urlscan.io logo urlscan.io
SecurityTrails logo

nstream.us Open in urlscan Pro
2400:cb00:2048:1::681f:55f5  Public Scan

Go To Rescan Add Verdict Report
URL: http://nstream.us/?p=59
Submission: On September 24 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 49 HTTP transactions. The main IP is 2400:cb00:2048:1::681f:55f5, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is nstream.us.
This is the only time nstream.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2400:cb00:204... 13335 (CLOUDFLAR...)
7 2606:2800:233... 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2400:cb00:204... 13335 (CLOUDFLAR...)
1 52.200.42.178 14618 (AMAZON-AES)
49 14
5    2400:cb00:2048:1::681f:55f5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
nstream.us
1    2a00:1450:4001:812::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
13    2400:cb00:2048:1::681f:54f5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
nstream.us
7    2606:2800:233:9d9:186a:1821:7f8:93e (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ssl.p.jwpcdn.com
4    2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:81b::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
2    2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
2    2a00:1450:4001:810::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:812::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:812::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
5    2400:cb00:2048:1::681b:9918 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
sv1.videolive.site
1    52.200.42.178 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-200-42-178.compute-1.amazonaws.com
jwpltx.com
Domain Requested by
18 nstream.us nstream.us
7 ssl.p.jwpcdn.com nstream.us
ssl.p.jwpcdn.com
6 pagead2.googlesyndication.com nstream.us
pagead2.googlesyndication.com
5 sv1.videolive.site ssl.p.jwpcdn.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
nstream.us
1 jwpltx.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.youtube.com nstream.us
1 www.googletagmanager.com nstream.us
1 fonts.googleapis.com nstream.us
49 12

This site contains links to these domains. Also see Links.

Domain
www.insertcart.com
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://nstream.us/?p=59
Frame ID: 828DB54AAADB796FEC44D608AC534F4E
Requests: 41 HTTP requests in this frame

Frame: https://www.youtube.com/live_chat?v=gMatIQFBoTw&embed_domain=nstream.us
Frame ID: 34B49CD470FBBA89A61F0CBBE466C28A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/zrt_lookup.html
Frame ID: 37D6C78C6CD43F12214ACF4C19465B1D
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Frame ID: E994EF5C8F9A415160FDD8703F7D14B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=652392843&adf=1760962592&w=1200&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=1440&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786885&bpp=12&bdt=230&fdt=15&idt=195&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&correlator=4627021178289&frm=20&pv=2&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=145066994434044&dssz=32&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=73&ady=50&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=7Aa9dhyHSw&p=http%3A//nstream.us&dtd=214
Frame ID: D9C8DD9C3D2B0594D5EC91C22B460DCE
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Frame ID: 93ED5075876B70F2C2D5496F14354F9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=501810535&adf=243417426&w=791&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=791x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=791.422&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786900&bpp=18&bdt=246&fdt=333&idt=334&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=4627021178289&frm=20&pv=1&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=2396866808119292&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=184&ady=252&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=rpi4VGWmjx&p=http%3A//nstream.us&dtd=342
Frame ID: CD8538B5C00A8DD75CDAE29C05E3CA57
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Frame ID: 6B41259B555E64AE1834D1DD605EC129
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=511283898&adf=936076959&w=801&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=801x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=801.422&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786918&bpp=13&bdt=264&fdt=375&idt=376&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90%2C791x90&correlator=4627021178289&frm=20&pv=1&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=2396866808119292&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=179&ady=874&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&fsb=1&xpc=u4PtmieMoq&p=http%3A//nstream.us&dtd=391
Frame ID: EDF199CA39E55DBB561234DF9C6166D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

49
Requests

24 %
HTTPS

92 %
IPv6

12
Domains

12
Subdomains

14
IPs

2
Countries

4877 kB
Transfer

6464 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
nstream.us/ 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:55f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
30186756d738c58ec2f0cbf13fe3383fd8eac7e692bc0dc5b5846a6a2cb502bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
nstream.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786; expires=Tue, 24-Sep-19 00:26:26 GMT; path=/; domain=.nstream.us; HttpOnly
Vary
Accept-Encoding
X-Pingback
http://nstream.us/xmlrpc.php
Link
<http://nstream.us/index.php?rest_route=/>; rel="https://api.w.org/" <http://nstream.us/?p=59>; rel=shortlink
X-Powered-By
VPSSIM
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Server
cloudflare
CF-RAY
45f11e9a34379aca-FRA
Content-Encoding
gzip
style.css
nstream.us/wp-content/themes/level/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/style.css?ver=4.9.8
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:55f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
027be998a0fc691bbd5106ab38affe8d6794ea6cd0816a015ff37c4c5e22b901

