997.93-144-677-533.jpeg
sc2.elpais.com.uy/files/article_default_content/files/crop/uploads/2020/01/24/
62 KB
63 KB
Image
General
Full URL
https://sc2.elpais.com.uy/files/article_default_content/files/crop/uploads/2020/01/24/5e2b91f705554.r_1593604260997.93-144-677-533.jpeg
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:724a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4987a5ba84b830b7f8cccf22bfecd85f5d483a00932aa495d450e8de4f3ce96f

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:55 GMT
vary
Accept
cf-cache-status
HIT
age
173347
cf-polished
origFmt=jpeg, origSize=175345
x-cache-store
6302619
x-cache-hits
0
content-disposition
inline; filename="5e2b91f705554.webp"
cf-bgj
imgq:100,h2pri
x-cache-time
1w
content-length
63604
cf-request-id
0971b5091c00003258ef9b9000000001
last-modified
Wed, 01 Jul 2020 11:50:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-grey
f1
content-type
image/webp
x-geoip
ch
accept-ranges
bytes
cf-ray
63fc8abb59123258-FRA
x-whom
m1
expires
Mon, 19 Apr 2021 11:10:48 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
665 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5364089433529495526&zx=a3db7359-59e0-4cb7-960c-107bbb85890c
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 11:19:55 GMT
server
GSE
date
Wed, 14 Apr 2021 11:19:55 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
dmmzkfd82wayn.cloudfront.net/
367 KB
128 KB
Script
General
Full URL
https://dmmzkfd82wayn.cloudfront.net/?kzmmd=674579
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:8200:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1da5a29a62ce7d98ff482c71568412783517f88ea8b508a7ec354b8107a52379

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:55 GMT
content-encoding
gzip
x-amz-cf-pop
TXL52-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
130356
via
1.1 78aa4ecfac2dbbed080d75d85f660486.cloudfront.net (CloudFront)
x-amz-cf-id
UpdC-C-oEz7doGGNLLfmMsXO7R2z8ksmX_2bYV4d7ziIZUGcO8pT7Q==
cndf79.blogspot.com.826817.js
jsc.mgid.com/c/n/
282 KB
70 KB
Script
General
Full URL
https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c55702e6019e84164b07773cc58106d58b12a245080713fce32218cbbe26dba

