URL: https://usnewson.com/
Submission: On March 23 via api from IE — Scanned from DE

Summary

This website contacted 34 IPs in 8 countries across 25 domains to perform 82 HTTP transactions. The main IP is 81.28.12.12, located in Amsterdam, Netherlands and belongs to GCORE, LU. The main domain is usnewson.com. The Cisco Umbrella rank of the primary domain is 325876.
TLS certificate: Issued by R3 on February 11th 2023. Valid for: 3 months.
This is the only time usnewson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 81.28.12.12 199524 (GCORE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 162.19.58.158 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
7 2606:4700:1::... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:212... 16509 (AMAZON-02)
3 65.9.90.93 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 104.19.135.80 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.184.198 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.158.254.171 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 142.132.140.7 24940 (HETZNER-AS)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 104.19.137.80 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.35.236.201 16625 (AKAMAI-AS)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.1.11 44788 (ASN-CRITE...)
1 54.229.20.73 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
82 34
Apex Domain
Subdomains
Transfer
9 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12794
118 KB
8 steepto.com
cdn.steepto.com — Cisco Umbrella Rank: 226983
s-img.steepto.com — Cisco Umbrella Rank: 138713
cm.steepto.com — Cisco Umbrella Rank: 109735
59 KB
8 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 2751
test.cmp.quantcast.com — Cisco Umbrella Rank: 10333
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12076
203 KB
7 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9082
c.mgid.com — Cisco Umbrella Rank: 6456
servicer.mgid.com — Cisco Umbrella Rank: 9125
76 KB
7 usnewson.com
usnewson.com — Cisco Umbrella Rank: 325876
53 KB
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 70
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 166
185 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
region1.google-analytics.com — Cisco Umbrella Rank: 2368
21 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 392
mug.criteo.com — Cisco Umbrella Rank: 2797
1 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 808
api.btloader.com — Cisco Umbrella Rank: 902
14 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
58 KB
3 fuseplatform.net
cdn.fuseplatform.net — Cisco Umbrella Rank: 18134
130 KB
2 pardus.cloud
dsp.pardus.cloud
pardus.cloud
16 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 892
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
142 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
57 KB
1 gstatic.com
csi.gstatic.com
225 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1547
316 B
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 475
59 KB
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 924
17 KB
1 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 13023
804 KB
1 trafficbfd.com
dsp.trafficbfd.com — Cisco Umbrella Rank: 983875
427 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
349 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6058
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
82 25
Domain Requested by
9 i.ibb.co usnewson.com
7 usnewson.com usnewson.com
6 cmp.quantcast.com cdn.fuseplatform.net
cmp.quantcast.com
4 s-img.steepto.com
4 c.mgid.com jsc.mgid.com
usnewson.com
4 securepubads.g.doubleclick.net cdn.fuseplatform.net
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com cdn.fuseplatform.net
c.amazon-adsystem.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
usnewson.com
3 cdn.fuseplatform.net usnewson.com
cdn.fuseplatform.net
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 cm.steepto.com jsc.mgid.com
2 api.btloader.com btloader.com
2 ad-delivery.net usnewson.com
2 cdn.steepto.com usnewson.com
2 region1.google-analytics.com www.googletagmanager.com
2 jsc.mgid.com usnewson.com
jsc.mgid.com
2 www.googletagmanager.com usnewson.com
www.googletagmanager.com
2 cdnjs.cloudflare.com usnewson.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 id.crwdcntrl.net ads.pubmatic.com
1 ads.pubmatic.com jsc.mgid.com
1 cdn.id5-sync.com jsc.mgid.com
1 cl.imghosts.com
1 pardus.cloud
1 dsp.pardus.cloud 1 redirects
1 dsp.trafficbfd.com
1 servicer.mgid.com jsc.mgid.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 pagead2.googlesyndication.com
1 test.cmp.quantcast.com cmp.quantcast.com
1 ad.doubleclick.net usnewson.com
1 btloader.com cdn.fuseplatform.net
1 cdn.jsdelivr.net cdn.fuseplatform.net
1 www.google.de usnewson.com
1 www.google.com usnewson.com
1 stats.g.doubleclick.net www.google-analytics.com
82 37

This site contains links to these domains. Also see Links.

