urlscan.io logo urlscan.io
SecurityTrails logo

nemsed.com Open in urlscan Pro
198.71.233.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nemsed.com/
Effective URL: https://nemsed.com/
Submission: On April 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 11 domains to perform 53 HTTP transactions. The main IP is 198.71.233.112, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is nemsed.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 14th 2023. Valid for: a year.
This is the only time nemsed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    198.71.233.112 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 112.233.71.198.host.secureserver.net
nemsed.com
7    162.159.135.45 (None, )

ASN13335 (CLOUDFLARENET, US)
8jb67b.a2cdn1.secureserver.net
5    23.44.237.219 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-237-219.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
6    2600:1901:0:2954:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
w3.mp.lura.live
1    2607:f8b0:4006:80f::2016 (Nutley, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2600:1901:0:cb53:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
access.mp.lura.live
2    2600:1901:0:7abc:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
tkx.mp.lura.live
2    2600:1400:d::1721:ee62 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
2    2607:f8b0:4006:809::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    35.190.23.39 (None, )

ASN- ()
dcs-vod.mp.lura.live
2    54.156.232.34 (None, )

ASN- ()
secure-us.imrworldwide.com
secure-dcr.imrworldwide.com
1    2607:f8b0:4006:820::2006 (None, )

ASN- ()
s0.2mdn.net
1    2607:f8b0:4006:81d::200e (None, )

ASN- ()
www.google-analytics.com
2    34.117.216.134 (None, )

ASN- ()
m104216-ucdn.mp.lura.live
1    151.101.66.133 (None, )

ASN- ()
segment.psg.nexstardigital.net
1    13.225.223.151 (None, )

ASN- ()
cdn.segment.com
3    2600:9000:210b:200:2:42d9:3100:93a1 (None, )

ASN- ()
cdn-gl.imrworldwide.com
10    69.16.175.10 (None, )

ASN- ()
h104216-kcdn.mp.lura.live
1    2600:9000:24f0:ea00:1d:667e:2a40:93a1 (None, )

ASN- ()
9tvmnmpmk7nnwucliikxtxzm2j0zb1680362387.nuid.imrworldwide.com
Apex Domain
Subdomains		 Transfer
22 lura.live
w3.mp.lura.live — Cisco Umbrella Rank: 12640
access.mp.lura.live — Cisco Umbrella Rank: 14695
tkx.mp.lura.live — Cisco Umbrella Rank: 13596
dcs-vod.mp.lura.live
m104216-ucdn.mp.lura.live
h104216-kcdn.mp.lura.live
2 MB
9 secureserver.net
8jb67b.a2cdn1.secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 14400
2 MB
8 nemsed.com
nemsed.com
169 KB
6 imrworldwide.com
secure-us.imrworldwide.com
cdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
9tvmnmpmk7nnwucliikxtxzm2j0zb1680362387.nuid.imrworldwide.com
69 KB
5 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 9709
img6.wsimg.com — Cisco Umbrella Rank: 12111
20 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 473
347 KB
1 segment.com
cdn.segment.com
55 KB
1 nexstardigital.net
segment.psg.nexstardigital.net
31 KB
1 google-analytics.com
www.google-analytics.com
20 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
11 KB
53 11
Domain Requested by
10 h104216-kcdn.mp.lura.live
8 nemsed.com 1 redirects 8jb67b.a2cdn1.secureserver.net
7 8jb67b.a2cdn1.secureserver.net nemsed.com
6 w3.mp.lura.live nemsed.com
w3.mp.lura.live
3 cdn-gl.imrworldwide.com secure-us.imrworldwide.com
cdn-gl.imrworldwide.com
3 img1.wsimg.com 3 redirects
2 m104216-ucdn.mp.lura.live
2 imasdk.googleapis.com w3.mp.lura.live
imasdk.googleapis.com
2 events.api.secureserver.net img1.wsimg.com
2 tkx.mp.lura.live w3.mp.lura.live
2 img6.wsimg.com nemsed.com
1 9tvmnmpmk7nnwucliikxtxzm2j0zb1680362387.nuid.imrworldwide.com
1 secure-dcr.imrworldwide.com
1 cdn.segment.com segment.psg.nexstardigital.net
1 segment.psg.nexstardigital.net w3.mp.lura.live
1 www.google-analytics.com w3.mp.lura.live
1 s0.2mdn.net imasdk.googleapis.com
1 secure-us.imrworldwide.com w3.mp.lura.live
1 dcs-vod.mp.lura.live w3.mp.lura.live
1 access.mp.lura.live w3.mp.lura.live
1 i.ytimg.com 8jb67b.a2cdn1.secureserver.net
53 21

This site contains links to these domains. Also see Links.

Domain
www.physicianbillpay.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
nemsed.com
Go Daddy Secure Certificate Authority - G2		 2023-02-14 -
2024-02-14		 a year crt.sh
*.a2cdn1.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-09-13 -
2023-10-15		 a year crt.sh
*.mp.lura.live
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-12-08		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-08-05 -
2023-09-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.psg.nexstardigital.net
R3		 2023-02-18 -
2023-05-19		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.nuid.imrworldwide.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-06-10		 4 months crt.sh

This page contains 4 frames:

Primary Page: https://nemsed.com/
Frame ID: 2DF8F5650552486CCBB1EC37F8F4860C
Requests: 25 HTTP requests in this frame

Frame: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6Ijc1NTc2MDQiLCJhbnZhY2siOiJwREtxTUx5RzlwVnFNa1NZUkpIV3UzWFJPakFsdlI2eiIsInNoYXJlTGluayI6Imh0dHBzOi8vd3d3Lnd0bmguY29tL29uLWFpci9nbWN0LWF0LW5pbmUvY2VsZWJyYXRpbmctbmF0aW9uYWwtZG9jdG9ycy1kYXkvIiwicGx1Z2lucyI6eyJjb21zY29yZSI6eyJjbGllbnRJZCI6IjYwMzY0MzkiLCJjMyI6Ind0bmguY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3dG5oLmNvbSIsIm5zX3N0X3N0Ijoid3RuaCIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyxOZXdzLENvbm5lY3RpY3V0LENUIFNUWUxFLE5ld3MiLCJjc191Y2ZyIjoiIn0sImFkIjp7ImMzIjoid3RuaC5jb20iLCJuc19zdF9zdCI6Ind0bmgiLCJuc19zdF9wdSI6Ik5leHN0YXIiLCJuc19zdF9nZSI6Ik5ld3MsTmV3cyxDb25uZWN0aWN1dCxDVCBTVFlMRSxOZXdzIiwiY3NfdWNmciI6IiJ9fX0sImRmcCI6eyJjbGllbnRTaWRlIjp7ImFkVGFnVXJsIjoiaHR0cHM6Ly9wdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ2FtcGFkL2Fkcz9zej0xeDEwMDAmaXU9LzU2NzgvbGluLnd0bmgvb25fYWlyL2dvb2RfbW9ybmluZ19jdF9hdF9uaW5lJmltcGw9cyZnZGZwX3JlcT0xJmVudj12cCZvdXRwdXQ9dm1hcCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmFkX3J1bGU9MSZkZXNjcmlwdGlvbl91cmw9aHR0cHM6Ly93d3cud3RuaC5jb20vb24tYWlyL2dtY3QtYXQtbmluZS9jZWxlYnJhdGluZy1uYXRpb25hbC1kb2N0b3JzLWRheS8mdmNvbnA9MiZwcGlkPTA3YWNmNWZlLWE1YmQtNGM3NC04NWJlLTdhZDM4NjE2MWNkYSZjdXN0X3BhcmFtcz12aWQlM0Q3NTU3NjA0JTI2Y21zaWQlM0QxMDg1MjgzJTI2cGlkJTNEMTA4NTI4MyUyNnBlcnNfY2lkJTNEbnhzLTEwMC1hcnRpY2xlLTEwODUyODMlMjZ2aWRjYXQlM0QlMkZvbl9haXIlMkZnb29kX21vcm5pbmdfY3RfYXRfbmluZSUyNmJvYl9jayUzRCU1QmJvYl9ja192YWwlNUQlMjZkX2NvZGUlM0QxJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNENTE3LjM0NCUyNnBsYXllcmhlaWdodCUzRDI5MSUyNnVwaWQlM0Q2NjkyNTIxMy0wNzI3LTRkMWItOWJlNS02ZDRiOTk2MjhhYTIlMjZwZXJtdXRpdmUlM0Q4NTIwMCUyQzg5MDU2JTJDODkwNzglMkM5MDgwNiUyQzkwODA3JTJDOTA4MDglMkM5MDgxNCUyQzk0MjU5JTJDOTQ1MDAlMkM5NDUwMSUyQzk4NzMyJTJDOTg3MzclMkM5ODgyMCUyQzk5ODQxJTJDOTk4NDIlMkM5OTg0NyUyQzk5ODUwJTI2YW16bmJpZCUzRHZfOHFtcnI0JTI2YW16bmlpZCUzREl0b0I1ZEFBQ3VIQjBPb3RrazAtNmxVQUFBRl8welZJcmdZQUFBMVNCTGU2eG1rJTI2YW16bnAlM0RoY2E2bTgiLCJ2cGFpZE1vZGUiOiJlbmFibGVkIn0sInNlcnZlclNpZGUiOnsicGFsX25vbmNlIjoiQVF6ekJHUUVQN2Ryem0wSlBlQjF1ekd3YjVUQnMweENlaVliMWw0UEtaTW1PUTRaWE9Zb1BkV002UGpuTldVZ1lTMXkyajZCX3d3TDlUOWEwcm10Z0FTM1lyLWRlc2x5c3V6TnJoa2lrd0pxdGgtOVhXOUd0UEN0czNMYnVKYzgzWnpWa1UyWVFJSFRUNXVOUzRXVHBrMEpOdDhLcS1vM3JYeHdMTVNwRjJDZVRXaERvSkdWVUJqdml0RXdDZGU3bUp6b01NVVZ6UWc0UXJZX3pUWGJyZW1pTXpib29yQWtTbm9DS2dQWFVQSmtITERYOEdiZHN6U1JRWEszVHNEMWxaS2FzVXJGMm5fci10Z3ZvaXFCb3lKZ2VjczZ3WTNYcVdpTzAyNHBHZmNheE1wZWdUa2s5Q0RieTgwdnk3Zk12M3J6V1ZuVVJMTXVFcUdiaEI0LUNWcE44QmpqVGM0eFY1VHIwZXdtVWRHdFNzbExWd0V2dzRtUkpDd3pZYWk1NUlYTDIwanZzY2cwMFpsNWNzaUN1Y1pVa1c0WERHTktFeTNSbVFUUFVBZW9LMGlfRFhEUjd5S2o0eFp2cVo2aXZDc1RscXdKSWRRX2w1V1NOa1ExRW1XOC1yUXRXa3pTc2g3QVd2c2V3QzhscjZURTZmWHNodVdFRndQOHc1a1QzVm5vSFc3dHltWHRWdnJXR09LT2NIOXFkT1lPMm5zYjdvR21BWXlyQlRvNGN1RXpJMzVmQm9rdm9zWkVYM1RZUF9xRFZ2SU5NY2NLaV9fb05tUjBxTjNRNkdjVFN2UkdiR2lBcjJLNDRsVFBqS1FJWmVEY1RsUEpSenNwSjRWRkZySUpLN1otMkhhYlVNelpFa2RZVEJQcFdtM3kxcVh2OC1XWV9JdXhxeVZWQVNtRUNVTFg1bWxwLV9NMFc4LV80XzFTUFJHODAybVRva3Z5RWNRcDZQUEdscURMUnp5dXg2YXI2THhlMi1LSHJ3Y1pYOENFUU5TSEVHTkJjbWRJdWY0TXJMaHpRemd1X2RHRFloZnhiRy1aZnEzT1JNTEY3NEF3NFhGeEdmQkhqTzdXYWFJQ3FwY3NPQ0V2T1pmVVRhUEVxSkdnMmhrWVJNLVJzblBhZjVsX3dFMURWN3pUcGVjNkNEcU9wang2VnctMU9kU1M2VXJGS0JDeDFWdDlmWkQ4WDBiVHh6eDBGSWVWYW9wazJtSkxZeWVYckFkWmhxZHViSDNfaFdxLXJaZXBVY2V4Q214M29Sb1k0TGhEcFYyMDVmNDVQMDVJcm9MeElNYVhMR25PLWRscGk1eEhtTW1ESDJHUDdPcTZTcEZoMXhLZkdSZlZEY0F3N19kcDB6RXkxb2t6ZGUtcFVCbFFEbUJiUDJMSldhbjJINm15anowX3dOM3JPbHZvcGt5QkhUbHlJbUFqMnJPRjRGeUpBOThpQ1RQNDRTbnpUb1RfSkJCTmhBNWktMFNTdHFxQzVDZlVWQWNCWmtXeTZPVElPTVBwMDZyNkZ5T3NjaGFCVm1CbXFVQ2JtSEF1OFpXWVBjRnV6aXZyWmVaMG11M0tjbkVsZmJPa0E1TWEyalVuZEtGYWRnLi4ifX0sIm5pZWxzZW4iOnsiYXBpZCI6IlBEN0REQTkxQS0wNzU4LTREQ0UtQUY0Qy1FMTk5REZCNjU1MTgiLCJzZmNvZGUiOiJkY3IiLCJ0eXBlIjoiZGNyIiwiYXBuIjoiQW52YXRvIiwiZW52aXJvbm1lbnQiOiJwcm9kdWN0aW9uIiwidXNlRGVyaXZlZE1ldGFkYXRhIjp0cnVlLCJtYXBwaW5nIjp7ImFkbG9hZHR5cGUiOjIsImFkTW9kZWwiOjJ9LCJvcHRPdXQiOmZhbHNlfSwic2VnbWVudEN1c3RvbSI6eyJzY3JpcHQiOiJodHRwczovL3NlZ21lbnQucHNnLm5leHN0YXJkaWdpdGFsLm5ldC9hbnZhdG8uanMiLCJ3cml0ZUtleSI6Im9xSDhXY3R3SHgyT1NPbTRZN0UyRjFKc0xMQ1NYRWRSIiwicGx1Z2luc0xvYWRpbmdUaW1lb3V0IjoxMn0sImdvb2dsZUFuYWx5dGljcyI6eyJ0cmFja2luZ0lkIjoiVUEtMzI1MDczNjgtMTYiLCJldmVudHMiOnsiQURfU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLUFkIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1NUQVJURUQiOnsiYWxpYXMiOiJWaWRlby1QbGF5IiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0ZJUlNUX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tMjUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX01JRF9QT0lOVCI6eyJhbGlhcyI6IlZpZGVvLTUwJSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJWSURFT19USElSRF9RVUFSVElMRSI6eyJhbGlhcyI6IlZpZGVvLTc1JSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJWSURFT19DT01QTEVURUQiOnsiYWxpYXMiOiJWaWRlby0xMDAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUEFVU0UiOnsiYWxpYXMiOiJQYXVzZSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJVU0VSX1JFU1VNRSI6eyJhbGlhcyI6IlJlc3VtZSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9fX0sInBhbCI6eyJwcGlkIjoiMDdhY2Y1ZmUtYTViZC00Yzc0LTg1YmUtN2FkMzg2MTYxY2RhIiwiZGVzY3JpcHRpb25VcmwiOiJodHRwcyUzQSUyRiUyRnd3dy53dG5oLmNvbSUyRm9uLWFpciUyRmdtY3QtYXQtbmluZSUyRmNlbGVicmF0aW5nLW5hdGlvbmFsLWRvY3RvcnMtZGF5JTJGIiwibGlicmFyeVJlcXVlc3RlZCI6dHJ1ZSwicEluc3RhbmNlIjoicDcwIn19LCJodG1sNSI6dHJ1ZSwidG9rZW4iOiJleUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpJVXpJMU5pSjkuZXlKMmFXUWlPaUkzTlRVM05qQTBJaXdpYVhOeklqb2ljRVJMY1UxTWVVYzVjRlp4VFd0VFdWSktTRmQxTTFoU1QycEJiSFpTTm5vaUxDSmxlSEFpT2pFMk5EZzFNVGsxTWpWOS5zdk5ZdXlSckZIYmtWX1VvSXpwNDBiLWxlRGtsVHpvTlljcGJwc2N0YTVzIn0%3D
Frame ID: 99DA757458E7283E5663502DB5463446
Requests: 32 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Frame ID: 0E8D72356732C73AA050068F134AFF86
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 64C5CEE6BF4DF12E284E6D1DD81B9D2D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Northeast Emergency Medicine Specialists