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:55 GMT
content-encoding
br
cf-cache-status
HIT
age
6330
cf-polished
origSize=288496
last-modified
Thu, 01 Apr 2021 10:38:14 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Z4QAX1JCQAR0QV82
x-amz-id-2
m50q/FZBL0jSBz/86ef74PtsJO2qC/av3U+o2qYPte7DWp4GKhF6xT61kuVcdb6WRL8RI454CtE=
cf-bgj
minify
server
cloudflare
etag
W/"41b717c509da401204efa3db311fd7a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
0971b5092600004c00a10b4000000001
cf-ray
63fc8abb69804c00-AMS
expires
Wed, 14 Apr 2021 14:19:55 GMT
805b341738096b4eb8ffc34d81f94171.js
surgicalexpectingdecisive.com/80/5b/34/
0
0
Script
General
Full URL
https://surgicalexpectingdecisive.com/80/5b/34/805b341738096b4eb8ffc34d81f94171.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Apr 2021 11:19:55 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cookienotice.js
www.vivoplay.sigue.la/js/
6 KB
2 KB
Script
General
Full URL
https://www.vivoplay.sigue.la/js/cookienotice.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 San Mateo, United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 10:22:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:19:55 GMT
1893845785-widgets.js
www.blogger.com/static/v1/widgets/
143 KB
52 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/1893845785-widgets.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74f7a661dfad6247cc977f7042ee2e3db5d5f78d1d0b7987569821dfd445da25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 13:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 06:18:38 GMT
server
sffe
age
77864
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53165
x-xss-protection
0
expires
Wed, 13 Apr 2022 13:42:11 GMT
image
themes.googleusercontent.com/
218 KB
218 KB
Image
General
Full URL
https://themes.googleusercontent.com/image?id=1IklOAY2G5rECi3_MpjLOcuc-xSezl_d4fGssxb7G4imfdcXscGbiLCVEgznQMsSvm4kA&options=w1600
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8ef3c4d6cef43f8feed794408ea9dc937abb6a1615910a03a18297f4a02aed80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:55 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
222827
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/
142 KB
50 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84b4152f00e70008b4f6d07fb34b7a185e523f81cbfe7e9c401a794c73f01ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 23:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 15:29:21 GMT
server
sffe
age
561306
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50974
x-xss-protection
0
expires
Thu, 07 Apr 2022 23:24:49 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/
52 KB
17 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98c523b65083f335b04fc6c001eb2bb54e565612b1cc6ff5e66db369e54e4117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 10:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 15:29:21 GMT
server
sffe
age
522744
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17264
x-xss-protection
0
expires
Fri, 08 Apr 2022 10:07:31 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
191 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 10:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 10:03:38 GMT
gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/
403 B
747 B
Image
General
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 02:10:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 10:11:50 GMT
server
sffe
age
32989
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
403
x-xss-protection
0
expires
Wed, 21 Apr 2021 02:10:06 GMT
compatibility.js
celeritascdn.com/script/
20 KB
8 KB
Script
General
Full URL
https://celeritascdn.com/script/compatibility.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
803
x-guploader-uploadid
ABg5-UwzV4UPX2dxkIneQW96wZMTo0hclYCZ43yYycTzn7H3K77QD-3o6uzwZCae8swY6ErSwU6ePTT08eHaAJM1DYRcq63MCA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
0971b509ed0000d6cde9baf000000001
last-modified
Tue, 15 Sep 2020 12:10:32 GMT
server
cloudflare
etag
W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
x-goog-generation
1600171832181211
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
20647
cf-ray
63fc8abcac17d6cd-FRA
expires
Wed, 14 Apr 2021 15:19:55 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
46 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5364089433529495526&zx=a3db7359-59e0-4cb7-960c-107bbb85890c
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 11:19:55 GMT
server
GSE
date
Wed, 14 Apr 2021 11:19:55 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
navbar.g
www.blogger.com/ Frame 9384
7 KB
3 KB
Document
General
Full URL
https://www.blogger.com/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&vt=-4587323285458338797&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a9b4676a445d5ddd4aea3da784f8b8841a174883e439bd1e7fb4ac4868183150
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&vt=-4587323285458338797&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.vivoplay.sigue.la/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.vivoplay.sigue.la/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
2588
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
805b341738096b4eb8ffc34d81f94171.js
surgicalexpectingdecisive.com/80/5b/34/
0
0
Script
General
Full URL
https://surgicalexpectingdecisive.com/80/5b/34/805b341738096b4eb8ffc34d81f94171.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Apr 2021 11:19:55 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
identify.html
ufpcdn.com/script/ Frame 3DBE
2 KB
2 KB
Document
General
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method
GET
:authority
ufpcdn.com
:scheme
https
:path
/script/identify.html?frmt=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.vivoplay.sigue.la/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.vivoplay.sigue.la/

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
content-type
text/html
set-cookie
__cfduid=d9fa0bd6cbd1fb85b8aaa27e71fbabcb81618399195; expires=Fri, 14-May-21 11:19:55 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=d7eafb7cb85634e6cbfe6cb28f43714c14a6a0e6-1618399196-1800-AQv9lLhg2DCj3/EF9TKGIcThCQrkoZ3gfzWnwA76zl8QJb0PIH9Zahb6dJ9Cozsi8yYBHGOXSUxIs8LRz5vbcSA=; path=/; expires=Wed, 14-Apr-21 11:49:56 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
cf-request-id
0971b50af4000063bfed173000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r477cRUBIncQgQXpyAn0DEWHilims3eSPBvfiF9hpd0uMwwUgZ68%2FRVoxj7dIi7x9C31hNIjZa8ui4DuIXe0Oi2qWDPSPm92bJbxeBh6013bT%2FmV1LeT"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
63fc8abe5cb763bf-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
/
c.mgid.com/pv/
0
307 B
Script
General
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1618399196379292794648&uniqId=0d6f9&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&lu=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&pageView=1&site=343057&pvid=178d01bf4dca41bd8ab&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8ac18fd34c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50cf800004c0071b56000000001
MGID_plus.svg
cdn.mgid.com/images/logos/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
br
cf-cache-status
HIT
age
1528
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
0971b50cf800004c006496d000000001
cf-ray
63fc8ac18fd64c00-AMS
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
968 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
br
cf-cache-status
HIT
age
2949
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
0971b50cf800004c00422ab000000001
cf-ray
63fc8ac18fd74c00-AMS
truncated
/
138 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vivoplay.sigue.la
Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jan 2015 22:48:53 GMT
server
sffe
age
263778
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19684
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
suurl.php
onclickgenius.com/script/
5 KB
1 KB
Script
General
Full URL
https://onclickgenius.com/script/suurl.php?r=2084715&cbrandom=0.21032605583865682&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Vivo%20PLAY&cbref=&cbdescription=Ver%20futbol%20uruguayo%20en%20vivo%2C%20Ver%20champions%20leage%20%2C%20ver%20copa%20libertadores%2C%20ver%20NBA&cbkeywords=&cbcdn=celeritascdn.com
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty /
Resource Hash
63e83cdc33b36f73e96565f18ec47d74da33c1ea29e9fa757b76217fc5341b0e