Domain
steepto.com
clck.steepto.com
quantumai
ketoxplode
bitcoincode
erogenx
Subject Issuer Validity Valid
usnewson.com
R3
2023-02-11 -
2023-05-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
ibb.co
R3
2023-02-06 -
2023-05-07
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
cdn.fuseplatform.net
R3
2023-03-13 -
2023-06-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
www.google.de
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
cmp.quantcast.com
R3
2023-02-13 -
2023-05-14
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
api.btloader.com
GTS CA 1D4
2023-02-16 -
2023-05-17
3 months crt.sh
*.trafficbfd.com
E1
2023-03-03 -
2023-06-01
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://usnewson.com/
Frame ID: 2B5FC72E2D4899A449B8870EEE5CA4D8
Requests: 79 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1679562625148346804391
Frame ID: CB2538F3B6C9E58C48A285A8858379C0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

USNewsON - Watch USA TV Live Streaming FreeClose searchMoreNews TV Live StreamWatchTerms of ServiceNews TV Live StreamWatchSearchPlayPlayPlayPlayPlay

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

82
Requests

94 %
HTTPS

65 %
IPv6

25
Domains

37
Subdomains

34
IPs

8
Countries

2019 kB
Transfer

4893 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://dsp.pardus.cloud/uploads/media/21/21/8481.0.jpg HTTP 301
  • https://pardus.cloud/uploads/media/21/21/8481.0.jpg
Request Chain 75
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fusnewson.com%2F&domain=usnewson.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ysQeZnxaQlVzMlhJdFk3Y3FJUjhkTFhDVDFYKytjc0hQVHp0eVM0SE5jZmM3YzJCWGtJUWVaWFN5dnViY0w1aVhRS0U2ay9WYkpiT09HYnQ3ZDN2ek9nbTRHam53bTdUNXJRRnBXUUl6SjdvazdKOHVGSk9iVkhjZlhEQnJ4NEtJTW02SGF5Tm5ITkExWitiU1dXRTNQNDY4bzRUejhqcWRNUk5sc3JWdXZReis2d1l2V3lDcTVzY0FSQU1NR1dJUHduZFVDSG9ZYnFHNzNJOHd1K3k2MlB1NW8xVGxuY09rdmFOeEtvYi91QjBPeVBjPXw&cppv=2

82 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
usnewson.com/
72 KB
16 KB
Document
General
Full URL
https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
eff2aa6285d8939a9020e3b5ec122704439227eacd6c3cf7fe4f6c7b4a50e360