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-369f"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9ca4a59aca-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=4.9.8
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
f145c9a6773e51ff3e29eec0172a2fd9da779693590f92c455803ac0946ca25e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Sep 2018 00:26:26 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Sep 2018 00:26:26 GMT
font-awesome.min.css
nstream.us/wp-content/themes/level/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/font-awesome/css/font-awesome.min.css?ver=4.9.8
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-7918"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9cb20e97c2-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
foundation.min.css
nstream.us/wp-content/themes/level/foundation/css/ 		61 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/foundation/css/foundation.min.css?ver=4.9.8
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
7743b446a0f56676feedf24cbb4b8f08d0811ccb7b818560b820b967e33dbc5c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-f471"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9cb036648d-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
custom.css
nstream.us/wp-content/themes/level/css/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/css/custom.css?ver=4.9.8
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
e09dca55e2b40338c00ab00511be4fea783302493c4236f43488ed8067633857

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-9faf"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9cb33463d3-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
jquery.js
nstream.us/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 23 May 2016 09:00:29 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5742c6ad-17ba0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9cb6bd64bd-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
jquery-migrate.min.js
nstream.us/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 20 May 2016 06:11:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"573eaa90-2748"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9cb63a6451-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
jwplayer.js
ssl.p.jwpcdn.com/player/v/8.5.3/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.js
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F29) /
Resource Hash
ef4154f7fd74083cfb16e920c48f832007b1eaa5c5bbae223eb901110eb258b3

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 19:11:48 GMT
Server
ECAcc (frc/8F29)
Etag
"026b6ef61ec2a6cca21594cb0b3fe3be+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Content-Length
29351
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f5e4dd563714ea93303f87c6e24c7a1ccee3d51a1c38fed5a6e55b9bf05dab2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5233969381414062429
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
27514
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Sep 2018 00:26:26 GMT
Patriots-vs-Lions-300x210.png
nstream.us/wp-content/uploads/2018/09/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nstream.us/wp-content/uploads/2018/09/Patriots-vs-Lions-300x210.png
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:55f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
9bc80c3d919ebd636123daec1b17f9cdd0f17360a5459a5801fe324f3b3e7d70

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 23 Sep 2018 23:44:04 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
"5ba82544-1db65"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
45f11e9cb4a89aca-FRA
Content-Length
121701
Expires
Wed, 24 Oct 2018 00:26:26 GMT
navigation.js
nstream.us/wp-content/themes/level/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/js/navigation.js?ver=20120206
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:55f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-8e7"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9ce4b19aca-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
skip-link-focus-fix.js
nstream.us/wp-content/themes/level/js/ 		880 B
916 B 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/js/skip-link-focus-fix.js?ver=20130115
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-370"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
CF-RAY
45f11e9cf6cc64bd-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
foundation.core.js
nstream.us/wp-content/themes/level/foundation/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/foundation/js/foundation.core.js
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
69794ce83fd8097346ef16bc424cd88dbe20ac419727de786088f7ba186ffc68

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-32a9"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9d36e064bd-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
foundation.min.js
nstream.us/wp-content/themes/level/foundation/js/ 		105 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/foundation/js/foundation.min.js
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:55f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
a2b134dcb49cf4a572b3b5a609668e6b92dab88bdf52925e6a229b82040107ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-1a587"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9d34be9aca-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
foundation.offcanvas.js
nstream.us/wp-content/themes/level/foundation/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/foundation/js/foundation.offcanvas.js
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
b64b3ebec7f63f6545e78c2d3cad2e7ee65d03d6fb0576d6601d47f1ca655cd2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-2bd0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9d3057648d-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
comment-reply.min.js
nstream.us/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-includes/js/comment-reply.min.js?ver=4.9.8
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 18 Nov 2015 19:15:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"564cce50-436"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9d36486451-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
loadscripts.js
nstream.us/wp-content/themes/level/js/ 		62 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/js/loadscripts.js?ver=1.0
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
9778467bb8930869e7f29d83d8ec51a3b79bd1d7c44c0fc046b24686decdd803