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
chrome.js
celeritascdn.com/script/
36 KB
12 KB
Script
General
Full URL
https://celeritascdn.com/script/chrome.js
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
771
x-guploader-uploadid
ABg5-UzZn1sbJto65-QjjBX2PEkLV5N2SSUq_XZupK0xGRfVevVeevuHFQV4CAphTWA-3qbh4puVdxspqiNzYgZttskJXH1s4A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
0971b50d6a0000d6cd4dab4000000001
last-modified
Mon, 14 Sep 2020 09:15:29 GMT
server
cloudflare
etag
W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
x-goog-generation
1600074929755781
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
37300
cf-ray
63fc8ac24d2fd6cd-FRA
expires
Wed, 14 Apr 2021 15:19:56 GMT
1
servicer.mgid.com/826817/
2 KB
1 KB
Script
General
Full URL
https://servicer.mgid.com/826817/1?pv=5&cbuster=1618399196537184204340&uniqId=0d6f9&niet=4g&nisd=false&w=330&h=950&cols=1&ref=&cxurl=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&lu=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&pageView=1&pvid=178d01bf579a3a76c6f&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff5e1b48f53d3744f10e3a694da8433dfa56f40dabea75b1e23581dd1dc72bd1

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8ac279e64c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50d8800004c0062beb000000001
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 9384
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&vt=-4587323285458338797&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8efc41712e500288b849790e1c0694e0f6b62c2e302b1ea74527e664039ac0b1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z/i9ZjLuXhFGnLgdaNBMUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"73f9d378d8859ef7f0fab3087dc950d0"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Z/i9ZjLuXhFGnLgdaNBMUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Wed, 14 Apr 2021 11:19:56 GMT
icons_peach.png
resources.blogblog.com/img/navbar/ Frame 9384
907 B
1008 B
Image
General
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&vt=-4587323285458338797&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 08:05:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 11:10:50 GMT
server
sffe
age
98049
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
907
x-xss-protection
0
expires
Tue, 20 Apr 2021 08:05:47 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame 9384
117 B
217 B
Image
General
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5364089433529495526&blogName=Vivo+PLAY&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.vivoplay.sigue.la/search&blogLocale=es&v=2&homepageUrl=https://www.vivoplay.sigue.la/&vt=-4587323285458338797&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 16:24:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 09:08:23 GMT
server
sffe
age
68140
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Tue, 20 Apr 2021 16:24:16 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame 9384
120 KB
41 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45e713a20df33e0ae79c9cd5adf8f1a0fafd83410a0501fd35b98d05d37ba7de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 23:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 15:29:21 GMT
server
sffe
age
561260
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41446
x-xss-protection
0
expires
Thu, 07 Apr 2022 23:25:36 GMT
i.js
cm.mgid.com/
1 KB
817 B
Script
General
Full URL
https://cm.mgid.com/i.js?&cbuster=1618399196665676005610
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6e41802c85af46bda3be21b4de701d7a91647ce371f9bd12489544350dec38