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache
STALE
cache-control
max-age=600
content-encoding
gzip
content-length
16090
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 09:10:23 GMT
etag
"2e1fd3fba6250efd66694e7b2e1db9066da9bc33b1414748965c10ce9b9248e3-gzip"
expires
Tue, 21 Mar 2023 03:28:58 UTC
last-modified
Sat, 18 Mar 2023 15:28:04 GMT
permissions-policy
interest-cohort=()
server
nginx
vary
Origin
x-cached-since
2023-03-23T08:40:07+00:00
x-id
fr5-up-gc28
x-nginx
nginx-be
material-components-web.min.css
cdnjs.cloudflare.com/ajax/libs/material-components-web/3.2.0/
262 KB
20 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-components-web/3.2.0/material-components-web.min.css
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e088adc4a664e237e868c3e2e200df03fcca5fe383c2818292f80776efe439
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6529017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19314
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-41743"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F89wlmpU74Ec13bQobMNlE6Ae%2F%2B%2BSAgVB%2FXh3V9Ot%2B1i2xi5j3fyxkWUXe%2FD50Y4saQ907SdyWH2GFGtfTwgufziTnRZ2aFvNlMGepgndqtMGHY0LIvznY9WoLal69khslMVVb9zajjNTF%2BO4yhiJ%2BY4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac58a7b9cb4046a-FRA
expires
Tue, 12 Mar 2024 09:10:23 GMT
USNewsON.svg
usnewson.com/assets/images/
1 KB
2 KB
Image
General
Full URL
https://usnewson.com/assets/images/USNewsON.svg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6d49daaadd59ab24e947a8786d41a1cd7d3d16f876a2ea1709cf1e72608d8dfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-id
fr5-up-gc53
date
Thu, 23 Mar 2023 09:10:23 GMT
x-cached-since
2023-03-23T09:00:41+00:00
x-nginx
nginx-be
content-length
1395
last-modified
Sat, 18 Mar 2023 15:28:02 GMT
server
nginx
etag
"2e1fd3fba6250efd66694e7b2e1db9066da9bc33b1414748965c10ce9b9248e3"
vary
Origin
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Sat, 18 Mar 2023 16:05:16 UTC
trump-claims-he-will-be-arrested-call-for-protests.jpg
i.ibb.co/QNCrN42/
18 KB
18 KB
Image
General
Full URL
https://i.ibb.co/QNCrN42/trump-claims-he-will-be-arrested-call-for-protests.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
9a3c664c7e45751bc0eaf7d49096f76bb4671e5e96ff3a9c115ee6b142cd5775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Sat, 18 Mar 2023 15:14:40 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
18424
expires
Thu, 31 Dec 2037 23:55:55 GMT
trump-kicks-off-2024-presidential-campaign.jpg
i.ibb.co/TRYDnCK/
22 KB
23 KB
Image
General
Full URL
https://i.ibb.co/TRYDnCK/trump-kicks-off-2024-presidential-campaign.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
706e3893379d6d84ec54d0d15cefca7113f2b22a31fe36bfa7345be2de867c54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Sun, 29 Jan 2023 09:45:54 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
22882
expires
Thu, 31 Dec 2037 23:55:55 GMT
mccarthy-to-lose-fourth-house-speaker-vote.jpg
i.ibb.co/jJR7WT2/
12 KB
12 KB
Image
General
Full URL
https://i.ibb.co/jJR7WT2/mccarthy-to-lose-fourth-house-speaker-vote.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
7dcc7e482f358b41c055a2a4edcc9776b4819622595264792f9b28d1bbc838ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Wed, 04 Jan 2023 18:18:14 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
12071
expires
Thu, 31 Dec 2037 23:55:55 GMT
donald-trump-announces-2024-presidential-run.jpg
i.ibb.co/b1bKhGy/
10 KB
10 KB
Image
General
Full URL
https://i.ibb.co/b1bKhGy/donald-trump-announces-2024-presidential-run.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
586935a8a91b4e419d44df7a7c52851bc7e8eb1cc04357d5dd11babbdd9bee02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Wed, 16 Nov 2022 02:27:06 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
9969
expires
Thu, 31 Dec 2037 23:55:55 GMT
biden-trump-headline-dueling-rallies-in-final-midterms-election-push.jpg
i.ibb.co/0YXsDNd/
18 KB
18 KB
Image
General
Full URL
https://i.ibb.co/0YXsDNd/biden-trump-headline-dueling-rallies-in-final-midterms-election-push.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
dedf39c86f33bcac956135cb0362249cc180b1e08836f606132106c0b5dec676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Sun, 06 Nov 2022 15:09:22 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
18093
expires
Thu, 31 Dec 2037 23:55:55 GMT
trumps-twitter-account-to-be-restored-after-elon-musk-takeover.jpg
i.ibb.co/k1SVrsJ/
7 KB
8 KB
Image
General
Full URL
https://i.ibb.co/k1SVrsJ/trumps-twitter-account-to-be-restored-after-elon-musk-takeover.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
8e354ae6c33bcc7b55fe59c07ac05a0fc128a0556f9485858b84e344ec24b271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Fri, 28 Oct 2022 13:27:42 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7486
expires
Thu, 31 Dec 2037 23:55:55 GMT
trump-tells-jews-to-get-their-act-together.jpg
i.ibb.co/RcrLPSL/
11 KB
12 KB
Image
General
Full URL
https://i.ibb.co/RcrLPSL/trump-tells-jews-to-get-their-act-together.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
aca8f8a0b12ffc76422efc49fe4fa814c0a35e28a64049df70024fe94f9bb47d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Mon, 17 Oct 2022 06:52:08 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
11736
expires
Thu, 31 Dec 2037 23:55:55 GMT
donald-trump-says-mitch-mcconnell.jpg
i.ibb.co/6HH82h7/
9 KB
9 KB
Image
General
Full URL