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5ba10178-3e"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
CF-RAY
45f11e9d334f63d3-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
wp-embed.min.js
nstream.us/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2016 13:38:33 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"58359bd9-576"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9d321f97c2-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
js
www.googletagmanager.com/gtag/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-97821370-1
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
93c78194a68eb84f0b07a7bdddedb4cd5fd030a446604eabacd6a4854998d0af
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 00:26:26 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
28172
x-xss-protection
1; mode=block
expires
Mon, 24 Sep 2018 00:26:26 GMT
wp-emoji-release.min.js
nstream.us/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/?p=59
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 13 Jul 2018 06:37:26 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
W/"5b4848a6-2efa"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45f11e9d464c6451-FRA
Expires
Wed, 24 Oct 2018 00:26:26 GMT
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.5.3/ 		235 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.core.controls.js
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.js
Protocol
HTTP/1.1
Server
2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F0E) /
Resource Hash
ccc31da9a4dfa4e49590deed970f67f6e9350ad738194cd1e5a01ed5c7cf96b1

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 19:11:46 GMT
Server
ECAcc (frc/8F0E)
Etag
"a9ff8809cfbcf1f89405bee99bad91c4+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Content-Length
59737
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.5.3/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ssl.p.jwpcdn.com/player/v/8.5.3/jwpsrv.js
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.js
Protocol
HTTP/1.1
Server
2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F9D) /
Resource Hash
b2dddd0fff7b8caa7b5ce8fbcce68bf6f6f23d8a3ed6f045ce35e8f9b173cf68

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Sep 2018 18:05:31 GMT
Server
ECAcc (frc/8F9D)
Etag
"2c29a903f5eb57114cac0bb770fd2652+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, immutable
Content-Length
14054
gapro.js
ssl.p.jwpcdn.com/player/plugins/gapro/v/2.1.3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ssl.p.jwpcdn.com/player/plugins/gapro/v/2.1.3/gapro.js
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.js
Protocol
HTTP/1.1
Server
2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FB8) /
Resource Hash
c731e9c3c9a4c2ca4638fdaacacdf19ee9ab70ef6e88751ee5c0396d91de31db

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Dec 2017 02:48:22 GMT
Server
ECAcc (frc/8FB8)
Etag
"4b030d84f68290552d71323044e097bc+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Content-Length
1234
related.js
ssl.p.jwpcdn.com/player/v/8.5.3/ 		94 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ssl.p.jwpcdn.com/player/v/8.5.3/related.js
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.js
Protocol
HTTP/1.1
Server
2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8EA5) /
Resource Hash
18870576f7fc82fb2173fbfce069a2dec73fd1eb32f4edd86ece6b07d3f23f7a

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 19:11:54 GMT
Server
ECAcc (frc/8EA5)
Etag
"29bedda1dd5820ba9a87c42920c2ea35+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Content-Length
21046
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.5.3/ 		277 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ssl.p.jwpcdn.com/player/v/8.5.3/provider.hlsjs.js
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.js
Protocol
HTTP/1.1
Server
2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F10) /
Resource Hash
ae4812556a9ecc27dfce8bd963226ff135daaacf8bd2cc0e4a137dde870e96a7

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 19:11:50 GMT
Server
ECAcc (frc/8F10)
Etag
"170c07607df95cb510a93a55cb2fe134+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Content-Length
80409
live_chat
www.youtube.com/ Frame 34B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/live_chat?v=gMatIQFBoTw&embed_domain=nstream.us
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/live_chat?v=gMatIQFBoTw&embed_domain=nstream.us
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://nstream.us/?p=59
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59

Response headers

status
200
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 EST
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
gzip
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
strict-transport-security
max-age=31536000
content-length
40161
date
Mon, 24 Sep 2018 00:26:27 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=eIsZ7eqQq9w; path=/; domain=.youtube.com; expires=Sat, 23-Mar-2019 00:26:26 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sat, 25-May-2019 12:19:26 GMT YSC=h-lgS4NRi1I; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Mon, 24-Sep-2018 00:56:26 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
fontawesome-webfont.woff2
nstream.us/wp-content/themes/level/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://nstream.us/wp-content/themes/level/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:54f5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / VPSSIM
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma
no-cache
Origin
http://nstream.us
Accept-Encoding
gzip, deflate
Host
nstream.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://nstream.us/wp-content/themes/level/font-awesome/css/font-awesome.min.css?ver=4.9.8
Cookie
__cfduid=d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/wp-content/themes/level/font-awesome/css/font-awesome.min.css?ver=4.9.8
Origin
http://nstream.us