Page URL History Show full URLs

  1. http://nemsed.com/ HTTP 308
    https://nemsed.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

96 %
HTTPS

53 %
IPv6

11
Domains

21
Subdomains

20
IPs

2
Countries

4308 kB
Transfer

8435 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nemsed.com/ HTTP 308
    https://nemsed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Request Chain 6
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nemsed.com/
Redirect Chain
  • http://nemsed.com/
  • https://nemsed.com/
132 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nemsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.112 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
112.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
d4d9c15ccb4f0c0ff91df052f4429aa65c3a6095eb9854a8a196db0b16bb83b0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
50921
content-encoding
gzip
content-length
20439
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 15:19:36 GMT
server
openresty
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-backend
local
x-cache
cached
x-cache-hit
HIT
x-cacheable
YES:Forced
x-cacheproxy-retries
0/2
x-content-type-options
nosniff
x-fawn-proc-count
1,0,24
x-php-version
8.1
x-xss-protection
1; mode=block

Redirect headers

Content-Length
55
Content-Type
text/html; charset=utf-8
Date
Sat, 01 Apr 2023 15:19:35 GMT
Location
https://nemsed.com/
classic-themes.min.css
8jb67b.a2cdn1.secureserver.net/wp-includes/css/ 		217 B
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://8jb67b.a2cdn1.secureserver.net/wp-includes/css/classic-themes.min.css?ver=1&time=1680134751
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:36 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 22 Mar 2023 09:12:23 GMT
x-php-version
8.1
server
cloudflare
etag
W/"d9-5f7798ed7224e;5d2ad4d05d744
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7b11cfb7c8d5dad5-MIA
expires
Tue, 02 May 2023 15:19:36 GMT
c85c4355a05a62009990affb178a5c95.min.css
8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/ 		805 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/c85c4355a05a62009990affb178a5c95.min.css?ver=3.6&time=1680134751
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9d64a3e02e7e7340425d10147df69a1ad7373723855ff50b2adbeb343a7623
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 Mar 2023 08:51:12 GMT
x-php-version
8.1
server
cloudflare
etag
W/"c94a8-5f78d60ed5ae2-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7b11cfb7c8d9dad5-MIA
expires
Tue, 02 May 2023 15:19:36 GMT
NEMS-Logo-1.png
8jb67b.a2cdn1.secureserver.net/wp-content/uploads/2021/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/2021/12/NEMS-Logo-1.png
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd9d2261cddb158e75392491f2e862ecd383d27f23acd9362613aa458f04896
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
cf-cache-status
HIT
cf-polished
origSize=9244
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6084
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Dec 2021 10:46:41 GMT
server
cloudflare
x-php-version
8.1
etag
"241c-5d2dc8e0a7e97"
vary
Accept-Encoding
content-type
image/png
x-cache-hit
HIT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7b11cfb95e8831e6-MIA
expires
Tue, 02 May 2023 15:19:37 GMT
jquery.min.js
8jb67b.a2cdn1.secureserver.net/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8jb67b.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1&time=1680134751
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 22 Mar 2023 09:12:23 GMT
x-php-version
8.1
server
cloudflare
etag
W/"15e54-5f7798ee48bed;5d2ad4d05d744
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7b11cfb849c1dad5-MIA
expires
Tue, 02 May 2023 15:19:37 GMT
b44353f673393af039b7cd3d4646636c.min.js
8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-scripts/ 		304 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-scripts/b44353f673393af039b7cd3d4646636c.min.js?ver=3.6&time=1680134751
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c441b6f8485c2df02500becba1540538e275efade6665df441a3cbb65cb795
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 18:54:48 GMT
x-php-version
8.1
server
cloudflare
etag
W/"4bed1-5f5c72136290b-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7b11cfb93e5731e6-MIA
expires
Tue, 02 May 2023 15:19:37 GMT
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H2
Server
23.44.237.219 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding
br
date
Sat, 01 Apr 2023 15:19:38 GMT
x-amz-request-id
FZQ5XQJYPDZ32GN8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466767_388820439_165301256_25_1448_66_0";dur=1
content-length
11347
x-amz-id-2
DOC+6LtbqC+72gipIFf2A3wOz0qq4C+f6IbzQz8UUrJZ6RABpzn3V65SAj4RbiJDZB/NQj39MYM=
last-modified
Tue, 29 Nov 2022 21:46:07 GMT
etag
"5c3e20ad749ddb088afc84b1b7ff009e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin
*
date
Sat, 01 Apr 2023 15:19:37 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Sat, 01 Apr 2023 15:49:37 GMT
tti.min.js
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H2
Server
23.44.237.219 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
148
x-amz-version-id
F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding
br
date
Sat, 01 Apr 2023 15:19:37 GMT
x-amz-request-id
836GEDG87AEEPZ3V
x-edgeconnect-midmile-rtt
1
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466767_388820439_165301002_21_1600_69_0";dur=1
content-length
7498
x-amz-id-2
1p573ITy0o0T0ufkOZkP/+OCkgNr0sxd/pCUSQaWmdftOrsA/CN9I7heKTs2+rnywAcwGtmX76o=
last-modified
Tue, 18 Jan 2022 02:54:27 GMT
etag
"ce554d2333f3801abafb32da18213ff7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
access-control-allow-origin
*
date
Sat, 01 Apr 2023 15:19:37 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Sat, 01 Apr 2023 15:49:37 GMT
anvload.html
w3.mp.lura.live/player/prod/v3/ Frame 99DA 		562 B
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6Ijc1NTc2MDQiLCJhbnZhY2siOiJwREtxTUx5RzlwVnFNa1NZUkpIV3UzWFJPakFsdlI2eiIsInNoYXJlTGluayI6Imh0dHBzOi8vd3d3Lnd0bmguY29tL29uLWFpci9nbWN0LWF0LW5pbmUvY2VsZWJyYXRpbmctbmF0aW9uYWwtZG9jdG9ycy1kYXkvIiwicGx1Z2lucyI6eyJjb21zY29yZSI6eyJjbGllbnRJZCI6IjYwMzY0MzkiLCJjMyI6Ind0bmguY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3dG5oLmNvbSIsIm5zX3N0X3N0Ijoid3RuaCIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyxOZXdzLENvbm5lY3RpY3V0LENUIFNUWUxFLE5ld3MiLCJjc191Y2ZyIjoiIn0sImFkIjp7ImMzIjoid3RuaC5jb20iLCJuc19zdF9zdCI6Ind0bmgiLCJuc19zdF9wdSI6Ik5leHN0YXIiLCJuc19zdF9nZSI6Ik5ld3MsTmV3cyxDb25uZWN0aWN1dCxDVCBTVFlMRSxOZXdzIiwiY3NfdWNmciI6IiJ9fX0sImRmcCI6eyJjbGllbnRTaWRlIjp7ImFkVGFnVXJsIjoiaHR0cHM6Ly9wdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ2FtcGFkL2Fkcz9zej0xeDEwMDAmaXU9LzU2NzgvbGluLnd0bmgvb25fYWlyL2dvb2RfbW9ybmluZ19jdF9hdF9uaW5lJmltcGw9cyZnZGZwX3JlcT0xJmVudj12cCZvdXRwdXQ9dm1hcCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmFkX3J1bGU9MSZkZXNjcmlwdGlvbl91cmw9aHR0cHM6Ly93d3cud3RuaC5jb20vb24tYWlyL2dtY3QtYXQtbmluZS9jZWxlYnJhdGluZy1uYXRpb25hbC1kb2N0b3JzLWRheS8mdmNvbnA9MiZwcGlkPTA3YWNmNWZlLWE1YmQtNGM3NC04NWJlLTdhZDM4NjE2MWNkYSZjdXN0X3BhcmFtcz12aWQlM0Q3NTU3NjA0JTI2Y21zaWQlM0QxMDg1MjgzJTI2cGlkJTNEMTA4NTI4MyUyNnBlcnNfY2lkJTNEbnhzLTEwMC1hcnRpY2xlLTEwODUyODMlMjZ2aWRjYXQlM0QlMkZvbl9haXIlMkZnb29kX21vcm5pbmdfY3RfYXRfbmluZSUyNmJvYl9jayUzRCU1QmJvYl9ja192YWwlNUQlMjZkX2NvZGUlM0QxJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNENTE3LjM0NCUyNnBsYXllcmhlaWdodCUzRDI5MSUyNnVwaWQlM0Q2NjkyNTIxMy0wNzI3LTRkMWItOWJlNS02ZDRiOTk2MjhhYTIlMjZwZXJtdXRpdmUlM0Q4NTIwMCUyQzg5MDU2JTJDODkwNzglMkM5MDgwNiUyQzkwODA3JTJDOTA4MDglMkM5MDgxNCUyQzk0MjU5JTJDOTQ1MDAlMkM5NDUwMSUyQzk4NzMyJTJDOTg3MzclMkM5ODgyMCUyQzk5ODQxJTJDOTk4NDIlMkM5OTg0NyUyQzk5ODUwJTI2YW16bmJpZCUzRHZfOHFtcnI0JTI2YW16bmlpZCUzREl0b0I1ZEFBQ3VIQjBPb3RrazAtNmxVQUFBRl8welZJcmdZQUFBMVNCTGU2eG1rJTI2YW16bnAlM0RoY2E2bTgiLCJ2cGFpZE1vZGUiOiJlbmFibGVkIn0sInNlcnZlclNpZGUiOnsicGFsX25vbmNlIjoiQVF6ekJHUUVQN2Ryem0wSlBlQjF1ekd3YjVUQnMweENlaVliMWw0UEtaTW1PUTRaWE9Zb1BkV002UGpuTldVZ1lTMXkyajZCX3d3TDlUOWEwcm10Z0FTM1lyLWRlc2x5c3V6TnJoa2lrd0pxdGgtOVhXOUd0UEN0czNMYnVKYzgzWnpWa1UyWVFJSFRUNXVOUzRXVHBrMEpOdDhLcS1vM3JYeHdMTVNwRjJDZVRXaERvSkdWVUJqdml0RXdDZGU3bUp6b01NVVZ6UWc0UXJZX3pUWGJyZW1pTXpib29yQWtTbm9DS2dQWFVQSmtITERYOEdiZHN6U1JRWEszVHNEMWxaS2FzVXJGMm5fci10Z3ZvaXFCb3lKZ2VjczZ3WTNYcVdpTzAyNHBHZmNheE1wZWdUa2s5Q0RieTgwdnk3Zk12M3J6V1ZuVVJMTXVFcUdiaEI0LUNWcE44QmpqVGM0eFY1VHIwZXdtVWRHdFNzbExWd0V2dzRtUkpDd3pZYWk1NUlYTDIwanZzY2cwMFpsNWNzaUN1Y1pVa1c0WERHTktFeTNSbVFUUFVBZW9LMGlfRFhEUjd5S2o0eFp2cVo2aXZDc1RscXdKSWRRX2w1V1NOa1ExRW1XOC1yUXRXa3pTc2g3QVd2c2V3QzhscjZURTZmWHNodVdFRndQOHc1a1QzVm5vSFc3dHltWHRWdnJXR09LT2NIOXFkT1lPMm5zYjdvR21BWXlyQlRvNGN1RXpJMzVmQm9rdm9zWkVYM1RZUF9xRFZ2SU5NY2NLaV9fb05tUjBxTjNRNkdjVFN2UkdiR2lBcjJLNDRsVFBqS1FJWmVEY1RsUEpSenNwSjRWRkZySUpLN1otMkhhYlVNelpFa2RZVEJQcFdtM3kxcVh2OC1XWV9JdXhxeVZWQVNtRUNVTFg1bWxwLV9NMFc4LV80XzFTUFJHODAybVRva3Z5RWNRcDZQUEdscURMUnp5dXg2YXI2THhlMi1LSHJ3Y1pYOENFUU5TSEVHTkJjbWRJdWY0TXJMaHpRemd1X2RHRFloZnhiRy1aZnEzT1JNTEY3NEF3NFhGeEdmQkhqTzdXYWFJQ3FwY3NPQ0V2T1pmVVRhUEVxSkdnMmhrWVJNLVJzblBhZjVsX3dFMURWN3pUcGVjNkNEcU9wang2VnctMU9kU1M2VXJGS0JDeDFWdDlmWkQ4WDBiVHh6eDBGSWVWYW9wazJtSkxZeWVYckFkWmhxZHViSDNfaFdxLXJaZXBVY2V4Q214M29Sb1k0TGhEcFYyMDVmNDVQMDVJcm9MeElNYVhMR25PLWRscGk1eEhtTW1ESDJHUDdPcTZTcEZoMXhLZkdSZlZEY0F3N19kcDB6RXkxb2t6ZGUtcFVCbFFEbUJiUDJMSldhbjJINm15anowX3dOM3JPbHZvcGt5QkhUbHlJbUFqMnJPRjRGeUpBOThpQ1RQNDRTbnpUb1RfSkJCTmhBNWktMFNTdHFxQzVDZlVWQWNCWmtXeTZPVElPTVBwMDZyNkZ5T3NjaGFCVm1CbXFVQ2JtSEF1OFpXWVBjRnV6aXZyWmVaMG11M0tjbkVsZmJPa0E1TWEyalVuZEtGYWRnLi4ifX0sIm5pZWxzZW4iOnsiYXBpZCI6IlBEN0REQTkxQS0wNzU4LTREQ0UtQUY0Qy1FMTk5REZCNjU1MTgiLCJzZmNvZGUiOiJkY3IiLCJ0eXBlIjoiZGNyIiwiYXBuIjoiQW52YXRvIiwiZW52aXJvbm1lbnQiOiJwcm9kdWN0aW9uIiwidXNlRGVyaXZlZE1ldGFkYXRhIjp0cnVlLCJtYXBwaW5nIjp7ImFkbG9hZHR5cGUiOjIsImFkTW9kZWwiOjJ9LCJvcHRPdXQiOmZhbHNlfSwic2VnbWVudEN1c3RvbSI6eyJzY3JpcHQiOiJodHRwczovL3NlZ21lbnQucHNnLm5leHN0YXJkaWdpdGFsLm5ldC9hbnZhdG8uanMiLCJ3cml0ZUtleSI6Im9xSDhXY3R3SHgyT1NPbTRZN0UyRjFKc0xMQ1NYRWRSIiwicGx1Z2luc0xvYWRpbmdUaW1lb3V0IjoxMn0sImdvb2dsZUFuYWx5dGljcyI6eyJ0cmFja2luZ0lkIjoiVUEtMzI1MDczNjgtMTYiLCJldmVudHMiOnsiQURfU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLUFkIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1NUQVJURUQiOnsiYWxpYXMiOiJWaWRlby1QbGF5IiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0ZJUlNUX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tMjUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX01JRF9QT0lOVCI6eyJhbGlhcyI6IlZpZGVvLTUwJSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJWSURFT19USElSRF9RVUFSVElMRSI6eyJhbGlhcyI6IlZpZGVvLTc1JSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJWSURFT19DT01QTEVURUQiOnsiYWxpYXMiOiJWaWRlby0xMDAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUEFVU0UiOnsiYWxpYXMiOiJQYXVzZSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJVU0VSX1JFU1VNRSI6eyJhbGlhcyI6IlJlc3VtZSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9fX0sInBhbCI6eyJwcGlkIjoiMDdhY2Y1ZmUtYTViZC00Yzc0LTg1YmUtN2FkMzg2MTYxY2RhIiwiZGVzY3JpcHRpb25VcmwiOiJodHRwcyUzQSUyRiUyRnd3dy53dG5oLmNvbSUyRm9uLWFpciUyRmdtY3QtYXQtbmluZSUyRmNlbGVicmF0aW5nLW5hdGlvbmFsLWRvY3RvcnMtZGF5JTJGIiwibGlicmFyeVJlcXVlc3RlZCI6dHJ1ZSwicEluc3RhbmNlIjoicDcwIn19LCJodG1sNSI6dHJ1ZSwidG9rZW4iOiJleUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpJVXpJMU5pSjkuZXlKMmFXUWlPaUkzTlRVM05qQTBJaXdpYVhOeklqb2ljRVJMY1UxTWVVYzVjRlp4VFd0VFdWSktTRmQxTTFoU1QycEJiSFpTTm5vaUxDSmxlSEFpT2pFMk5EZzFNVGsxTWpWOS5zdk5ZdXlSckZIYmtWX1VvSXpwNDBiLWxlRGtsVHpvTlljcGJwc2N0YTVzIn0%3D
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2954:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
789c6f081d2f9e3e635192bb087967e078b7f9952e8214c4e747f7ecc51680f7

Request headers

Referer
https://nemsed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
31
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=14400
content-encoding
gzip
content-length
292
content-type
text/html
date
Sat, 01 Apr 2023 15:19:06 GMT
etag
"9b18b22469021c876b39921399a606b8"
last-modified
Wed, 29 Mar 2023 20:38:57 GMT
server
UploadServer
vary
Accept-Encoding
via
1.1 google
x-goog-generation
1655305060197192
x-goog-hash
crc32c=SZOECA== md5=mxiyJGkCHIdrOZITmaYGuA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
292
x-guploader-uploadid
ADPycdsltfh-32sNsHV9G5LPwR8rTdpQRLoWd8FDpxVdLpL7iLY8_Nipg7ng9XnBnTzd-o_v2fs7kN8aTn6v_SjXDSz1bw
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72b18f05410d8e85acfc7f1e91d62ddc60ce0b53726b3d5a7efb8332dbd91298

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
nemsed.com/wp-content/uploads/fusion-gfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nemsed.com/wp-content/uploads/fusion-gfonts/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: 8jb67b.a2cdn1.secureserver.net
URL: https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/c85c4355a05a62009990affb178a5c95.min.css?ver=3.6&time=1680134751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.112 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
112.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8jb67b.a2cdn1.secureserver.net/
Origin
https://nemsed.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
223648
x-cache
cached
x-cacheproxy-retries
0/2
content-length
12956
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 18:54:47 GMT
server
openresty
x-php-version
8.1
etag
"329c-5f5c7212c2a6f"
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
nemsed.com/wp-content/uploads/fusion-gfonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nemsed.com/wp-content/uploads/fusion-gfonts/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: 8jb67b.a2cdn1.secureserver.net
URL: https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/c85c4355a05a62009990affb178a5c95.min.css?ver=3.6&time=1680134751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.112 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
112.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8jb67b.a2cdn1.secureserver.net/
Origin
https://nemsed.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
223648
x-cache
cached
x-cacheproxy-retries
0/2
content-length
12708
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 18:54:46 GMT
server
openresty
x-php-version
8.1
etag
"31a4-5f5c721238b64"
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
nemsed.com/wp-content/uploads/fusion-gfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nemsed.com/wp-content/uploads/fusion-gfonts/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: 8jb67b.a2cdn1.secureserver.net
URL: https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/c85c4355a05a62009990affb178a5c95.min.css?ver=3.6&time=1680134751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.112 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
112.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8jb67b.a2cdn1.secureserver.net/
Origin
https://nemsed.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
223648
x-cache
cached
x-cacheproxy-retries
0/2
content-length
13036
x-xss-protection
1; mode=block
last-modified
Tue, 28 Feb 2023 18:54:47 GMT
server
openresty
x-php-version
8.1
etag
"32ec-5f5c7212f85d1"
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
truncated
/ 		145 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
546164bb39002066b4dd5963d16fe6eead15ca2a42fe62707c27565749e30486

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		136 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ef2a35003283f4e78dde3a71d04f8d1e86dcbb75e2f9edb3012229724eef0df

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3fd502e5c5fb61dfc8ebf150b5e116a39bac906b27d8b903ffcb0bacc1490b6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ad56c78d1428429941c35bc320c01d044f662e0bb43a7582c6025de77765314