https://i.ibb.co/6HH82h7/donald-trump-says-mitch-mcconnell.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
679fb29bfc45cbfd545415c2d717b6a79ed1fcd47329062a94ebec32a48be7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Sat, 01 Oct 2022 14:54:02 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8773
expires
Thu, 31 Dec 2037 23:55:55 GMT
new-york-ag-sues-trump-and-his-family-for-business-fraud.jpg
i.ibb.co/xgr2RS6/
9 KB
9 KB
Image
General
Full URL
https://i.ibb.co/xgr2RS6/new-york-ag-sues-trump-and-his-family-for-business-fraud.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
8fed4e1f0a0aace7abdfe156e08a208c04c799810c70ac250cee2870333e1e84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
last-modified
Wed, 21 Sep 2022 16:49:31 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
9395
expires
Thu, 31 Dec 2037 23:55:55 GMT
og-fox-news.jpg
usnewson.com/assets/images/
9 KB
9 KB
Image
General
Full URL
https://usnewson.com/assets/images/og-fox-news.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ddaea112d8f5150920897f24b8e46d964d6bf682abaf04e5cc5bfc1ade1a964b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-id
fr5-up-gc55
date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
x-cached-since
2023-03-23T09:00:41+00:00
x-nginx
nginx-be
content-length
8725
last-modified
Sat, 18 Mar 2023 15:28:02 GMT
server
nginx
etag
"2e1fd3fba6250efd66694e7b2e1db9066da9bc33b1414748965c10ce9b9248e3-gzip"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Thu, 23 Mar 2023 00:42:30 UTC
og-msnbc.jpg
usnewson.com/assets/images/
5 KB
5 KB
Image
General
Full URL
https://usnewson.com/assets/images/og-msnbc.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f4701d4450183452168f0d796509d773f0defe8efef1b46ff3e9484a78bf2f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
x-cached-since
2023-03-23T09:00:41+00:00
x-nginx
nginx-be
content-length
5022
last-modified
Sat, 18 Mar 2023 15:28:02 GMT
server
nginx
etag
"2e1fd3fba6250efd66694e7b2e1db9066da9bc33b1414748965c10ce9b9248e3-gzip"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Sat, 18 Mar 2023 15:51:49 UTC
og-cnn.jpg
usnewson.com/assets/images/
6 KB
6 KB
Image
General
Full URL
https://usnewson.com/assets/images/og-cnn.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4ec6c963e1d4752c3e15bcef35b975c4f790c504de69609177a2e041152b38fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
x-cached-since
2023-03-23T09:00:59+00:00
x-nginx
nginx-be
content-length
6044
last-modified
Sat, 18 Mar 2023 15:28:02 GMT
server
nginx
etag
"2e1fd3fba6250efd66694e7b2e1db9066da9bc33b1414748965c10ce9b9248e3-gzip"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Sat, 18 Mar 2023 15:45:15 UTC
og-oann.jpg
usnewson.com/assets/images/
9 KB
8 KB
Image
General
Full URL
https://usnewson.com/assets/images/og-oann.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9f626a74f609de91b2158e7839ed41f8b09fcf6c92afdf07a24c8d3626a28bf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-id
fr5-up-gc54
date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
x-cached-since
2023-03-23T09:00:41+00:00
x-nginx
nginx-be
content-length
8097
last-modified
Sat, 18 Mar 2023 15:28:02 GMT
server
nginx
etag
"2e1fd3fba6250efd66694e7b2e1db9066da9bc33b1414748965c10ce9b9248e3-gzip"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Sat, 18 Mar 2023 15:59:10 UTC
og-weather-channel.jpg
usnewson.com/assets/images/
8 KB
8 KB
Image
General
Full URL
https://usnewson.com/assets/images/og-weather-channel.jpg
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7c570eabe49bfd4e167dffefb1f4c1124e545b85c9b30198c9a055b1302f9a4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
x-cached-since
2023-03-23T08:40:07+00:00
x-nginx
nginx-be
content-length
8156
last-modified
Sat, 18 Mar 2023 15:28:02 GMT
server
nginx
etag
"2e1fd3fba6250efd66694e7b2e1db9066da9bc33b1414748965c10ce9b9248e3-gzip"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
cache
STALE
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Tue, 21 Mar 2023 21:55:16 UTC
material-components-web.min.js
cdnjs.cloudflare.com/ajax/libs/material-components-web/3.2.0/
292 KB
38 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-components-web/3.2.0/material-components-web.min.js
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7230d24632cae9f9a8575ee3e4e17ec586f3f8ae1242a7edd90546b67553beff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15330187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38419
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-48f48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYrY9GLIfCCWlnAumPdK%2F6nxSZTdXxuKZKz5Mzl9MB0ZkjmqRsiH3E%2Fs41HFpMoiQOGQLzrRXchRqM5SMGCvih9yuIqcUaKI%2BiMIn%2FalxxojXnnRmruem%2BJpyX6b%2FKM1QQn7b%2B7P2WbXSAMov2%2FUoZd7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac58a7b9cb5046a-FRA
expires
Tue, 12 Mar 2024 09:10:23 GMT
js
www.googletagmanager.com/gtag/
164 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-148072844-1
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a924222dd7b462bddb714cfd5caf19764f090a719fab03e69484c2bb30dfd693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
61405
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Mar 2023 09:10:23 GMT
fuse.js
cdn.fuseplatform.net/publift/tags/2/2885/
240 KB
56 KB
Script
General
Full URL
https://cdn.fuseplatform.net/publift/tags/2/2885/fuse.js
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fd8da1c146e33be677b3b94add5708250e6f0e3ad6c6968661d4d40327c6c219