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
web-cache-location
/wp-content/cache/allnull/wp-content/themes/level/font-awesome/fonts/fontawesome-webfont.woff2index.html
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Sep 2018 13:45:28 GMT
Server
cloudflare
X-Powered-By
VPSSIM
ETag
"5ba10178-12d68"
Vary
Accept-Encoding
Content-Type
font/woff2
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
45f11e9d96546451-FRA
Content-Length
77160
Expires
Mon, 24 Sep 2018 04:26:26 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nstream.us
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Sep 2018 00:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nstream.us
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Sep 2018 00:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-8579775705095531.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8579775705095531.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 23 Sep 2018 13:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 22 Sep 2018 22:02:18 GMT
server
sffe
age
39887
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Mon, 24 Sep 2018 01:21:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/ Frame 37D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180917/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://nstream.us/?p=59
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 17 Sep 2018 19:12:12 GMT
expires
Mon, 01 Oct 2018 19:12:12 GMT
content-type
text/html; charset=UTF-8
etag
18162506661661110595
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6931
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
537254
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/ Frame E994 		196 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2f43b22b2ca1e4e5640d8b3d0714741fd9474b0070e38cb0cccbaddbda16a05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
10256124580689806231
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
74155
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Sep 2018 00:26:26 GMT
analytics.js
www.google-analytics.com/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97821370-1
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
2841
date
Sun, 23 Sep 2018 23:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16173
expires
Mon, 24 Sep 2018 01:39:06 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D9C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=652392843&adf=1760962592&w=1200&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=1440&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786885&bpp=12&bdt=230&fdt=15&idt=195&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&correlator=4627021178289&frm=20&pv=2&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=145066994434044&dssz=32&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=73&ady=50&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=7Aa9dhyHSw&p=http%3A//nstream.us&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=652392843&adf=1760962592&w=1200&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=1440&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786885&bpp=12&bdt=230&fdt=15&idt=195&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&correlator=4627021178289&frm=20&pv=2&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=145066994434044&dssz=32&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=73&ady=50&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=7Aa9dhyHSw&p=http%3A//nstream.us&dtd=214
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://nstream.us/?p=59
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 24 Sep 2018 00:26:27 GMT
server
cafe
cache-control
private
content-length
384
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Mon, 24-Sep-2018 00:41:27 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Mon, 24 Sep 2018 00:26:27 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 03:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26901
x-xss-protection
1; mode=block
server
cafe
etag
11408177114345171100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Oct 2018 03:08:23 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1903787292&t=pageview&_s=1&dl=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&ul=en-us&de=UTF-8&dt=Patriots%20vs%20Lions%20%7C%20NFL%20Week%203%20LIVE%20%7C%20New%20England%20Patriots%20at%20Detroit%20Lions%20%E2%80%93%20NSTREAM.US&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=247828&gjid=1744554077&cid=547105668.1537748787&tid=UA-97821370-1&_gid=1716681705.1537748787&_r=1&gtm=u9h&z=1923190691
Requested by
Host: nstream.us
URL: http://nstream.us/?p=59
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Sep 2018 00:26:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
playlist.m3u8
sv1.videolive.site/live/lions/ 		124 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://sv1.videolive.site/live/lions/playlist.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9918 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aea41a85ee90c5304f2969cadb8cc7f811e4d12601a30c68607e93c4096c759