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
ff157376-3025-4dca-8548-524903a5f73b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8ac33c4b4c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50e0500004c0073056000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 3688
19 B
303 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1618399196671847196077
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
e3ec047f-9c7a-4733-a1a0-fa26c9ddaa69
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8ac34c7a4c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50e1200004c00b929b000000001
server
cloudflare
beacon.js
sb.scorecardresearch.com/
1 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-89.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 10:50:47 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1750
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
lHJFGJUkLY3ESDOVyYfIkaI6yIGJgtGnlXvbG2gGe6VP6Fzma-h2FQ==
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp
s-img.mgid.com/g/8164894/492x328/72x0x1009x672/
17 KB
17 KB
Image
General
Full URL
https://s-img.mgid.com/g/8164894/492x328/72x0x1009x672/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1618399196-AXqFEODdlLHQo30N2ZZH9DEC9VZFT2HnPQNhnwH4MpI
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c855da7d6a9ea7c971ed9cb6a6c9005cae2914ac88337feed3f8202c678e87c

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
ea52286b-e10a-48ee-a17d-c223a184221b
age
5619304
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16950
cf-request-id
0971b50e1300004c00688b2000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63fc8ac35c824c00-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzdkNWY2ZjU1ZmExZjUyYTE1MmJkYzA3ODkxNzMyM2QwLmpwZWc.webp
s-img.mgid.com/g/8164918/492x328/0x135x609x406/
29 KB
29 KB
Image
General
Full URL
https://s-img.mgid.com/g/8164918/492x328/0x135x609x406/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzdkNWY2ZjU1ZmExZjUyYTE1MmJkYzA3ODkxNzMyM2QwLmpwZWc.webp?v=1618399196-adv2uF1PrFqiH3jTB0r-ags56RnoGrgeum4OF-JKxF8
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fb5396b1b1f19c2227d2a0b790e2eeb1f99243341e18590e4d6624f9ba9dd5

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
31722672-8eb8-4be8-9da6-93730bc8125b
age
5619403
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29558
cf-request-id
0971b50e1300004c007c898000000001
last-modified
Mon, 08 Feb 2021 10:20:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63fc8ac35c864c00-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0LzlmYTIzMDQ1MzdhMzUwMmEwZjcxM2U5MTVmMjlkNmE1LnBuZw.webp
s-img.mgid.com/g/8164914/492x328/0x267x552x368/
11 KB
11 KB
Image
General
Full URL
https://s-img.mgid.com/g/8164914/492x328/0x267x552x368/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0LzlmYTIzMDQ1MzdhMzUwMmEwZjcxM2U5MTVmMjlkNmE1LnBuZw.webp?v=1618399196-vGqbGAIRtX3h6Qtedc0RPETes0Ab8QNscCYqIKaIxec
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7925cc7b40a9ac25b0c24578d98ad8548e5bf82cb7da9e91b1dbe59a53d0fa

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
f9c3c16d-1e82-4778-9486-648dce73270c
age
5619531
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10752
cf-request-id
0971b50e1300004c007716b000000001
last-modified
Mon, 08 Feb 2021 10:20:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63fc8ac35c814c00-AMS
usync.html
eus.rubiconproject.com/ Frame FD7A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1618399196665676005610
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.vivoplay.sigue.la/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.vivoplay.sigue.la/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Apr 2021 11:19:56 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 14 Apr 2021 11:19:56 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
cm.lentainform.com/setmuidn/
0
624 B
Image
General
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l3eU392eQfj4
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
63fc8ac42f21bf78-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50e9c0000bf784886d000000001
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=iUt1mMUrpBRV1NauxQ0Q&pi=mgid&tc=1
43 B
282 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=501037&c=iUt1mMUrpBRV1NauxQ0Q&pi=mgid&tc=1
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
144be61e-d56c-41af-a3de-316a3089fc99
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8ac47f3d4c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50ec900004c00b92af000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=iUt1mMUrpBRV1NauxQ0Q&pi=mgid&tc=1
pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT, Wed, 14 Apr 2021 11:19:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=9c1f10e4-4649-4992-99a6-fdefcdb1dd66&ttl=1620991196
43 B
336 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=371158&c=9c1f10e4-4649-4992-99a6-fdefcdb1dd66&ttl=1620991196
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
83ec5a97-5a6a-4dfa-899d-a1a2a85bb5e3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8ac42e6e4c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50e9600004c005b009000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=9c1f10e4-4649-4992-99a6-fdefcdb1dd66&ttl=1620991196
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDNlVTM5MmVRZmo0&muidn=l3eU392eQfj4
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDNlVTM5MmVRZmo0&muidn=l3eU392eQfj4&google_tc=
  • https://cm.mgid.com/google?muidn=l3eU392eQfj4&google_ula={guid},5&google_gid=CAESELEPHouTPKtKMa9K7949Jow&google_cver=1
0
119 B
Image
General
Full URL
https://cm.mgid.com/google?muidn=l3eU392eQfj4&google_ula={guid},5&google_gid=CAESELEPHouTPKtKMa9K7949Jow&google_cver=1
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8ac528854c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50f3b00004c004b082000000001