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 16:20:28 GMT
server
AkamaiNetStorage
etag
"be827a8f0d8fb450a6f347b8aee2df00:1679415628.996884"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
57127
expires
Thu, 23 Mar 2023 09:40:23 GMT
usnewson.com.849723.js
jsc.mgid.com/u/s/
3 KB
2 KB
Script
General
Full URL
https://jsc.mgid.com/u/s/usnewson.com.849723.js
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a39e4ee5bd7fab010c33c27302113abc03adc2ce756e8f3bbfc6dad9c087c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
x-amz-version-id
Vk2hs6UqlEpG70KrFHlWhC7Oy8X8WYLn
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
0KSD488BHWB70MD1
cf-polished
origSize=2653
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
d2QQ1IOiSYmn/AovBDOs4qC3ISq2tTyVCqdlJVm7WJJXqUVm1b+pbL4eToNbuDItVKnaInLphuI=
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 11:59:04 GMT
server
cloudflare
etag
W/"aff73c516d14a3015d580ba4fe07e90d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7ac58a7c396f0410-FRA
expires
Thu, 23 Mar 2023 12:10:23 GMT
js
www.googletagmanager.com/gtag/
242 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X1YMW7PXDN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148072844-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80927669258cdb6aa81ff4addc15d3728f6808232d9f4065f0f05f371aefaaba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83644
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Mar 2023 09:10:23 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148072844-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 08:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3912
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Mar 2023 10:05:11 GMT
collect
region1.google-analytics.com/g/
0
243 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X1YMW7PXDN&gtm=45je33k0&_p=1194291935&cid=898311015.1679562624&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679562623&sct=1&seg=0&dl=https%3A%2F%2Fusnewson.com%2F&dt=USNewsON%20-%20Watch%20USA%20TV%20Live%20Streaming%20Free&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X1YMW7PXDN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://usnewson.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
143 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1194291935&t=pageview&_s=1&dl=https%3A%2F%2Fusnewson.com%2F&ul=en-us&de=UTF-8&dt=USNewsON%20-%20Watch%20USA%20TV%20Live%20Streaming%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=112880023&gjid=1542846127&cid=898311015.1679562624&tid=UA-148072844-1&_gid=72320969.1679562624&_r=1&gtm=457e33k0&z=12496755
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://usnewson.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://usnewson.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1194291935&t=pageview&_s=2&dl=https%3A%2F%2Fusnewson.com%2F&ul=en-us&de=UTF-8&dt=USNewsON%20-%20Watch%20USA%20TV%20Live%20Streaming%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=898311015.1679562624&tid=UA-148072844-1&_gid=72320969.1679562624&gtm=457e33k0&z=432529728
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54312
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
usnewson.com.849723.es6.js
jsc.mgid.com/u/s/
260 KB
70 KB
Script
General
Full URL
https://jsc.mgid.com/u/s/usnewson.com.849723.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/s/usnewson.com.849723.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ada237edd824c642620e722db439ce709237e7623f832d77a0c0122827da4b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
x-amz-version-id
H4ShB6vvTHPmJKQWJqHsAxCwoC7kJhAQ
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
FZ6GPQBF8DBA9F5A
cf-polished
origSize=266518
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
R1ITONPUzjAs3BOhqleMOOwq0KtxC9L5bdLC9EJQmgZA3n2TVpB/OpcUFQndC8DDS479H6IQmwk=
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 11:59:04 GMT
server
cloudflare
etag
W/"043e5880ddbde95571f634f7f1049293"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7ac58a7d9b340410-FRA
expires
Thu, 23 Mar 2023 12:10:23 GMT
collect
stats.g.doubleclick.net/j/
4 B
347 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-148072844-1&cid=898311015.1679562624&jid=112880023&gjid=1542846127&_gid=72320969.1679562624&_u=YADAAUAAAAAAACAAI~&z=1030973888
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://usnewson.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Mar 2023 09:10:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://usnewson.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-148072844-1&cid=898311015.1679562624&jid=112880023&_u=YADAAUAAAAAAACAAI~&z=1480129149
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-148072844-1&cid=898311015.1679562624&jid=112880023&_u=YADAAUAAAAAAACAAI~&z=1480129149
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
choice.js
cmp.quantcast.com/choice/PRrmquD1Ggcb1/usnewson.com/
10 KB
4 KB
XHR
General
Full URL
https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/usnewson.com/choice.js?tag_version=V2
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2885/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ecc896f089d3bf79eedaa258544afb531a25a07e1d0f2faebb993e30922ce98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:24 GMT
content-encoding
br
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 17 Aug 2022 06:40:14 GMT
server
AmazonS3
etag