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
awb-icons.woff
nemsed.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nemsed.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: 8jb67b.a2cdn1.secureserver.net
URL: https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/c85c4355a05a62009990affb178a5c95.min.css?ver=3.6&time=1680134751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.112 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
112.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
fcbb0a6bc275d69c281c0f174ff76928e5ea3e15c9ff945cba114ae7e502930b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8jb67b.a2cdn1.secureserver.net/
Origin
https://nemsed.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
223648
x-cache
cached
x-cacheproxy-retries
0/2
content-length
19164
x-xss-protection
1; mode=block
last-modified
Thu, 16 Dec 2021 21:01:33 GMT
server
openresty
x-php-version
8.1
etag
"4adc-5d349ba2e6a1c"
content-type
font/woff
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
fa-solid-900.woff2
nemsed.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nemsed.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: 8jb67b.a2cdn1.secureserver.net
URL: https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/c85c4355a05a62009990affb178a5c95.min.css?ver=3.6&time=1680134751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.112 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
112.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8jb67b.a2cdn1.secureserver.net/
Origin
https://nemsed.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
223648
x-cache
cached
x-cacheproxy-retries
0/2
content-length
78212
x-xss-protection
1; mode=block
last-modified
Thu, 16 Dec 2021 21:01:33 GMT
server
openresty
x-php-version
8.1
etag
"13184-5d349ba2cb065"
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
fa-regular-400.woff2
nemsed.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nemsed.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: 8jb67b.a2cdn1.secureserver.net
URL: https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/c85c4355a05a62009990affb178a5c95.min.css?ver=3.6&time=1680134751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.112 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
112.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8jb67b.a2cdn1.secureserver.net/
Origin
https://nemsed.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
223648
x-cache
cached
x-cacheproxy-retries
0/2
content-length
13264
x-xss-protection
1; mode=block
last-modified
Thu, 16 Dec 2021 21:01:33 GMT
server
openresty
x-php-version
8.1
etag
"33d0-5d349ba2d9571"
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
anvplayer.min.js
w3.mp.lura.live/player/prod/v3/11b37c58/scripts/ Frame 99DA 		2 MB
703 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6Ijc1NTc2MDQiLCJhbnZhY2siOiJwREtxTUx5RzlwVnFNa1NZUkpIV3UzWFJPakFsdlI2eiIsInNoYXJlTGluayI6Imh0dHBzOi8vd3d3Lnd0bmguY29tL29uLWFpci9nbWN0LWF0LW5pbmUvY2VsZWJyYXRpbmctbmF0aW9uYWwtZG9jdG9ycy1kYXkvIiwicGx1Z2lucyI6eyJjb21zY29yZSI6eyJjbGllbnRJZCI6IjYwMzY0MzkiLCJjMyI6Ind0bmguY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3dG5oLmNvbSIsIm5zX3N0X3N0Ijoid3RuaCIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyxOZXdzLENvbm5lY3RpY3V0LENUIFNUWUxFLE5ld3MiLCJjc191Y2ZyIjoiIn0sImFkIjp7ImMzIjoid3RuaC5jb20iLCJuc19zdF9zdCI6Ind0bmgiLCJuc19zdF9wdSI6Ik5leHN0YXIiLCJuc19zdF9nZSI6Ik5ld3MsTmV3cyxDb25uZWN0aWN1dCxDVCBTVFlMRSxOZXdzIiwiY3NfdWNmciI6IiJ9fX0sImRmcCI6eyJjbGllbnRTaWRlIjp7ImFkVGFnVXJsIjoiaHR0cHM6Ly9wdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ2FtcGFkL2Fkcz9zej0xeDEwMDAmaXU9LzU2NzgvbGluLnd0bmgvb25fYWlyL2dvb2RfbW9ybmluZ19jdF9hdF9uaW5lJmltcGw9cyZnZGZwX3JlcT0xJmVudj12cCZvdXRwdXQ9dm1hcCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmFkX3J1bGU9MSZkZXNjcmlwdGlvbl91cmw9aHR0cHM6Ly93d3cud3RuaC5jb20vb24tYWlyL2dtY3QtYXQtbmluZS9jZWxlYnJhdGluZy1uYXRpb25hbC1kb2N0b3JzLWRheS8mdmNvbnA9MiZwcGlkPTA3YWNmNWZlLWE1YmQtNGM3NC04NWJlLTdhZDM4NjE2MWNkYSZjdXN0X3BhcmFtcz12aWQlM0Q3NTU3NjA0JTI2Y21zaWQlM0QxMDg1MjgzJTI2cGlkJTNEMTA4NTI4MyUyNnBlcnNfY2lkJTNEbnhzLTEwMC1hcnRpY2xlLTEwODUyODMlMjZ2aWRjYXQlM0QlMkZvbl9haXIlMkZnb29kX21vcm5pbmdfY3RfYXRfbmluZSUyNmJvYl9jayUzRCU1QmJvYl9ja192YWwlNUQlMjZkX2NvZGUlM0QxJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNENTE3LjM0NCUyNnBsYXllcmhlaWdodCUzRDI5MSUyNnVwaWQlM0Q2NjkyNTIxMy0wNzI3LTRkMWItOWJlNS02ZDRiOTk2MjhhYTIlMjZwZXJtdXRpdmUlM0Q4NTIwMCUyQzg5MDU2JTJDODkwNzglMkM5MDgwNiUyQzkwODA3JTJDOTA4MDglMkM5MDgxNCUyQzk0MjU5JTJDOTQ1MDAlMkM5NDUwMSUyQzk4NzMyJTJDOTg3MzclMkM5ODgyMCUyQzk5ODQxJTJDOTk4NDIlMkM5OTg0NyUyQzk5ODUwJTI2YW16bmJpZCUzRHZfOHFtcnI0JTI2YW16bmlpZCUzREl0b0I1ZEFBQ3VIQjBPb3RrazAtNmxVQUFBRl8welZJcmdZQUFBMVNCTGU2eG1rJTI2YW16bnAlM0RoY2E2bTgiLCJ2cGFpZE1vZGUiOiJlbmFibGVkIn0sInNlcnZlclNpZGUiOnsicGFsX25vbmNlIjoiQVF6ekJHUUVQN2Ryem0wSlBlQjF1ekd3YjVUQnMweENlaVliMWw0UEtaTW1PUTRaWE9Zb1BkV002UGpuTldVZ1lTMXkyajZCX3d3TDlUOWEwcm10Z0FTM1lyLWRlc2x5c3V6TnJoa2lrd0pxdGgtOVhXOUd0UEN0czNMYnVKYzgzWnpWa1UyWVFJSFRUNXVOUzRXVHBrMEpOdDhLcS1vM3JYeHdMTVNwRjJDZVRXaERvSkdWVUJqdml0RXdDZGU3bUp6b01NVVZ6UWc0UXJZX3pUWGJyZW1pTXpib29yQWtTbm9DS2dQWFVQSmtITERYOEdiZHN6U1JRWEszVHNEMWxaS2FzVXJGMm5fci10Z3ZvaXFCb3lKZ2VjczZ3WTNYcVdpTzAyNHBHZmNheE1wZWdUa2s5Q0RieTgwdnk3Zk12M3J6V1ZuVVJMTXVFcUdiaEI0LUNWcE44QmpqVGM0eFY1VHIwZXdtVWRHdFNzbExWd0V2dzRtUkpDd3pZYWk1NUlYTDIwanZzY2cwMFpsNWNzaUN1Y1pVa1c0WERHTktFeTNSbVFUUFVBZW9LMGlfRFhEUjd5S2o0eFp2cVo2aXZDc1RscXdKSWRRX2w1V1NOa1ExRW1XOC1yUXRXa3pTc2g3QVd2c2V3QzhscjZURTZmWHNodVdFRndQOHc1a1QzVm5vSFc3dHltWHRWdnJXR09LT2NIOXFkT1lPMm5zYjdvR21BWXlyQlRvNGN1RXpJMzVmQm9rdm9zWkVYM1RZUF9xRFZ2SU5NY2NLaV9fb05tUjBxTjNRNkdjVFN2UkdiR2lBcjJLNDRsVFBqS1FJWmVEY1RsUEpSenNwSjRWRkZySUpLN1otMkhhYlVNelpFa2RZVEJQcFdtM3kxcVh2OC1XWV9JdXhxeVZWQVNtRUNVTFg1bWxwLV9NMFc4LV80XzFTUFJHODAybVRva3Z5RWNRcDZQUEdscURMUnp5dXg2YXI2THhlMi1LSHJ3Y1pYOENFUU5TSEVHTkJjbWRJdWY0TXJMaHpRemd1X2RHRFloZnhiRy1aZnEzT1JNTEY3NEF3NFhGeEdmQkhqTzdXYWFJQ3FwY3NPQ0V2T1pmVVRhUEVxSkdnMmhrWVJNLVJzblBhZjVsX3dFMURWN3pUcGVjNkNEcU9wang2VnctMU9kU1M2VXJGS0JDeDFWdDlmWkQ4WDBiVHh6eDBGSWVWYW9wazJtSkxZeWVYckFkWmhxZHViSDNfaFdxLXJaZXBVY2V4Q214M29Sb1k0TGhEcFYyMDVmNDVQMDVJcm9MeElNYVhMR25PLWRscGk1eEhtTW1ESDJHUDdPcTZTcEZoMXhLZkdSZlZEY0F3N19kcDB6RXkxb2t6ZGUtcFVCbFFEbUJiUDJMSldhbjJINm15anowX3dOM3JPbHZvcGt5QkhUbHlJbUFqMnJPRjRGeUpBOThpQ1RQNDRTbnpUb1RfSkJCTmhBNWktMFNTdHFxQzVDZlVWQWNCWmtXeTZPVElPTVBwMDZyNkZ5T3NjaGFCVm1CbXFVQ2JtSEF1OFpXWVBjRnV6aXZyWmVaMG11M0tjbkVsZmJPa0E1TWEyalVuZEtGYWRnLi4ifX0sIm5pZWxzZW4iOnsiYXBpZCI6IlBEN0REQTkxQS0wNzU4LTREQ0UtQUY0Qy1FMTk5REZCNjU1MTgiLCJzZmNvZGUiOiJkY3IiLCJ0eXBlIjoiZGNyIiwiYXBuIjoiQW52YXRvIiwiZW52aXJvbm1lbnQiOiJwcm9kdWN0aW9uIiwidXNlRGVyaXZlZE1ldGFkYXRhIjp0cnVlLCJtYXBwaW5nIjp7ImFkbG9hZHR5cGUiOjIsImFkTW9kZWwiOjJ9LCJvcHRPdXQiOmZhbHNlfSwic2VnbWVudEN1c3RvbSI6eyJzY3JpcHQiOiJodHRwczovL3NlZ21lbnQucHNnLm5leHN0YXJkaWdpdGFsLm5ldC9hbnZhdG8uanMiLCJ3cml0ZUtleSI6Im9xSDhXY3R3SHgyT1NPbTRZN0UyRjFKc0xMQ1NYRWRSIiwicGx1Z2luc0xvYWRpbmdUaW1lb3V0IjoxMn0sImdvb2dsZUFuYWx5dGljcyI6eyJ0cmFja2luZ0lkIjoiVUEtMzI1MDczNjgtMTYiLCJldmVudHMiOnsiQURfU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLUFkIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1NUQVJURUQiOnsiYWxpYXMiOiJWaWRlby1QbGF5IiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0ZJUlNUX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tMjUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX01JRF9QT0lOVCI6eyJhbGlhcyI6IlZpZGVvLTUwJSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJWSURFT19USElSRF9RVUFSVElMRSI6eyJhbGlhcyI6IlZpZGVvLTc1JSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJWSURFT19DT01QTEVURUQiOnsiYWxpYXMiOiJWaWRlby0xMDAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUEFVU0UiOnsiYWxpYXMiOiJQYXVzZSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJVU0VSX1JFU1VNRSI6eyJhbGlhcyI6IlJlc3VtZSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9fX0sInBhbCI6eyJwcGlkIjoiMDdhY2Y1ZmUtYTViZC00Yzc0LTg1YmUtN2FkMzg2MTYxY2RhIiwiZGVzY3JpcHRpb25VcmwiOiJodHRwcyUzQSUyRiUyRnd3dy53dG5oLmNvbSUyRm9uLWFpciUyRmdtY3QtYXQtbmluZSUyRmNlbGVicmF0aW5nLW5hdGlvbmFsLWRvY3RvcnMtZGF5JTJGIiwibGlicmFyeVJlcXVlc3RlZCI6dHJ1ZSwicEluc3RhbmNlIjoicDcwIn19LCJodG1sNSI6dHJ1ZSwidG9rZW4iOiJleUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpJVXpJMU5pSjkuZXlKMmFXUWlPaUkzTlRVM05qQTBJaXdpYVhOeklqb2ljRVJMY1UxTWVVYzVjRlp4VFd0VFdWSktTRmQxTTFoU1QycEJiSFpTTm5vaUxDSmxlSEFpT2pFMk5EZzFNVGsxTWpWOS5zdk5ZdXlSckZIYmtWX1VvSXpwNDBiLWxlRGtsVHpvTlljcGJwc2N0YTVzIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2954:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fb4bcb2b518dee77366120aa3f970e7075bac4b890008828d057e650e9b775f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 11:48:59 GMT