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59
Origin
http://nstream.us

Response headers

Date
Mon, 24 Sep 2018 00:26:27 GMT
Server
cloudflare
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
http://nstream.us
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
45f11ea046f99700-FRA
Content-Length
124
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/ Frame 93ED 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2f43b22b2ca1e4e5640d8b3d0714741fd9474b0070e38cb0cccbaddbda16a05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
10256124580689806231
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
74155
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Sep 2018 00:26:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CD85 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=501810535&adf=243417426&w=791&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=791x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=791.422&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786900&bpp=18&bdt=246&fdt=333&idt=334&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=4627021178289&frm=20&pv=1&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=2396866808119292&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=184&ady=252&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=rpi4VGWmjx&p=http%3A//nstream.us&dtd=342
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=501810535&adf=243417426&w=791&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=791x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=791.422&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786900&bpp=18&bdt=246&fdt=333&idt=334&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=4627021178289&frm=20&pv=1&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=2396866808119292&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=184&ady=252&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=rpi4VGWmjx&p=http%3A//nstream.us&dtd=342
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://nstream.us/?p=59
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 24 Sep 2018 00:26:27 GMT
server
cafe
cache-control
private
content-length
383
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Mon, 24-Sep-2018 00:41:27 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Mon, 24 Sep 2018 00:26:27 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/ Frame 6B41 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2f43b22b2ca1e4e5640d8b3d0714741fd9474b0070e38cb0cccbaddbda16a05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Mon, 24 Sep 2018 00:26:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
10256124580689806231
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
74155
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Sep 2018 00:26:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EDF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=511283898&adf=936076959&w=801&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=801x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=801.422&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786918&bpp=13&bdt=264&fdt=375&idt=376&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90%2C791x90&correlator=4627021178289&frm=20&pv=1&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=2396866808119292&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=179&ady=874&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&fsb=1&xpc=u4PtmieMoq&p=http%3A//nstream.us&dtd=391
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8579775705095531&output=html&h=90&slotname=2019046801&adk=511283898&adf=936076959&w=801&fwr_io=true&fwrn=4&fwrnh=100&lmt=1537748787&rafmt=1&guci=1.2.0.0.2.2.0&format=801x90&url=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&flash=0&fwr=0&fwrattr=true&rh=0&rw=801.422&resp_fmts=3&wgl=1&adsid=NT&dt=1537748786918&bpp=13&bdt=264&fdt=375&idt=376&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90%2C791x90&correlator=4627021178289&frm=20&pv=1&ga_vid=547105668.1537748787&ga_sid=1537748787&ga_hid=1903787292&ga_fc=0&iag=0&icsg=2396866808119292&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=179&ady=874&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&fsb=1&xpc=u4PtmieMoq&p=http%3A//nstream.us&dtd=391
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://nstream.us/?p=59
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 24 Sep 2018 00:26:27 GMT
server
cafe
cache-control
private
content-length
4532
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUnFpN_Rgu3xzk4BhKRmUMz2VmgInrC5d--bHE6SCa03WwYRhzXQ_DLs6Il8; expires=Sat, 19-Oct-2019 00:26:27 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Mon, 24 Sep 2018 00:26:27 GMT
chunks.m3u8
sv1.videolive.site/live/lions/ 		424 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://sv1.videolive.site/live/lions/chunks.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9918 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abaf64a6f1911c5de466a5d60d9f7a5f5996d81d2fa47f888bc6062f7933e98

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59
Origin
http://nstream.us

Response headers

Date
Mon, 24 Sep 2018 00:26:27 GMT
Server
cloudflare
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
http://nstream.us
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
45f11ea3478a9700-FRA
Content-Length
424
ping.gif
jwpltx.com/v1/jwplayer6/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jwpltx.com/v1/jwplayer6/ping.gif?h=578733296&e=e&n=4023496850702206&aid=ZL6yBNVMEeSdwhJtO5t17w&at=1&c=-1&ccp=0&cp=0&d=0&eb=0&ed=3&emi=1o4m9cw1xsjl&i=0&lsa=fail&mt=0&pbd=1&pbr=1&pgi=1tkh3box34pj&ph=0&pii=0&pl=440&plc=1&pli=8weufk1e56mf&pp=hlsjs&prc=1&ps=3&pss=1&pt=Patriots%20vs%20Lions%20%7C%20NFL%20Week%203%20LIVE%20%7C%20New%20England%20Patriots%20at%20Detroit%20Lions%20%E2%80%93%20NSTREAM.US&pu=http%3A%2F%2Fnstream.us%2F%3Fp%3D59&pv=8.5.3&pyc=0&s=0&sdk=0&stc=1&tv=3.4.0&tvs=0&vb=1&vi=1&vl=90&wd=800&ab=0&cb=0&dd=1&fv=&ga=1&lng=en-US&mk=hls&mu=http%3A%2F%2Fsv1.videolive.site%2Flive%2Flions%2Fplaylist.m3u8&pbc=0&pd=2&pdr=&plt=950&po=0&r=0&sn=%5Bobject%20Object%5D&sp=0&st=430&vp=1&sa=1537748787849
Protocol
HTTP/1.1
Server
52.200.42.178 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-200-42-178.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 24 Sep 2018 00:26:27 GMT
Server
nginx
l_10_1025576_205.ts
sv1.videolive.site/live/lions/ 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://sv1.videolive.site/live/lions/l_10_1025576_205.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9918 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7d91341d223e3ae16b90919f0f8769902234d9a4ce7e55b8490945bb60b8840