W/"c8f35cc7b95242d8fabe5337a028ced8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://usnewson.com
cache-control
max-age=3600
access-control-allow-credentials
true
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id
y-YVGDhAm1J7a_s5A3RSLi_i5sgNtVQtnqxu6n0Pnx7xCnjdPHkFAA==
prebid-b49ae35822b18f4c0e4bea8e32aeebba.js
cdn.fuseplatform.net/prebid/
239 KB
74 KB
Script
General
Full URL
https://cdn.fuseplatform.net/prebid/prebid-b49ae35822b18f4c0e4bea8e32aeebba.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2885/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6085e25042bfecc8d7ff3c47a7486dc89e3208fb75c730744da21de1dde8ab60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 16:20:28 GMT
server
AkamaiNetStorage
etag
"bdf93ef0610b031976661d1cadc2b302:1679415628.876398"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400000
accept-ranges
bytes
content-length
75378
expires
Wed, 17 Dec 2025 09:10:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/
224 KB
55 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2885/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 08:22:52 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 19:29:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
2851
x-amz-server-side-encryption
AES256
etag
W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
7nlZEynBmon2FCF83pdTrP4GsXJj_bKqszQEiLsEmnKCcDVbqgAMXg==
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2885/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d5c8d34e214ecc74d2d7d083f9658fa0c3be9a452f25e2d6342d128989a059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27470
x-xss-protection
0
server
sffe
etag
"1519 / 861 of 1000 / last-modified: 1679560941"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Mar 2023 09:10:23 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
275 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1679562623861&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=46aecc27-2d2a-56bd-8430-cb52f5c18695&fid=2885&pubid=8&url=https%3A%2F%2Fusnewson.com%2F&sid=262315867397b9cddced&srate=100&adserver=gpt&etm=712&e=fuse-load
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2885/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://usnewson.com
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 23 Mar 2023 09:40:23 GMT
d9ac14a7-66b0-4d43-9e55-02c4dc16dfe2
https://usnewson.com/
0
0
Other
General
Full URL
blob:https://usnewson.com/d9ac14a7-66b0-4d43-9e55-02c4dc16dfe2
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
3449e013-4cf5-4324-b6ae-cc217747adea
https://usnewson.com/
250 B
0
Other
General
Full URL
blob:https://usnewson.com/3449e013-4cf5-4324-b6ae-cc217747adea
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
c.mgid.com/pv/
0
43 B
Script
General
Full URL
https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1679562623911468842626&uniqId=06c46&childs=1103836&lct=1679443200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fusnewson.com%2F&lu=https%3A%2F%2Fusnewson.com%2F&sessionId=641c1780-010b2&pageView=1&pvid=1870dbbcba79a612453&site=554294&implVersion=11&dpr=1&tfre=473
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/s/usnewson.com.849723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ac58a7f8df90410-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
bbf9ea8d-55a9-4889-89eb-f8030ab6f2c4
https://usnewson.com/
1 KB
0
Media
General
Full URL
blob:https://usnewson.com/bbf9ea8d-55a9-4889-89eb-f8030ab6f2c4
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
https://usnewson.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/
3 KB
3 KB
Image
General
Full URL
https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
KXDA1EWW29N4T6H1
age
748
content-length
2745
x-amz-id-2
YUNiqFCZ27P1AKLXnixUXUTjklrKTx6npp3yh9mQMSwBle1/bgJS/1RtOZtVHr0kf7eF5LYfTzk=
last-modified
Mon, 04 May 2020 12:16:55 GMT
server
cloudflare
etag
"7e16c555b09abddb8088e5bfca7a1cde"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7ac58a7fe8e83624-FRA
expires
Thu, 23 Mar 2023 13:10:23 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230323
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-b49ae35822b18f4c0e4bea8e32aeebba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f15b248094422f252d5b490dc4bd3a367901f3d8c889584b36cfbf4f31d513f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://usnewson.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 09:10:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18576
x-jsd-version
1.0.1654
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-bma1672-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"63e-tspIEr5gWeUCH+LekRvjFVv9G08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WR0ebGl6Wqg5s%2Fdt2ibcgHUwvMcaZV107nsvYrTOMvly8d7DfZ22kT%2B54pacgLnC0eXV6o0UwMdA34dylVoAobz3yJnnG43%2FKeHx4eNsx6XokIYbJBawyr9zfcrE92KhgLFMohhitRw%2BsSa1o4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ac58a801ba59b7c-FRA
widget-ssp-performance
c.mgid.com/
43 B
203 B
Image
General
Full URL
https://c.mgid.com/widget-ssp-performance?time=46
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ac58a7fc824917d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/gif
pubads_impl_2023032001.js
securepubads.g.doubleclick.net/gpt/
396 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 06:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136699
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Mar 2024 06:43:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
703 B