content-encoding
gzip
via
1.1 google
age
12638
x-guploader-uploadid
ADPycdvEerl-Tp5PfQTM0ADvS_q1tOqLMVNWpm1AXVUQ1HVDi9sXYvKk_2yghpMn9sDhteJQV3gn-_ffDSbzQXc_jckvcQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
719605
last-modified
Wed, 15 Jun 2022 14:57:38 GMT
server
UploadServer
etag
"899e7c4d085ad77bbdac4a4d959034ce"
vary
Accept-Encoding
x-goog-generation
1655305058129562
x-goog-hash
crc32c=OV1q6w==, md5=iZ58TQha13u9rEpNlZA0zg==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=14400
x-goog-stored-content-length
719605
accept-ranges
bytes
anvhtml5.css
w3.mp.lura.live/player/prod/v3/ Frame 99DA 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w3.mp.lura.live/player/prod/v3/anvhtml5.css
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6Ijc1NTc2MDQiLCJhbnZhY2siOiJwREtxTUx5RzlwVnFNa1NZUkpIV3UzWFJPakFsdlI2eiIsInNoYXJlTGluayI6Imh0dHBzOi8vd3d3Lnd0bmguY29tL29uLWFpci9nbWN0LWF0LW5pbmUvY2VsZWJyYXRpbmctbmF0aW9uYWwtZG9jdG9ycy1kYXkvIiwicGx1Z2lucyI6eyJjb21zY29yZSI6eyJjbGllbnRJZCI6IjYwMzY0MzkiLCJjMyI6Ind0bmguY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3dG5oLmNvbSIsIm5zX3N0X3N0Ijoid3RuaCIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyxOZXdzLENvbm5lY3RpY3V0LENUIFNUWUxFLE5ld3MiLCJjc191Y2ZyIjoiIn0sImFkIjp7ImMzIjoid3RuaC5jb20iLCJuc19zdF9zdCI6Ind0bmgiLCJuc19zdF9wdSI6Ik5leHN0YXIiLCJuc19zdF9nZSI6Ik5ld3MsTmV3cyxDb25uZWN0aWN1dCxDVCBTVFlMRSxOZXdzIiwiY3NfdWNmciI6IiJ9fX0sImRmcCI6eyJjbGllbnRTaWRlIjp7ImFkVGFnVXJsIjoiaHR0cHM6Ly9wdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ2FtcGFkL2Fkcz9zej0xeDEwMDAmaXU9LzU2NzgvbGluLnd0bmgvb25fYWlyL2dvb2RfbW9ybmluZ19jdF9hdF9uaW5lJmltcGw9cyZnZGZwX3JlcT0xJmVudj12cCZvdXRwdXQ9dm1hcCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmFkX3J1bGU9MSZkZXNjcmlwdGlvbl91cmw9aHR0cHM6Ly93d3cud3RuaC5jb20vb24tYWlyL2dtY3QtYXQtbmluZS9jZWxlYnJhdGluZy1uYXRpb25hbC1kb2N0b3JzLWRheS8mdmNvbnA9MiZwcGlkPTA3YWNmNWZlLWE1YmQtNGM3NC04NWJlLTdhZDM4NjE2MWNkYSZjdXN0X3BhcmFtcz12aWQlM0Q3NTU3NjA0JTI2Y21zaWQlM0QxMDg1MjgzJTI2cGlkJTNEMTA4NTI4MyUyNnBlcnNfY2lkJTNEbnhzLTEwMC1hcnRpY2xlLTEwODUyODMlMjZ2aWRjYXQlM0QlMkZvbl9haXIlMkZnb29kX21vcm5pbmdfY3RfYXRfbmluZSUyNmJvYl9jayUzRCU1QmJvYl9ja192YWwlNUQlMjZkX2NvZGUlM0QxJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNENTE3LjM0NCUyNnBsYXllcmhlaWdodCUzRDI5MSUyNnVwaWQlM0Q2NjkyNTIxMy0wNzI3LTRkMWItOWJlNS02ZDRiOTk2MjhhYTIlMjZwZXJtdXRpdmUlM0Q4NTIwMCUyQzg5MDU2JTJDODkwNzglMkM5MDgwNiUyQzkwODA3JTJDOTA4MDglMkM5MDgxNCUyQzk0MjU5JTJDOTQ1MDAlMkM5NDUwMSUyQzk4NzMyJTJDOTg3MzclMkM5ODgyMCUyQzk5ODQxJTJDOTk4NDIlMkM5OTg0NyUyQzk5ODUwJTI2YW16bmJpZCUzRHZfOHFtcnI0JTI2YW16bmlpZCUzREl0b0I1ZEFBQ3VIQjBPb3RrazAtNmxVQUFBRl8welZJcmdZQUFBMVNCTGU2eG1rJTI2YW16bnAlM0RoY2E2bTgiLCJ2cGFpZE1vZGUiOiJlbmFibGVkIn0sInNlcnZlclNpZGUiOnsicGFsX25vbmNlIjoiQVF6ekJHUUVQN2Ryem0wSlBlQjF1ekd3YjVUQnMweENlaVliMWw0UEtaTW1PUTRaWE9Zb1BkV002UGpuTldVZ1lTMXkyajZCX3d3TDlUOWEwcm10Z0FTM1lyLWRlc2x5c3V6TnJoa2lrd0pxdGgtOVhXOUd0UEN0czNMYnVKYzgzWnpWa1UyWVFJSFRUNXVOUzRXVHBrMEpOdDhLcS1vM3JYeHdMTVNwRjJDZVRXaERvSkdWVUJqdml0RXdDZGU3bUp6b01NVVZ6UWc0UXJZX3pUWGJyZW1pTXpib29yQWtTbm9DS2dQWFVQSmtITERYOEdiZHN6U1JRWEszVHNEMWxaS2FzVXJGMm5fci10Z3ZvaXFCb3lKZ2VjczZ3WTNYcVdpTzAyNHBHZmNheE1wZWdUa2s5Q0RieTgwdnk3Zk12M3J6V1ZuVVJMTXVFcUdiaEI0LUNWcE44QmpqVGM0eFY1VHIwZXdtVWRHdFNzbExWd0V2dzRtUkpDd3pZYWk1NUlYTDIwanZzY2cwMFpsNWNzaUN1Y1pVa1c0WERHTktFeTNSbVFUUFVBZW9LMGlfRFhEUjd5S2o0eFp2cVo2aXZDc1RscXdKSWRRX2w1V1NOa1ExRW1XOC1yUXRXa3pTc2g3QVd2c2V3QzhscjZURTZmWHNodVdFRndQOHc1a1QzVm5vSFc3dHltWHRWdnJXR09LT2NIOXFkT1lPMm5zYjdvR21BWXlyQlRvNGN1RXpJMzVmQm9rdm9zWkVYM1RZUF9xRFZ2SU5NY2NLaV9fb05tUjBxTjNRNkdjVFN2UkdiR2lBcjJLNDRsVFBqS1FJWmVEY1RsUEpSenNwSjRWRkZySUpLN1otMkhhYlVNelpFa2RZVEJQcFdtM3kxcVh2OC1XWV9JdXhxeVZWQVNtRUNVTFg1bWxwLV9NMFc4LV80XzFTUFJHODAybVRva3Z5RWNRcDZQUEdscURMUnp5dXg2YXI2THhlMi1LSHJ3Y1pYOENFUU5TSEVHTkJjbWRJdWY0TXJMaHpRemd1X2RHRFloZnhiRy1aZnEzT1JNTEY3NEF3NFhGeEdmQkhqTzdXYWFJQ3FwY3NPQ0V2T1pmVVRhUEVxSkdnMmhrWVJNLVJzblBhZjVsX3dFMURWN3pUcGVjNkNEcU9wang2VnctMU9kU1M2VXJGS0JDeDFWdDlmWkQ4WDBiVHh6eDBGSWVWYW9wazJtSkxZeWVYckFkWmhxZHViSDNfaFdxLXJaZXBVY2V4Q214M29Sb1k0TGhEcFYyMDVmNDVQMDVJcm9MeElNYVhMR25PLWRscGk1eEhtTW1ESDJHUDdPcTZTcEZoMXhLZkdSZlZEY0F3N19kcDB6RXkxb2t6ZGUtcFVCbFFEbUJiUDJMSldhbjJINm15anowX3dOM3JPbHZvcGt5QkhUbHlJbUFqMnJPRjRGeUpBOThpQ1RQNDRTbnpUb1RfSkJCTmhBNWktMFNTdHFxQzVDZlVWQWNCWmtXeTZPVElPTVBwMDZyNkZ5T3NjaGFCVm1CbXFVQ2JtSEF1OFpXWVBjRnV6aXZyWmVaMG11M0tjbkVsZmJPa0E1TWEyalVuZEtGYWRnLi4ifX0sIm5pZWxzZW4iOnsiYXBpZCI6IlBEN0REQTkxQS0wNzU4LTREQ0UtQUY0Qy1FMTk5REZCNjU1MTgiLCJzZmNvZGUiOiJkY3IiLCJ0eXBlIjoiZGNyIiwiYXBuIjoiQW52YXRvIiwiZW52aXJvbm1lbnQiOiJwcm9kdWN0aW9uIiwidXNlRGVyaXZlZE1ldGFkYXRhIjp0cnVlLCJtYXBwaW5nIjp7ImFkbG9hZHR5cGUiOjIsImFkTW9kZWwiOjJ9LCJvcHRPdXQiOmZhbHNlfSwic2VnbWVudEN1c3RvbSI6eyJzY3JpcHQiOiJodHRwczovL3NlZ21lbnQucHNnLm5leHN0YXJkaWdpdGFsLm5ldC9hbnZhdG8uanMiLCJ3cml0ZUtleSI6Im9xSDhXY3R3SHgyT1NPbTRZN0UyRjFKc0xMQ1NYRWRSIiwicGx1Z2luc0xvYWRpbmdUaW1lb3V0IjoxMn0sImdvb2dsZUFuYWx5dGljcyI6eyJ0cmFja2luZ0lkIjoiVUEtMzI1MDczNjgtMTYiLCJldmVudHMiOnsiQURfU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLUFkIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1NUQVJURUQiOnsiYWxpYXMiOiJWaWRlby1QbGF5IiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0ZJUlNUX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tMjUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX01JRF9QT0lOVCI6eyJhbGlhcyI6IlZpZGVvLTUwJSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJWSURFT19USElSRF9RVUFSVElMRSI6eyJhbGlhcyI6IlZpZGVvLTc1JSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJWSURFT19DT01QTEVURUQiOnsiYWxpYXMiOiJWaWRlby0xMDAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUEFVU0UiOnsiYWxpYXMiOiJQYXVzZSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9LCJVU0VSX1JFU1VNRSI6eyJhbGlhcyI6IlJlc3VtZSIsImNhdGVnb3J5IjoiVmlkZW8iLCJsYWJlbCI6IltbVElUTEVdXSJ9fX0sInBhbCI6eyJwcGlkIjoiMDdhY2Y1ZmUtYTViZC00Yzc0LTg1YmUtN2FkMzg2MTYxY2RhIiwiZGVzY3JpcHRpb25VcmwiOiJodHRwcyUzQSUyRiUyRnd3dy53dG5oLmNvbSUyRm9uLWFpciUyRmdtY3QtYXQtbmluZSUyRmNlbGVicmF0aW5nLW5hdGlvbmFsLWRvY3RvcnMtZGF5JTJGIiwibGlicmFyeVJlcXVlc3RlZCI6dHJ1ZSwicEluc3RhbmNlIjoicDcwIn19LCJodG1sNSI6dHJ1ZSwidG9rZW4iOiJleUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpJVXpJMU5pSjkuZXlKMmFXUWlPaUkzTlRVM05qQTBJaXdpYVhOeklqb2ljRVJMY1UxTWVVYzVjRlp4VFd0VFdWSktTRmQxTTFoU1QycEJiSFpTTm5vaUxDSmxlSEFpT2pFMk5EZzFNVGsxTWpWOS5zdk5ZdXlSckZIYmtWX1VvSXpwNDBiLWxlRGtsVHpvTlljcGJwc2N0YTVzIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2954:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a2950830dd45881c784a4a8e6ee4c38ff9dafb9cb831a551224ae096ad6aebb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 13:17:17 GMT
content-encoding
gzip
via
1.1 google
age
7340
x-guploader-uploadid
ADPycdu7dCqehSzn57gXpYc-3gCeVuQkw8OR7ZxxB3aD0Chjtr6Fry9RFCGMhbDC8JAqMQBMLITHIjQugZojOHj81wF1gY3yyW47
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9252
last-modified
Wed, 29 Mar 2023 20:38:57 GMT
server
UploadServer
etag
"da063214c9e63cdd30b4b08bf7487282"
vary
Accept-Encoding
x-goog-generation
1655305059733067
x-goog-hash
crc32c=Wzcbng==, md5=2gYyFMnmPN0wtLCL90hygg==
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=14400
x-goog-stored-content-length
9252
accept-ranges
bytes
hqdefault.jpg
i.ytimg.com/vi/014vn9zWUs0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/014vn9zWUs0/hqdefault.jpg
Requested by
Host: 8jb67b.a2cdn1.secureserver.net