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59
Origin
http://nstream.us

Response headers

Date
Mon, 24 Sep 2018 00:26:28 GMT
Server
cloudflare
Content-Type
video/m2ts
Access-Control-Allow-Origin
http://nstream.us
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
45f11ea580149700-FRA
Content-Length
2823008
2f5df291-ce19-467d-95a8-4311a204e8ae
http://nstream.us/ 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://nstream.us/2f5df291-ce19-467d-95a8-4311a204e8ae
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/provider.hlsjs.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e3bb632167a4357b45ce1667968a85ea10a9c90deb0300836850ca1ca168bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
63784
Content-Type
text/javascript
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.5.3/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ssl.p.jwpcdn.com/player/v/8.5.3/polyfills.webvtt.js
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.js
Protocol
HTTP/1.1
Server
2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FB0) /
Resource Hash
42eef606acbcd926aa08aba2358d74d64e807dc19f639e5c8ed08e0ae378eaed

Request headers

Referer
http://nstream.us/?p=59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 24 Sep 2018 00:26:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 19:11:49 GMT
Server
ECAcc (frc/8FB0)
Etag
"8a1c4a0a7981b1d07f75cb472117f56f+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Content-Length
4253
l_10_1031582_206.ts
sv1.videolive.site/live/lions/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://sv1.videolive.site/live/lions/l_10_1031582_206.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9918 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a47fe66edf072962c8a44c86f199da2591fa0a12e9e20cabae6919eb4911c71

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59
Origin
http://nstream.us

Response headers

Date
Mon, 24 Sep 2018 00:26:29 GMT
Server
cloudflare
Content-Type
video/m2ts
Access-Control-Allow-Origin
http://nstream.us
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
45f11eadf1dd9700-FRA
Content-Length
1457376
chunks.m3u8
sv1.videolive.site/live/lions/ 		425 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://sv1.videolive.site/live/lions/chunks.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:9918 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c3ebbd71612367ba5944e01c8b20904d56f8ec3aaa416ebdade75849e64be8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://nstream.us/?p=59
Origin
http://nstream.us

Response headers

Date
Mon, 24 Sep 2018 00:26:32 GMT
Server
cloudflare
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
http://nstream.us
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
45f11ec2862e9700-FRA
Content-Length
425

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| webpackJsonpjwplayer function| jwplayer object| adsbygoogle object| playerInstance_591 object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy object| Foundation object| twemoji object| wp function| _classCallCheck function| _createClass object| jQuery112404810148948942472 object| addComment function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired object| google_tag_data object| gaplugins object| sa object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| WebVTT

16 Cookies

Domain/Path Name / Value
.turn.com/ Name: pds
Value: 17798
.turn.com/ Name: pxs
Value: 172291738
.turn.com/ Name: fc
Value: F5QxeUi-x6lCS1aHFow6yxzrx7h3NBxthATJ5jGZMXfXRsIpSNaUao9WpW-RerI2vfBz5xDsVEqchMpjM7fNhcRt9r3n-k83EGO7UFIMDIs
.turn.com/ Name: uid
Value: 3408669851555732784
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: eIsZ7eqQq9w
.doubleclick.net/ Name: IDE
Value: AHWqTUnFpN_Rgu3xzk4BhKRmUMz2VmgInrC5d--bHE6SCa03WwYRhzXQ_DLs6Il8
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: h-lgS4NRi1I
.nstream.us/ Name: _gat_gtag_UA_97821370_1
Value: 1
presentation-ams1.turn.com/ Name: JSESSIONID
Value: 9D56CB894D8F2592BE6B5FFA615DA96D
.youtube.com/ Name: PREF
Value: f1=50000000
.nstream.us/ Name: _gid
Value: GA1.2.1716681705.1537748787
.nstream.us/ Name: __cfduid
Value: d804b5c1e0d9bdff863ab2e19d2e4a79a1537748786
.www.youtube.com/ Name: show-timestamps
Value: false
.nstream.us/ Name: _ga
Value: GA1.2.547105668.1537748787
.google.com/ Name: NID
Value: 139=xJ5TAoB4FJC9eudAQNAB_-Nny5OsSv-0xrvqeciWTv8OpSQmYUgFU6uXg3oMFKlNs624s1ZKxJ05QTSm5u6NEw6RAQ_YUeD6kVlEfWhiFbTgQobtwIjIK1xMTzN6uL_h