Redirect headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l3eU392eQfj4&google_ula={guid},5&google_gid=CAESELEPHouTPKtKMa9K7949Jow&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cm.idealmedia.io/setmuidn/
0
555 B
Image
General
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l3eU392eQfj4
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
63fc8ac42dadfa40-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
0971b50e960000fa409113a000000001
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=tfNllsJV0xxxD4ebPtLNWo9H&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=84af066f-1dfa-4c89-a2cb-22d3a64a792c&gdpr=&gdpr_consent=&us_privacy=
43 B
347 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=433145&c=84af066f-1dfa-4c89-a2cb-22d3a64a792c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:57 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
a58fe032-9604-49a7-9385-47b944f3277a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8ac579454c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b50f6a00004c00688d7000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=84af066f-1dfa-4c89-a2cb-22d3a64a792c&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 14 Apr 2021 11:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l3eU392eQfj4
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l3eU392eQfj4
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=84af066f-1dfa-4c89-a2cb-22d3a64a792c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=84af066f-1dfa-4c89-a2cb-22d3a64a792c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 11:19:56 GMT
X-lat
lhrpug009:0:557
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=84af066f-1dfa-4c89-a2cb-22d3a64a792c&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 14 Apr 2021 11:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1618399196808&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1618399196808&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&c9=
64 B
329 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1618399196808&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&c9=
Requested by
Host: www.vivoplay.sigue.la
URL: https://www.vivoplay.sigue.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-89.txl52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:19:56 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
05vdQVJ5zoat2-rDO5B1VQ_tfOddAkwBrcBySYEmcR2aw4F1mGByTA==

Redirect headers

date
Wed, 14 Apr 2021 11:19:56 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1618399196808&ns_c=UTF-8&cv=3.5&c8=Vivo%20PLAY&c7=https%3A%2F%2Fwww.vivoplay.sigue.la%2F&c9=
content-length
180
x-amz-cf-id
9-L6B7hsT2A43XmiO65syMyyKgTEb3oc1bLd8FGqgREIrdYgrR4t3A==
usync.js
eus.rubiconproject.com/ Frame FD7A
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2a9919dba758e9c6b34949c20ea05be4ec312381d469584837a21f244e1b536c