URL: https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/fusion-scripts/b44353f673393af039b7cd3d4646636c.min.js?ver=3.6&time=1680134751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2016 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5dabdeccfd24c8d7d96e12dd4f32115cd4f53bfbb6c808ad57910271e4005526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:38 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11063
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Apr 2023 17:19:38 GMT
20170519-435-Lewis-Ave-Meriden-05.jpg
8jb67b.a2cdn1.secureserver.net/wp-content/uploads/2021/12/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/2021/12/20170519-435-Lewis-Ave-Meriden-05.jpg
Requested by
Host: nemsed.com
URL: https://nemsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b84b9958ff2371ccc716826bddddc37e344d8e77d0dabbe43b833ca1abe3cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:38 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
cf-cache-status
HIT
cf-polished
origSize=1487067
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1372018
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Dec 2021 10:54:41 GMT
server
cloudflare
x-php-version
8.1
etag
"16b0db-5d2dcaaae19f5"
vary
Accept-Encoding
content-type
image/jpeg
x-cache-hit
HIT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7b11cfbf79ae31e6-MIA
expires
Tue, 02 May 2023 15:19:38 GMT
pDKqMLyG9pVqMkSYRJHWu3XROjAlvR6z
access.mp.lura.live/anvacks/ Frame 99DA 		886 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://access.mp.lura.live/anvacks/pDKqMLyG9pVqMkSYRJHWu3XROjAlvR6z?apikey=3hwbSuqqT690uxjNYBktSQpa5ZrpYYR0Iofx7NcJHyA
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:cb53:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
24cf73e9c5307845bce383105f0ecf2f0bec7316517bbf986fbff5227c50294b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:39 GMT
via
1.1 google
server
nginx
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
886
server_time
tkx.mp.lura.live/rest/v2/ Frame 99DA 		28 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tkx.mp.lura.live/rest/v2/server_time?anvack=pDKqMLyG9pVqMkSYRJHWu3XROjAlvR6z&anvtrid=w11b37c587ce8fae59455ef76cb44360f
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7abc:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
542a9ac139a2ba1d6cc9f33080fe1322c315ebae25a8326324a4c616d466793c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:39 GMT
via
1.1 google
server
nginx
content-type
application/json
access-control-allow-origin
https://w3.mp.lura.live
access-control-allow-credentials
true
x-onetkx-ver
~~~us-south1-a~581834483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
events.api.secureserver.net/t/1/tl/ 		43 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1680362378173&dh=nemsed.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&vci=2128658408&cv=2.0.1&z=911263616&vg=8e37efab-ffeb-534c-a2a3-0f0848e287d0&vtg=8e37efab-ffeb-534c-a2a3-0f0848e287d0&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22759c55a8-3f1a-ce02-bc49-162b33b0f6b8.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD08%22%2C%22storage%22%3A%22a2cephmah003pod08_data13%22%2C%22xid%22%3A%2244488461%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%228.1.14%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22avada%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22204%22%2C%22wp_alloptions_bytes%22%3A%22183925%22%7D&hit_id=fe503e38-f2f3-5fff-a505-dcea459d3d26&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d::1721:ee62 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 01 Apr 2023 15:19:39 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://nemsed.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1680362379605&dh=nemsed.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&vci=2128658408&cv=2.0.1&z=1303762444&vg=8e37efab-ffeb-534c-a2a3-0f0848e287d0&vtg=8e37efab-ffeb-534c-a2a3-0f0848e287d0&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22759c55a8-3f1a-ce02-bc49-162b33b0f6b8.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD08%22%2C%22storage%22%3A%22a2cephmah003pod08_data13%22%2C%22xid%22%3A%2244488461%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%228.1.14%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22avada%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22204%22%2C%22wp_alloptions_bytes%22%3A%22183925%22%7D&hit_id=2b4b4cc7-b1c2-5164-a9b7-1420cd2bb9d7&ht=perf&tce=1680362376649&tcs=1680362375841&tdc=1680362379532&tdclee=1680362378179&tdcles=1680362378178&tdi=1680362378178&tdl=1680362376775&tdle=1680362375841&tdls=1680362375838&tfs=1680362375836&tns=1680362375570&trqs=1680362376652&tre=1680362376774&trps=1680362376769&tles=1680362379532&tlee=0&nt=navigate&lcp=1930&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d::1721:ee62 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 01 Apr 2023 15:19:39 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://nemsed.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
NEMS-Logo-3-600x246.png
8jb67b.a2cdn1.secureserver.net/wp-content/uploads/2021/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8jb67b.a2cdn1.secureserver.net/wp-content/uploads/2021/12/NEMS-Logo-3-600x246.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf2a71112179e1cd9c646ed6a7f0397171ec6bb0831b0ac465423288aa34cf8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nemsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:39 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
cf-cache-status
HIT
cf-polished
origSize=18179
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17333
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Sun, 12 Dec 2021 15:35:58 GMT
server
cloudflare
x-php-version
8.1
etag
"4703-5d2f4b67ab3fa"
vary
Accept-Encoding
content-type
image/png
x-cache-hit
MISS
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7b11cfc8feb931e6-MIA
expires
Tue, 02 May 2023 15:19:39 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 99DA 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dd3f9f6c6fb24816e23864a76aa3e52103730816a536e8fae82e264196a2f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123698
x-xss-protection
0
expires
Sat, 01 Apr 2023 15:19:40 GMT
7557604
tkx.mp.lura.live/rest/v2/mcp/video/ Frame 99DA 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tkx.mp.lura.live/rest/v2/mcp/video/7557604?anvack=pDKqMLyG9pVqMkSYRJHWu3XROjAlvR6z&anvtrid=w11b37c58fa70cf7e695f74d101793894&rtyp=fp&X-Anvato-Adst-Auth=%2FqJfoGLO3NTUnMfS5FD5SM6M7uD77sVmJs%2FepaQfPJBX3hA694AJ4AP%2BA0d7MAV4rPC%2B%2BHSYNg9FNQJeYehezA%3D%3D
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7abc:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
544177671a86cf2da5e68537eb75921733ea5430872895843bdf9d290a6a567c

Request headers

Referer
https://w3.mp.lura.live/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 01 Apr 2023 15:19:45 GMT
via
1.1 google
server
nginx
content-type
application/x-javascript
access-control-allow-origin
https://w3.mp.lura.live
access-control-allow-credentials
true
x-onetkx-ver
~~~us-central1-b~578371749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
master.m3u8
dcs-vod.mp.lura.live/vod/p/ Frame 99DA 		322 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dcs-vod.mp.lura.live/vod/p/master.m3u8?encp=Q_hr13XearvGNVgGNNebkQ:6IMpYg8txcV_Z2oOIAn211SOpEY3DHIuUgNxXgjTaw9ZcZ6Jcq-UWSGmTgH7G4S_VyyiTdMMKx_Isya1pFFLkYAyJLf2SCLMEkd1uhr5S6I0dBrb-mdmhqEd68k0TAdE7aso20fSm1VXmQ5ARx4YJwwC4lk6lNFO7T6pK_GA-qk5pDZ1Rpy66kGtwc6eMXTSoZIAcHcjk2EcJnonronH4UYMDmOMHfXPIdqEEKLlkJHPEFs-eYdUU1AadRMWPzIEDkhXKPDhkaFiABRBBipKlaNgZyj6mzzGzVusQUA6Yk9_ILhLvpH2wBAC5zmJcNTB9HLGpE_SfEjF3uvI7QjTwM6OaiR3njUhPEuwUc9r2nRm4E66mRcFRBFYgpmLBu8s8zWA324RQs1hpP6DnW0fuZ4J4hMS51XzMM_2AbrIxTNUwCLKOCficdwdgVljME3v&anvtrid=907b38fe715e7acc84df3feb83299675&anvauth=tb=0~te=1680362474~sgn=5b6639bf1e2209115350ca78ef66caf879c1e803c74a375142ce01352931548a&t=1680362384&_vpng=0
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.23.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
66e51aee42cd347f6c17ef34249fe39954ef0faa3f9dbf234bdaec9a7c764850