3 Console Messages

Source Level URL
Text
console-api log URL: http://nstream.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: http://ssl.p.jwpcdn.com/player/plugins/gapro/v/2.1.3/gapro.js(Line 1)
Message:
Could not find Google Analytics Interface.
console-api warning URL: http://ssl.p.jwpcdn.com/player/v/8.5.3/jwplayer.js(Line 10)
Message:
JW Player Error 301129. For more information see https://developer.jwplayer.com/jw-player/docs/developer-guide/api/errors-reference#301129

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
googleads.g.doubleclick.net
jwpltx.com
nstream.us
pagead2.googlesyndication.com
ssl.p.jwpcdn.com
sv1.videolive.site
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
2400:cb00:2048:1::681b:9918
2400:cb00:2048:1::681f:54f5
2400:cb00:2048:1::681f:55f5
2606:2800:233:9d9:186a:1821:7f8:93e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:815::2002
2a00:1450:4001:816::2008
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2002
52.200.42.178
027be998a0fc691bbd5106ab38affe8d6794ea6cd0816a015ff37c4c5e22b901
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
15c3ebbd71612367ba5944e01c8b20904d56f8ec3aaa416ebdade75849e64be8
18870576f7fc82fb2173fbfce069a2dec73fd1eb32f4edd86ece6b07d3f23f7a
1a47fe66edf072962c8a44c86f199da2591fa0a12e9e20cabae6919eb4911c71
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1e3bb632167a4357b45ce1667968a85ea10a9c90deb0300836850ca1ca168bb3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f43b22b2ca1e4e5640d8b3d0714741fd9474b0070e38cb0cccbaddbda16a05c
30186756d738c58ec2f0cbf13fe3383fd8eac7e692bc0dc5b5846a6a2cb502bd
42eef606acbcd926aa08aba2358d74d64e807dc19f639e5c8ed08e0ae378eaed
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4abaf64a6f1911c5de466a5d60d9f7a5f5996d81d2fa47f888bc6062f7933e98
4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073
5aea41a85ee90c5304f2969cadb8cc7f811e4d12601a30c68607e93c4096c759
69794ce83fd8097346ef16bc424cd88dbe20ac419727de786088f7ba186ffc68
7743b446a0f56676feedf24cbb4b8f08d0811ccb7b818560b820b967e33dbc5c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93c78194a68eb84f0b07a7bdddedb4cd5fd030a446604eabacd6a4854998d0af
9778467bb8930869e7f29d83d8ec51a3b79bd1d7c44c0fc046b24686decdd803
9bc80c3d919ebd636123daec1b17f9cdd0f17360a5459a5801fe324f3b3e7d70
a2b134dcb49cf4a572b3b5a609668e6b92dab88bdf52925e6a229b82040107ef
ae4812556a9ecc27dfce8bd963226ff135daaacf8bd2cc0e4a137dde870e96a7
b2dddd0fff7b8caa7b5ce8fbcce68bf6f6f23d8a3ed6f045ce35e8f9b173cf68
b64b3ebec7f63f6545e78c2d3cad2e7ee65d03d6fb0576d6601d47f1ca655cd2
c731e9c3c9a4c2ca4638fdaacacdf19ee9ab70ef6e88751ee5c0396d91de31db
ccc31da9a4dfa4e49590deed970f67f6e9350ad738194cd1e5a01ed5c7cf96b1
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500
d7d91341d223e3ae16b90919f0f8769902234d9a4ce7e55b8490945bb60b8840
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e09dca55e2b40338c00ab00511be4fea783302493c4236f43488ed8067633857
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
ef4154f7fd74083cfb16e920c48f832007b1eaa5c5bbae223eb901110eb258b3
f145c9a6773e51ff3e29eec0172a2fd9da779693590f92c455803ac0946ca25e
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
f5e4dd563714ea93303f87c6e24c7a1ccee3d51a1c38fed5a6e55b9bf05dab2d
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e