342 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=usnewson.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e53caacf5897deb87075499ff8030f7a96276011353bd1be5cceacedf2be4e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
x-xss-protection
0
expires
Thu, 23 Mar 2023 09:10:24 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
V2lSIFfe30G.NOL3Jg0JvcKQw0PMFHNY
content-encoding
gzip
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
date
Thu, 23 Mar 2023 00:41:24 GMT
x-amz-cf-pop
PRG50-C1
age
30541
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 21 Mar 2023 22:59:14 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
nDs7iIoGkWIkzcyoZzc5artW148eLjx0EwAk4CXoQV6K2pomC_4WcQ==
config
c.amazon-adsystem.com/cdn/prod/
0
308 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fusnewson.com&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:05:17 GMT
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
age
306
x-cache
Hit from cloudfront
access-control-allow-origin
https://usnewson.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
726-Vp-SuZji3uniznuuYDf0DeG33cMeN-0BLPOJFicPDVzx9rjkYw==
tag
btloader.com/
53 KB
14 KB
Script
General
Full URL
https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2885/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06151854fcd04eb012241937c67c90bb5c0ab1be01f3db8371233196f3ce5a78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 08:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2685
etag
W/"8010c56c330c460de0ca01829f1dd689"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlPMn63c8yEKWbOgx6fZRaI3TDK%2FTGEURt9zsiFT3K2896%2Bii7DdMJ0A5gX7zhY56%2Fj3dHAqpstY61G4n43EZRSTAZ%2Fh4h0HuY60rRObMXtyB7V9K4fMfbUp5GO%2FEDXNOs6%2F5qiTPfGQjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7ac58a80ba203624-FRA
rum.js
securepubads.g.doubleclick.net/pagead/js/
62 KB
23 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855dfbae42eb6ae7faaa629932dad117408a1dbc5d5639295cbddbe201fd7503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 08:12:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
3503
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23701
x-xss-protection
0
server
cafe
etag
7854693023074191513
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 09:12:01 GMT
choice.js
cmp.quantcast.com/choice/PRrmquD1Ggcb1/usnewson.com/
10 KB
4 KB
Script
General
Full URL
https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/usnewson.com/choice.js?tag_version=V2
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2885/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ecc896f089d3bf79eedaa258544afb531a25a07e1d0f2faebb993e30922ce98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
last-modified
Wed, 17 Aug 2022 06:40:14 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
etag
W/"c8f35cc7b95242d8fabe5337a028ced8"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
9ggxevn7Q9_Uhh01tby-feEF5tAtwIwXA2TqzBgyVnWSSlWNva8yvQ==
px.gif
ad-delivery.net/
43 B
942 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1425516
x-guploader-uploadid
ADPycdvTJCqgNW-7N7MLVVIBDsvmrwaAsXBPg6Ieu6WApXquzJ5Gq0ens8GEO7_LB59f7j-3Gy_fPNpCFKzZJHGKqQ1W7yszutcV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa61CTsEvcWIqLKYlRYXTtEgY6t9PUSjpK%2BlM2Ot7fCu7J%2BSiS8IVr3hMmQKMfcuf0hjFml9Heevk8pJ0euvl%2BD7PJbLN61wSD04ycs3Rye0LmAS8kmisHzu8Ekn14CdIyGSh5TmlvcBca7wgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ac58a814ad53a91-FRA
expires
Mon, 06 Mar 2023 21:26:43 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:11 GMT
px.gif
ad-delivery.net/
43 B
339 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9676583715282545
Requested by
Host: usnewson.com
URL: https://usnewson.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1425516
x-guploader-uploadid
ADPycdvTJCqgNW-7N7MLVVIBDsvmrwaAsXBPg6Ieu6WApXquzJ5Gq0ens8GEO7_LB59f7j-3Gy_fPNpCFKzZJHGKqQ1W7yszutcV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkZ8dRV3OYYoPcrVbLYqZX%2BjTXP9pW8%2FMl21rDhJHKoIRMaLvR58N6KrJBnIHkJfM8dm3vca7wtkA4YXt2kpFwN5LvfYQydXLu7bOGtTcmQbvuztva42LbACO9j119V15SBlmjTP8A6mU%2FzjJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ac58a814ad63a91-FRA
expires
Mon, 06 Mar 2023 21:26:43 GMT
country
api.btloader.com/
16 B
203 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:24 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=wxGF89yP0X&w=5110692168859648&o=5708166709903360&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fusnewson.com%2F&sid=o6ILlXY3lU&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 09:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
cmp2.js
cmp.quantcast.com/tcfv2/
178 KB
47 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=usnewson.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/usnewson.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:05:32 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
294
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 08 Feb 2023 17:32:57 GMT
server
AmazonS3
etag
W/"15d537792bfc5eb18136ef129a7ec0a5"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
h-ueSFAY6F8PhJMtWHYtEPsu7ZiAMjGsmdlbjtc785wWcZuTCbGyXw==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/
10 KB
3 KB
XHR
General
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=usnewson.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:bc00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
709217a175f0d9b049be1cc3c9980b3e2b2e0417b0d939bc26224a18aad6de97