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:45 GMT
content-encoding
gzip
via
1.1 google
server
nginx
x-anv-reason
Error Code: 156903
x-anv-ver
~~
vary
Accept-Encoding
x-anv-auth-status
rejected
access-control-allow-origin
https://w3.mp.lura.live
vmap-check-t-tracking
0
content-type
application/json
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
vmap-check-d-tracking
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ggcmb500.js
secure-us.imrworldwide.com/novms/js/2/ Frame 99DA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-us.imrworldwide.com/novms/js/2/ggcmb500.js
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.232.34 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1804940bab9497accd774bf71ed5777ac803859c10efc54e312c4457fc616427

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:46 GMT
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 16:45:45 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag
"6410a4b9-353"
access-control-allow-methods
POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
851
anvatoextension.js
w3.mp.lura.live/player/prod/v3/11b37c58/lib/ Frame 99DA 		288 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w3.mp.lura.live/player/prod/v3/11b37c58/lib/anvatoextension.js
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:2954:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 12:11:51 GMT
content-encoding
gzip
via
1.1 google
age
11274
x-guploader-uploadid
ADPycdsenQHSuWwXfTCcnuL5gti1dUjdl03GkN2p2UL3Y-UG4G8gVD2aHI9s-WVpYd1PBnzQcSdciPKYJkKDxIySwrlXSg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
195
last-modified
Wed, 15 Jun 2022 14:57:30 GMT
server
UploadServer
etag
"c0f7627f876a25d88e180c31bc323499"
vary
Accept-Encoding
x-goog-generation
1655305050895998
x-goog-hash
crc32c=jNMWQA==, md5=wPdif4dqJdiOGAwxvDI0mQ==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=14400
x-goog-stored-content-length
195
accept-ranges
bytes
streamsense.4.1412.05.min.js
w3.mp.lura.live/player/prod/v3/11b37c58/lib/ Frame 99DA 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w3.mp.lura.live/player/prod/v3/11b37c58/lib/streamsense.4.1412.05.min.js
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:2954:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a58e3a7f70f9ff30b74124150cfdd6ecf164baffe00eea93cb1c3f26f5d058b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 12:12:51 GMT
content-encoding
gzip
via
1.1 google
age
11214
x-guploader-uploadid
ADPycdv_JHW32YO3VJ6yeObVSEdvGg7yJ0D6z7u46w9n3h0KyXX1EMYAxyCGZO_USIOFVPF1iXbxJDcKVgrCfRRH06YLXAb0iRFb
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8915
last-modified
Wed, 29 Mar 2023 20:38:54 GMT
server
UploadServer
etag
"bd563f22eed856825ad192f8a37b20ff"
vary
Accept-Encoding
x-goog-generation
1655305054088271
x-goog-hash
crc32c=aXGSaw==, md5=vVY/Iu7YVoJa0ZL4o3sg/w==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=14400
x-goog-stored-content-length
8915
accept-ranges
bytes
bridge3.566.2_en.html
imasdk.googleapis.com/js/core/ Frame 0E8D 		711 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a139618572b9c9b5e7e0d75d62f81c0d6aa6202f72db242ed62b860e805027db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w3.mp.lura.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
202119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231184
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Mar 2023 07:11:06 GMT
expires
Fri, 29 Mar 2024 07:11:06 GMT
last-modified
Tue, 28 Mar 2023 15:25:51 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 99DA 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Apr 2023 15:19:46 GMT
analytics.js
www.google-analytics.com/ Frame 99DA 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 14:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4474
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 01 Apr 2023 16:05:12 GMT
truncated
/ Frame 99DA 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 99DA 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
6581DF05EFC677B71E21D0561A5862B0.jpg
m104216-ucdn.mp.lura.live/iupl_lin/658/1DF/ Frame 99DA 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m104216-ucdn.mp.lura.live/iupl_lin/658/1DF/6581DF05EFC677B71E21D0561A5862B0.jpg?Expires=1680365984&KeyName=mcpkey1&Signature=PpHQv2LX-MhhcVcTWXgaKevYYzQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.216.134 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
ea98f7592e7900a3e8afa5bf009ec067da8ac51a6fe28facb77687c23dfe216a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:46 GMT
x-guploader-uploadid
ADPycdtleiB35e3sYo03-TqKBbDeStwwiAUZBJVe9CisQgLsjvT0CzrZ3UrQnMS5l4OqwvmBm9h3PkpqNzvlolLEcMNMpso1Q7xx
x-goog-storage-class
COLDLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191261
last-modified
Tue, 27 Dec 2022 08:11:22 GMT
server
UploadServer
etag
"f61fd91e73e942a46eeafb3e357b0cf2"
x-goog-generation
1672128682837723
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=23+IpQ==, md5=9h/ZHnPpQqRu6vs+NXsM8g==
access-control-expose-headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control
max-age=3600,public
x-goog-stored-content-length
191261
accept-ranges
bytes
comscoreplugin.min.js
w3.mp.lura.live/player/prod/v3/plugins/comscore/ Frame 99DA 		187 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w3.mp.lura.live/player/prod/v3/plugins/comscore/comscoreplugin.min.js
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:2954:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
71111465c15a7fb991a78f7f412f36274d84f585ddb217feb1ba9e984b5ab2c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 13:52:25 GMT
content-encoding
gzip
via
1.1 google
age
5240
x-guploader-uploadid
ADPycdvzQ3pqHLjIVRESEWiI1kuGXIxSihCcCnn3M26xVmIOxrXLoXouXsls5xhidGNtSduaQ7_r4CzDP1QmfPPGsCZPcQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55040
last-modified
Wed, 29 Mar 2023 20:39:02 GMT
server
UploadServer
etag
"c16e9e4ebabbec6b8d6c56ab222829df"
vary
Accept-Encoding
x-goog-generation
1655305065622623
x-goog-hash
crc32c=yT7jbA==, md5=wW6eTrq77GuNbFarIigp3w==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=14400
x-goog-stored-content-length
55040
accept-ranges
bytes
anvato.js
segment.psg.nexstardigital.net/ Frame 99DA 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segment.psg.nexstardigital.net/anvato.js
Requested by
Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/11b37c58/scripts/anvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
819b997635c3dc2f291a9653ccfaeae8fe1bac3c1351e061c93d1cea499b4468
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:46 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
CZ7T1SD1MYJMFZ6D
age
3270
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:564329123274:build/prod-frontend-segment:88ea2506-4ac6-4a28-a9bc-032ea94abb46
x-cache
HIT
x-amz-meta-codebuild-content-md5
83da2d84bc31bc6dece2cdae2cc447d0
content-length
30994
x-amz-id-2
wXHfpfhvpD/JJ5W5zY7sgSQj6wz+q4Jqr5xCmzd0HgPQWjJu3BNPa/dxvi+CDocVr9TtlNDev0U=
x-served-by
cache-fty21366-FTY
last-modified
Wed, 22 Mar 2023 21:20:26 GMT
server
AmazonS3
x-timer
S1680362386.391543,VS0,VE0
etag
"6db7ac41b287616f99cede6e9dfd4067"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
fe89c43ffa481f5f171bc757848696cc6db2de245c0045c89475f929769e7679
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
145
analytics.min.js
cdn.segment.com/analytics.js/v1/oqH8WctwHx2OSOm4Y7E2F1JsLLCSXEdR/ Frame 99DA 		355 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/oqH8WctwHx2OSOm4Y7E2F1JsLLCSXEdR/analytics.min.js
Requested by
Host: segment.psg.nexstardigital.net
URL: https://segment.psg.nexstardigital.net/anvato.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7167750d856a2cba70b8e55673c1475343c36b3b915e8b2e2b668970e6c3f9ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
CG8UxHm0prmP2v5WglIvLmQMH9U95o1C
content-encoding
br
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
date
Sat, 01 Apr 2023 15:18:21 GMT
x-amz-cf-pop
JFK51-C1
age
86
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 10 Mar 2023 23:32:51 GMT
server
AmazonS3
etag
W/"d94aeb7db65dd39692d0048c41938fb2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
sAf98HJ4CubUqEw0-b_j1tVFginkQl91okY-Y4nWvBCCL0BznoK4mg==
PD7DDA91A-0758-4DCE-AF4C-E199DFB65518.js
cdn-gl.imrworldwide.com/conf/ Frame 99DA 		44 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PD7DDA91A-0758-4DCE-AF4C-E199DFB65518.js
Requested by
Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/novms/js/2/ggcmb500.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:200:2:42d9:3100:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71ad03a3c3012dfbad3145bbd00df1a602b260c38a2798633360f23fc5fcdfc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
bRvVX8voNWhrDqFAMb6DOhV_Tc_21WDP
content-encoding
gzip
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
date
Sat, 01 Apr 2023 14:47:32 GMT
last-modified
Sat, 01 Apr 2023 05:19:13 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
1935
x-amz-server-side-encryption
AES256
etag
W/"88abea2d6e2926435f5ba0b8ea70fc9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
KmQTc_NATz86KQuT76Ughj5R1Ms2EHoJN7vjEY4iE6-9U-BKn3AHCg==
6581DF05EFC677B71E21D0561A5862B0.jpg
m104216-ucdn.mp.lura.live/iupl_lin/658/1DF/ Frame 99DA 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m104216-ucdn.mp.lura.live/iupl_lin/658/1DF/6581DF05EFC677B71E21D0561A5862B0.jpg?Expires=1680365984&KeyName=mcpkey1&Signature=PpHQv2LX-MhhcVcTWXgaKevYYzQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.216.134 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
ea98f7592e7900a3e8afa5bf009ec067da8ac51a6fe28facb77687c23dfe216a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:19:46 GMT
age
0
x-guploader-uploadid
ADPycdtleiB35e3sYo03-TqKBbDeStwwiAUZBJVe9CisQgLsjvT0CzrZ3UrQnMS5l4OqwvmBm9h3PkpqNzvlolLEcMNMpso1Q7xx
x-goog-storage-class
COLDLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191261
last-modified
Tue, 27 Dec 2022 08:11:22 GMT
server
UploadServer
etag
"f61fd91e73e942a46eeafb3e357b0cf2"
x-goog-generation
1672128682837723
x-goog-hash
crc32c=23+IpQ==, md5=9h/ZHnPpQqRu6vs+NXsM8g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control
max-age=3600,public
x-goog-stored-content-length
191261
accept-ranges
bytes
content-type
image/jpeg
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ Frame 99DA 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PD7DDA91A-0758-4DCE-AF4C-E199DFB65518.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:200:2:42d9:3100:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6400cbfed9a573b55a0c5cc4654df170cb4249146ce375ab3602b44b4b438e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
ie.iViZa0tUvQAGFxElCXKegOcUl_lrU
content-encoding
gzip
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
date
Sat, 01 Apr 2023 15:04:44 GMT
x-amz-cf-pop
EWR53-C3
age
904
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 06 Mar 2023 15:04:33 GMT
server
AmazonS3
etag
W/"4810e2b4c33864a6ebc1ff843ea7c0c7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
S2YMVorERqCEk8KtHnFc89CokQru-iCH_JBFDt5u2J_HqgTeZfhBkA==
F240E0396D46373039B390F3E785D964_pvw-M0.jpg
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-M0.jpg?aktaexp=1680365985&aktasgn=941eb3e0197ce3583ebcc48cb1a1e78c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
d0e51aafe10587f4cf667e8e0d014a140c8fdcecdfe8ceae5bf46b6e763726ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycds_GCyqRXNyoDLkbn4_QTCAkbOigiVikJOm33mQHjZUMB-ed1VMrcfeXZbs66jn1v-IwticjwlUSBZyCSP5v3KbQUHODAMx
x-goog-storage-class
COLDLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
106625
Last-Modified
Tue, 27 Dec 2022 08:11:25 GMT
Server
UploadServer
ETag
"047769536280c0c3c41dc96d75f2525e"
x-goog-generation
1672128685473354
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=V2Of5g==, md5=BHdpU2KAwMPEHcltdfJSXg==
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
X-HW
1680362387.dop211.mi1.t,1680362387.cds217.mi1.shn,1680362387.dop211.mi1.t,1680362387.cds221.mi1.c
x-goog-stored-content-length
106625
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-M1.jpg
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-M1.jpg?aktaexp=1680365985&aktasgn=f8ba70fc19c4a164cdd1183449332dbd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
ae4857907a69ae04120126bb548273e2f34e61f7991633985e124602883ebc0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycdtwvTS7KjifhO2G8fet4COnSaEKQS5i6_vMRhKiw88FOaJR7PLfEY-aAC8vN3epE2ebDb2_AYcekGEWzwrz2uI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
115869
Last-Modified
Mon, 28 Mar 2022 13:48:35 GMT
Server
UploadServer
ETag
"07e53136dbdb46d3d44a28a5cf51751e"
x-goog-generation
1648475315122774
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=BBCWbQ==, md5=B+UxNtvbRtPUSiilz1F1Hg==
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
X-HW
1680362387.dop219.mi1.t,1680362387.cds234.mi1.shn,1680362387.dop219.mi1.t,1680362387.cds211.mi1.c
x-goog-stored-content-length
115869
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-M2.jpg
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-M2.jpg?aktaexp=1680365985&aktasgn=fe92ec2fd9a9d484a07c07a1c7ab7f80
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
df28047245cbb76431ca4c9a697dba3daf89cf4184e7634a0971ed6858d9640f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycdtnSOPPyXyvDR06NhHaURaBsFoEy0Gk2tCjtI5Vuo0QiRRKhK6-VVG9MK8Pp13KtvncH9rU7Xmebv0iYjAkTQ88VGl7DtHR
x-goog-storage-class
COLDLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
119053
Last-Modified
Tue, 27 Dec 2022 08:11:25 GMT
Server
UploadServer
ETag
"aa0d1da10a2c24f84c7a883e4371bd5e"
x-goog-generation
1672128685866568
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=FBWAKQ==, md5=qg0doQosJPhMeog+Q3G9Xg==
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
X-HW
1680362387.dop058.mi1.t,1680362387.cds248.mi1.shn,1680362387.dop058.mi1.t,1680362387.cds048.mi1.c
x-goog-stored-content-length
119053
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-M3.jpg
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-M3.jpg?aktaexp=1680365985&aktasgn=902c967d86ac0a30bc3fea2a4ab368fe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
efc71f44727d69723beb33ce9819c97b30cb50233a10bf347f13d6510db87e44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycds5g7ibWy6ggir2OR7oeiWrWgyVY9Q3flHXf1LlLZ8FlWr_3EGDOYnT0eoBLoI9cHnLaElk48VAXYlnM_bla8RHF7C3iGqf
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
119610
Last-Modified
Mon, 28 Mar 2022 13:48:35 GMT
Server
UploadServer
ETag
"7a002bc8bdab8fbd77fb1c009078b28f"
X-HW
1680362387.dop054.mi1.t,1680362387.cds213.mi1.shn,1680362387.dop054.mi1.t,1680362387.cds217.mi1.s,1680362387.dop216.da2.r,1680362387.cds214.da2.c,1680362387.cds217.mi1.p
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-goog-generation
1648475315242697
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
x-goog-hash
crc32c=fpg97A==, md5=egAryL2rj713+xwAkHiyjw==
x-goog-stored-content-length
119610
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-M4.jpg
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-M4.jpg?aktaexp=1680365985&aktasgn=925f835c05c063062e061254e0a78e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
8d5427495d4b1044c94ae63384feeabc82f8614c307bd8389c31a02bf1950690