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 11:19:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75533
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Thu, 15 Apr 2021 08:18:49 GMT
khaos.jpg
token.rubiconproject.com/ Frame FD7A
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
1050234869-lightbox_bundle.css
www.blogger.com/static/v1/v-css/
35 KB
35 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/v-css/1050234869-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1893845785-widgets.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4af6a8adde85f07754ae5db2fba4846d72c45ac43c0b623ddc44bbc1ed7375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 15:37:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 04:27:10 GMT
server
sffe
age
70944
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35768
x-xss-protection
0
expires
Wed, 13 Apr 2022 15:37:33 GMT
2152408009-lbx__es.js
www.blogger.com/static/v1/jsbin/
372 KB
372 KB
Script
General
Full URL
https://www.blogger.com/static/v1/jsbin/2152408009-lbx__es.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1893845785-widgets.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c537ca0f9a6edb8f4fa7cc14a44273ea7597d5b04c0d5083c371a70557b34618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 02:10:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 01:14:43 GMT
server
sffe
age
119358
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
380775
x-xss-protection
0
expires
Wed, 13 Apr 2022 02:10:39 GMT
c
c.mgid.com/
43 B
154 B
Image
General
Full URL
https://c.mgid.com/c?f=1&pv=3&v=327|295|8|OnpeDrNVLydAsR5g0e3OjyfLL0rRqtdWYBfKHg970JN6pVmXUed6TPSGVEmf0DU_&fw=1&extjs=66044&v=327|295|8|OnpeDrNVLydAsR5g0e3Ojw7zr7Me1DCuhq_-J8tHNSeZ5gvoXBY2ZuBv7W4xOKp1&cid=826817&h2=7-s6JdLc8gX6y_RIqA1eQ9aYHH7pBBmuTjgnQzBHb1Y*&rid=57af16da-9d13-11eb-a137-d094662f8ab5&tt=Direct&iv=11&pageImp=1&cbuster=1618399197798300087271&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.vivoplay.sigue.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 11:19:57 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
c9bbbadc-0fe6-4119-baa7-f259b56571e8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63fc8aca4cee4c00-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0971b5127500004c0061bfb000000001
server
cloudflare

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl object| adcashMacros object| zoneSett object| urls object| _0x6e62 function| acPrefetch object| CTABPu boolean| google_empty_script_included object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| _0x30a0 function| ufpAttach object| CTAMAT number| delay object| adcashUfp boolean| mgCanLoad826817 boolean| mgFallback826817 boolean| mgShortWidget826817 boolean| mgUseConvertedCode826817 string| mgRootId826817 object| div826817 string| rootDiv826817 string| mgPreloadId826817 object| _mgIntExchangeNews object| MarketGidInfC826817 function| MarketGidCContextBlock826817 function| MarketGidCMainBlock826817 function| MarketGidCInternalExchangeBlock826817 function| MarketGidCColorBlock826817 function| MarketGidCRejectBlock826817 function| MarketGidCCriteoBlock826817 function| MarketGidCAmpRenderBlock826817 function| MarketGidCInternalExchangeLoggerBlock826817 function| MarketGidCObserverBlock826817 function| MarketGidCSendDimensionsBlock826817 function| MarketGidCAntifraudBlock826817 function| MarketGidCAntifraudStatisticsBlock826817 function| MarketGidCRtbBlock826817 function| MarketGidCIframeSizeChangerBlock826817 function| MarketGidCExternalCountersBlock826817 function| MarketGidCYandexTurboBlock826817 function| MarketGidCContentPreviewBlock826817 function| MarketGidCCountersBlock826817 function| MarketGidCGradientBlock826817 function| MarketGidCResponsiveBlock826817 object| onClickExcludes function| mgReject826817 function| mgLoadAds826817_0d6f9 function| MarketGidCReject826817 function| MarketGidLoadGoods826817_0d6f9 function| AdskeeperCReject826817 function| AdskeeperLoadGoods826817_0d6f9 function| LentaInformCReject826817 function| LentaInformLoadGoods826817_0d6f9 function| IdealMediaCReject826817 function| IdealMediaLoadGoods826817_0d6f9 string| _mgCanonicalUri boolean| _mgPageViewPixel343057 boolean| mg_loaded_343057_826817 boolean| _mgPageView343057 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_418010 object| cookieChoices object| _0x756f object| Cnac object| stamat function| NqPnfu0019925800294695595 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa function| LoadCriteoAllPlaces826817_0d6f9 boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore object| _adas_v211fa function| udm_ object| ns_p object| COMSCORE function| jonIUBFjnvJDNvluc0.9787544884092196 object| _mgwcapping boolean| _mgPageImp343057

3 Cookies

Domain/Path Name / Value
.ufpcdn.com/ Name: __cf_bm
Value: d7eafb7cb85634e6cbfe6cb28f43714c14a6a0e6-1618399196-1800-AQv9lLhg2DCj3/EF9TKGIcThCQrkoZ3gfzWnwA76zl8QJb0PIH9Zahb6dJ9Cozsi8yYBHGOXSUxIs8LRz5vbcSA=
www.vivoplay.sigue.la/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C826817%22%3A%7B%22page%22%3A1%2C%22time%22%3A1618399196659%7D%7D
www.vivoplay.sigue.la/ Name: adcashufpv3
Value: 133414409612161331436008831