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycdvl5sjSXwdXAHHLiuR-IZgmfuOaSiYbVdeo9CZ5bI_-WYs8-zceBT_20Q3H5B4PcJO2EvqeztlQlR_N6yrckP3L20KQaonw
x-goog-storage-class
COLDLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
32246
Last-Modified
Tue, 27 Dec 2022 08:11:26 GMT
Server
UploadServer
ETag
"b08ed7db646d5996cfc30be89a11483f"
x-goog-generation
1672128686203657
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=mKC0Cw==, md5=sI7X22RtWZbPwwvomhFIPw==
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
X-HW
1680362387.dop069.mi1.t,1680362387.cds043.mi1.shn,1680362387.dop069.mi1.t,1680362387.cds062.mi1.c
x-goog-stored-content-length
32246
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-M00.jpg
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-M00.jpg?aktaexp=1680365985&aktasgn=499da1342a5fce88382779821a625616
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
c6d6d80775f3ca3b97e7575686993987b6052b955c26dc68b9603b80b718466b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycdtJegC5uJWoBd7U-WUzojhmMsbpDZRNdME0-VM4xYKf10gTyv_MLyXpdcXgmZTG7OZqiVaiEIrKxS-0dgPt7ev6Y7EMov4u
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
143410
Last-Modified
Mon, 28 Mar 2022 13:48:35 GMT
Server
UploadServer
ETag
"900962ab4718c46dc0e7a7bfcff33d52"
x-goog-generation
1648475315352435
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=3ZAZlQ==, md5=kAliq0cYxG3A56e/z/M9Ug==
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
X-HW
1680362387.dop059.mi1.t,1680362387.cds211.mi1.shn,1680362387.dop059.mi1.t,1680362387.cds064.mi1.c
x-goog-stored-content-length
143410
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-M01.jpg
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-M01.jpg?aktaexp=1680365985&aktasgn=8bbdfc8acd13797f46694d86630f6bb1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
cd3b28b3c6af1631d0726c1de76edefee501508e22b306866435811d16727deb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycdvoSrBS6xYyr-3MApg3Fmc6kleIrGrSwxBiImJIavs-adjRQoIrc9nFv8okDQ5lDD7fqBTAJvpobNuWeK9fVaYjxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
10993
Last-Modified
Mon, 28 Mar 2022 13:48:35 GMT
Server
UploadServer
ETag
"3d64ab49c3f83208456067387d68bdb0"
x-goog-generation
1648475315393310
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=ufN+zg==, md5=PWSrScP4MghFYGc4fWi9sA==
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
X-HW
1680362387.dop069.mi1.t,1680362387.cds043.mi1.shn,1680362387.dop069.mi1.t,1680362387.cds209.mi1.c
x-goog-stored-content-length
10993
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-hi.bif
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-hi.bif?aktaexp=1680365985&aktasgn=13f0b6f615aa8e0c215e9e95dbf4a308
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycdt7wVTX090AXCa-cxb29nQFeJQ2Xdf4kc6xMTdlA_mi_th0IjHIkQc-VBMUiTdDTqFNdt-s12E5rp9yYyQKnbN3QQ
x-goog-storage-class
COLDLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
9623478
Last-Modified
Tue, 27 Dec 2022 08:11:27 GMT
Server
UploadServer
ETag
"16178e20db8efb51c83cbfbb98dbe174"
X-HW
1680362387.dop219.mi1.t,1680362387.cds234.mi1.shn,1680362387.dop219.mi1.t,1680362387.cds248.mi1.s,1680362387.dop230.da2.r,1680362387.cds225.da2.c,1680362387.cds248.mi1.p
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
x-goog-generation
1672128687005744
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
x-goog-hash
crc32c=rIgksA==, md5=FheOINuO+1HIPL+7mNvhdA==
x-goog-stored-content-length
9623478
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-med.bif
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-med.bif?aktaexp=1680365985&aktasgn=b05bd57d39603410215c051518646d36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycdspS-kx5qLyVbEOVzr2nt6NMODsCMlmMZ-ZzjC8Wd2Hp7GhDBux17aFXETZtJBFW_9AYZ9Gy53gsLWhh31uE-rlsHeTijzg
x-goog-storage-class
COLDLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
2995819
Last-Modified
Tue, 27 Dec 2022 08:11:27 GMT
Server
UploadServer
ETag
"68df30f44b98c0a0c32bc90319806afd"
X-HW
1680362387.dop069.mi1.t,1680362387.cds043.mi1.shn,1680362387.dop069.mi1.t,1680362387.cds250.mi1.s,1680362387.dop220.da2.r,1680362387.cds260.da2.c,1680362387.cds250.mi1.p
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
x-goog-generation
1672128687197740
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
x-goog-hash
crc32c=3N3EPQ==, md5=aN8w9EuYwKDDK8kDGYBq/Q==
x-goog-stored-content-length
2995819
Accept-Ranges
bytes
F240E0396D46373039B390F3E785D964_pvw-lo.bif
h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/ Frame 99DA 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h104216-kcdn.mp.lura.live/1/20001/pvw_lin/F24/0E0/F240E0396D46373039B390F3E785D964_pvw-lo.bif?aktaexp=1680365985&aktasgn=7d270fff6a0f5cfc57ddaf191d4b27d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w3.mp.lura.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 15:19:47 GMT
X-GUploader-UploadID
ADPycdv_6jnEIFXNwk89bOiZnHQP0JUhvIwgEFVm0ZA5H2OvqMoOS03iDxyTVBIAnLcYiEfTmgYUPCQ6oBqXMS1LG5taQiJnrCec
x-goog-storage-class
COLDLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
890697
Last-Modified
Tue, 27 Dec 2022 08:11:27 GMT
Server
UploadServer
ETag
"d451c29c44372c317d9b58326c074580"
X-HW
1680362387.dop211.mi1.t,1680362387.cds217.mi1.shn,1680362387.dop211.mi1.t,1680362387.cds218.mi1.s,1680362387.dop027.da2.r,1680362387.cds135.da2.c,1680362387.cds218.mi1.p
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
x-goog-generation
1672128687374240
Access-Control-Expose-Headers
Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
Cache-Control
max-age=3600,public
x-goog-hash
crc32c=TwXw2g==, md5=1FHCnEQ3LDF9m1gybAdFgA==
x-goog-stored-content-length
890697
Accept-Ranges
bytes
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 64C5 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:200:2:42d9:3100:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://w3.mp.lura.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2288
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 01 Apr 2023 14:41:40 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Mon, 06 Mar 2023 15:04:32 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-amz-cf-id
_rnXk0AbWeuiCcz0IKdkYX8rDS8oOcfzueUDumm9_DTL07-ArAUcVQ==
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
pCLLua5E4AFHuJJjIqZDaJ41VDBdB8bB
x-cache
Hit from cloudfront
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 64C5 		44 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PD7DDA91A-0758-4DCE-AF4C-E199DFB65518&sessionId=9tvmnmpmk7nnwucliikxtxzm2j0zb1680362387&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.648&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.232.34 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 15:19:47 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
9tvmnmpmk7nnwucliikxtxzm2j0zb1680362387.nuid.imrworldwide.com/ Frame 64C5 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9tvmnmpmk7nnwucliikxtxzm2j0zb1680362387.nuid.imrworldwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:ea00:1d:667e:2a40:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 22:34:52 GMT
via
1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
60296
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
HuroFt-p0zDaYp4LrgA57uDHw-fecOzHhxo1dQ4m6qR6u28INwXmYw==

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| doc function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth undefined| $ function| jQuery object| cssua object| fusionJSVars object| fusion object| fusionLightboxVideoVars object| fusionEqualHeightVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| fusionInitTooltips undefined| prevCallback object| fusionTimeout function| registerYoutubePlayers function| onPlayerReady function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| ytVidId function| insertParam function| fusionYouTubeTimeout function| onYouTubeIframeAPIReady function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| fusionAnimationsVars function| fusionSetAnimationData object| fusionMenuVars function| fusionNavClickExpandBtn function| fusionNavClickExpandSubmenuBtn function| fusionNavMobilePosition function| fusionNavSubmenuDirection function| fusionNavSearchOverlay function| fusionNavCloseFlyoutSub function| fusionNavAltArrowsClass function| fusionNavRunAll function| fusionAdjustNavMobilePosition object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider object| fusionCountersBox object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| moveSideHeaderStylingDivs function| fusionSideHeaderScroll function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| checkHoverTouchState object| fusionVideoVars object| Modernizr object| browserPrefixes object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances function| onYouTubePlayerAPIReady function| YTReady object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| lazySizes object| awbOffCanvas object| awbAnimationObservers object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl object| tti string| responsiveTypeElements number| lastYPosition boolean| scrollDisabled number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| fusionVimeoPlayers

2 Cookies

Domain/Path Name / Value
.nemsed.com/ Name: _tccl_visitor
Value: 8e37efab-ffeb-534c-a2a3-0f0848e287d0
.nemsed.com/ Name: _tccl_visit
Value: 8e37efab-ffeb-534c-a2a3-0f0848e287d0

1 Console Messages

Source Level URL
Text
other warning URL: https://nemsed.com/(Line 90)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8jb67b.a2cdn1.secureserver.net
9tvmnmpmk7nnwucliikxtxzm2j0zb1680362387.nuid.imrworldwide.com
access.mp.lura.live
cdn-gl.imrworldwide.com
cdn.segment.com
dcs-vod.mp.lura.live
events.api.secureserver.net
h104216-kcdn.mp.lura.live
i.ytimg.com
imasdk.googleapis.com
img1.wsimg.com
img6.wsimg.com
m104216-ucdn.mp.lura.live
nemsed.com
s0.2mdn.net
secure-dcr.imrworldwide.com
secure-us.imrworldwide.com
segment.psg.nexstardigital.net
tkx.mp.lura.live
w3.mp.lura.live
www.google-analytics.com
13.225.223.151
151.101.66.133
162.159.135.45
198.71.233.112
23.44.237.219
2600:1400:d::1721:ee62
2600:1901:0:2954::
2600:1901:0:7abc::
2600:1901:0:cb53::
2600:9000:210b:200:2:42d9:3100:93a1
2600:9000:24f0:ea00:1d:667e:2a40:93a1
2607:f8b0:4006:809::200a
2607:f8b0:4006:80f::2016
2607:f8b0:4006:81d::200e
2607:f8b0:4006:820::2006
34.117.216.134
35.190.23.39
54.156.232.34
69.16.175.10
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
12c441b6f8485c2df02500becba1540538e275efade6665df441a3cbb65cb795
1804940bab9497accd774bf71ed5777ac803859c10efc54e312c4457fc616427
24cf73e9c5307845bce383105f0ecf2f0bec7316517bbf986fbff5227c50294b
2a2950830dd45881c784a4a8e6ee4c38ff9dafb9cb831a551224ae096ad6aebb
3dd3f9f6c6fb24816e23864a76aa3e52103730816a536e8fae82e264196a2f4f
542a9ac139a2ba1d6cc9f33080fe1322c315ebae25a8326324a4c616d466793c
544177671a86cf2da5e68537eb75921733ea5430872895843bdf9d290a6a567c
546164bb39002066b4dd5963d16fe6eead15ca2a42fe62707c27565749e30486
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5bd9d2261cddb158e75392491f2e862ecd383d27f23acd9362613aa458f04896
5dabdeccfd24c8d7d96e12dd4f32115cd4f53bfbb6c808ad57910271e4005526
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ef2a35003283f4e78dde3a71d04f8d1e86dcbb75e2f9edb3012229724eef0df
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
66e51aee42cd347f6c17ef34249fe39954ef0faa3f9dbf234bdaec9a7c764850
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
71111465c15a7fb991a78f7f412f36274d84f585ddb217feb1ba9e984b5ab2c3
7167750d856a2cba70b8e55673c1475343c36b3b915e8b2e2b668970e6c3f9ff
71ad03a3c3012dfbad3145bbd00df1a602b260c38a2798633360f23fc5fcdfc6
72b18f05410d8e85acfc7f1e91d62ddc60ce0b53726b3d5a7efb8332dbd91298
789c6f081d2f9e3e635192bb087967e078b7f9952e8214c4e747f7ecc51680f7
819b997635c3dc2f291a9653ccfaeae8fe1bac3c1351e061c93d1cea499b4468
8ad56c78d1428429941c35bc320c01d044f662e0bb43a7582c6025de77765314
8d5427495d4b1044c94ae63384feeabc82f8614c307bd8389c31a02bf1950690
993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4
a139618572b9c9b5e7e0d75d62f81c0d6aa6202f72db242ed62b860e805027db
a58e3a7f70f9ff30b74124150cfdd6ecf164baffe00eea93cb1c3f26f5d058b9
ad9d64a3e02e7e7340425d10147df69a1ad7373723855ff50b2adbeb343a7623
ae4857907a69ae04120126bb548273e2f34e61f7991633985e124602883ebc0e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c3fd502e5c5fb61dfc8ebf150b5e116a39bac906b27d8b903ffcb0bacc1490b6
c6400cbfed9a573b55a0c5cc4654df170cb4249146ce375ab3602b44b4b438e1
c6d6d80775f3ca3b97e7575686993987b6052b955c26dc68b9603b80b718466b
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd3b28b3c6af1631d0726c1de76edefee501508e22b306866435811d16727deb
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e51aafe10587f4cf667e8e0d014a140c8fdcecdfe8ceae5bf46b6e763726ae
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
d4d9c15ccb4f0c0ff91df052f4429aa65c3a6095eb9854a8a196db0b16bb83b0
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
df28047245cbb76431ca4c9a697dba3daf89cf4184e7634a0971ed6858d9640f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b84b9958ff2371ccc716826bddddc37e344d8e77d0dabbe43b833ca1abe3cc
ea98f7592e7900a3e8afa5bf009ec067da8ac51a6fe28facb77687c23dfe216a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
efc71f44727d69723beb33ce9819c97b30cb50233a10bf347f13d6510db87e44
fb4bcb2b518dee77366120aa3f970e7075bac4b890008828d057e650e9b775f2
fbf2a71112179e1cd9c646ed6a7f0397171ec6bb0831b0ac465423288aa34cf8
fcbb0a6bc275d69c281c0f174ff76928e5ea3e15c9ff945cba114ae7e502930b