1 Console Messages

Source Level URL
Text
console-api debug URL: https://jsc.mgid.com/c/n/cndf79.blogspot.com.826817.js(Line 1)
Message:
[object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
as01.epimg.net
c.mgid.com
cdn.mgid.com
celeritascdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dmmzkfd82wayn.cloudfront.net
eus.rubiconproject.com
fonts.gstatic.com
green.erne.co
jsc.mgid.com
match.adsrvr.org
onclickgenius.com
pagead2.googlesyndication.com
resources.blogblog.com
s-img.mgid.com
sb.scorecardresearch.com
sc2.elpais.com.uy
secure-assets.rubiconproject.com
servicer.mgid.com
simage2.pubmatic.com
surgicalexpectingdecisive.com
themes.googleusercontent.com
token.rubiconproject.com
ufpcdn.com
www.blogger.com
www.vivoplay.sigue.la
x.bidswitch.net
104.111.230.142
104.16.221.74
104.19.136.78
104.19.216.61
142.250.185.130
151.101.114.133
184.30.212.16
185.184.8.30
185.64.190.80
192.243.59.20
216.239.32.21
2600:9000:20e8:8200:6:2e3c:5fc0:21
2606:4700:10::6814:724a
2606:4700:3037::ac43:8e31
2606:4700::6810:5b06
2a00:1450:4001:802::2003
2a00:1450:4001:808::2009
2a00:1450:4001:809::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2009
2a00:1450:4001:82a::2002
35.156.245.144
35.190.71.96
52.19.21.254
69.173.144.138
94.23.171.206
99.84.156.89
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02fb5396b1b1f19c2227d2a0b790e2eeb1f99243341e18590e4d6624f9ba9dd5
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
1c55702e6019e84164b07773cc58106d58b12a245080713fce32218cbbe26dba
1da5a29a62ce7d98ff482c71568412783517f88ea8b508a7ec354b8107a52379
2a9919dba758e9c6b34949c20ea05be4ec312381d469584837a21f244e1b536c
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45e713a20df33e0ae79c9cd5adf8f1a0fafd83410a0501fd35b98d05d37ba7de
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4987a5ba84b830b7f8cccf22bfecd85f5d483a00932aa495d450e8de4f3ce96f
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1
5c855da7d6a9ea7c971ed9cb6a6c9005cae2914ac88337feed3f8202c678e87c
63e83cdc33b36f73e96565f18ec47d74da33c1ea29e9fa757b76217fc5341b0e
6a7925cc7b40a9ac25b0c24578d98ad8548e5bf82cb7da9e91b1dbe59a53d0fa
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74f7a661dfad6247cc977f7042ee2e3db5d5f78d1d0b7987569821dfd445da25
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84b4152f00e70008b4f6d07fb34b7a185e523f81cbfe7e9c401a794c73f01ecb
8d26d3e2340b5ba94a054b60f630c19142b459defaf391be96ff0a9f6ec91c02
8ef3c4d6cef43f8feed794408ea9dc937abb6a1615910a03a18297f4a02aed80
8efc41712e500288b849790e1c0694e0f6b62c2e302b1ea74527e664039ac0b1
938ee0f74d4e9d8ca415010a858a9f90d6582bc12f0aadbce91c3aa37fe3d04b
98c523b65083f335b04fc6c001eb2bb54e565612b1cc6ff5e66db369e54e4117
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a9b4676a445d5ddd4aea3da784f8b8841a174883e439bd1e7fb4ac4868183150
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab6e41802c85af46bda3be21b4de701d7a91647ce371f9bd12489544350dec38
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c537ca0f9a6edb8f4fa7cc14a44273ea7597d5b04c0d5083c371a70557b34618
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4af6a8adde85f07754ae5db2fba4846d72c45ac43c0b623ddc44bbc1ed7375
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
ff5e1b48f53d3744f10e3a694da8433dfa56f40dabea75b1e23581dd1dc72bd1
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a