Request headers

Accept
application/json, text/plain, */*
Referer
https://usnewson.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:00:36 GMT
x-amz-version-id
rrDKdPiC6DTUsB4O5Q5BpNF7km7hHe63
content-encoding
br
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
22189
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 15 Mar 2023 19:52:29 GMT
server
AmazonS3
etag
W/"4958fc924e291de6e8d94c7f49ababfa"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
SrDd6za1M1Yy5F4acWioE5XBlRqDvbOe-iyg2jrKZrTuTdjn26yDsA==
gen_204
pagead2.googlesyndication.com/pagead/
0
349 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=usnewson.com&doc=complete&pg_h=2178&pg_w=1600&pg_hs=2178&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp2ui-en.js
cmp.quantcast.com/tcfv2/46/
248 KB
60 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/46/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=usnewson.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b15c094a683c050f4de3a028a8d461c800b7b8af0159eccfb27bbfb36563982c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:12:47 GMT
content-encoding
br
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
75458
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 08 Feb 2023 17:32:24 GMT
server
AmazonS3
etag
W/"56cdb8d3d5e2ab2d10d42277297ff84e"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
OWtK0MT-CXEEUEk5JoYU-r-jtAnfIHgt9gH3IyYpBQLxC8enuEYBbw==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/
351 KB
47 KB
XHR
General
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=usnewson.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d35d2a87e773b061f6a87a13c5b4cd9048f401283450ee91498fe0a6a79e33c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:00:36 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
22188
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 23 Mar 2023 03:00:33 GMT
server
AmazonS3
etag
W/"24324af6fe7f3d98a140e7b8629afd47"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
ibMhkzA3gkxbZGZQxjAVVkLrA_jxu2PWdmMYwqOQDpSqVFLM2QLjng==
google-atp-list.json
cmp.quantcast.com/tcfv2/
151 KB
37 KB
XHR
General
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=usnewson.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept
application/json, text/plain, */*
Referer
https://usnewson.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:00:29 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
22196
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 23 Mar 2023 03:00:26 GMT
server
AmazonS3
etag
W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
6AxDSbIVcf4MaR_9LQTbhHXwf6CV4QYmoElIcVDFHftnfxSe21f1dQ==
/
audit-tcfv2.cmp.quantcast.com/
2 B
101 B
XHR
General
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22usnewson.com%22%2C%22publisher%22%3A%22USNewsON%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.46%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22xogY0zGSS2ohhQk9QR9tvg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1679562624773%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-jii6b51b2hdvt9yo8v6a%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/46/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.254.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-254-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://usnewson.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 09:10:24 GMT
content-length
2
content-type
text/plain; charset=utf-8
1
servicer.mgid.com/849723/
7 KB
3 KB
Script
General
Full URL
https://servicer.mgid.com/849723/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1679562624977341367114&uniqId=06c46&childs=1103836&lct=1679443200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=368&h=674&maxw_3=180&maxh_3=199&sz=180x199&szp=1,2,3,4,5,6&szl=1,2;3,4;5,6&cols=2&tcfV2=1&ref=&cxurl=https%3A%2F%2Fusnewson.com%2F&lu=https%3A%2F%2Fusnewson.com%2F&sessionId=641c1780-010b2&pageView=1&pvid=1870dbbcba79a612453&implVersion=11&dpr=1&tfre=1539
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/s/usnewson.com.849723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81406a4b22ccafda757324c3d9d97fcf8eadb3506954cdfb0cf4ef5510ac66cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7ac58a863fd60410-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
img_tracking
dsp.trafficbfd.com/dsp/
0
427 B
Image
General
Full URL
https://dsp.trafficbfd.com/dsp/img_tracking?ad_id=17924&bid_id=641c178142564b5a45674630657a536d&camp_id=790&camp_tz=180&cat=0&country=DEU&currency=USD&m_ap=%24%7BAUCTION_PRICE%7D&m_apn=%24%7BAUCTION_PLACE_NUMBER%7D&obid=&page=https%3A%2F%2Fusnewson.com%2F&price=0.10&req_id=8beb86a5-c95a-11ed-a42d-e43d1a2a96ea&res_id=acdfb6f8-5846-482c-b218-38bb68621265&sign=dfbb4d43f9e94d48fa35a7ddd7f26e62af28b553&site_or_app_id=usnewson.com&ssp_id=5&tag=849723&user_id=0&event=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a2f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCjLyVYp84HbEsM%2Bop7JdCEcZrGS%2BxigxpIT4IU7VsmVLUwGg%2B%2BROhJhTyVDkqdKDpkokgyKgBadOjY975BouZ7fgphXDtGPGAzNphD6SNa9RztTBebkfvw7t3%2FIdLhw2ICpauP1XUvWvmbiMcgXbHM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ac58a876fa55b26-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
widget-ssp-performance
c.mgid.com/
43 B
167 B
Image
General
Full URL
https://c.mgid.com/widget-ssp-performance?time=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ac58a8718d4917d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/gif
steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/
3 KB
3 KB
Image
General
Full URL
https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
KXDA1EWW29N4T6H1
age
750
content-length
2745
x-amz-id-2
YUNiqFCZ27P1AKLXnixUXUTjklrKTx6npp3yh9mQMSwBle1/bgJS/1RtOZtVHr0kf7eF5LYfTzk=
last-modified
Mon, 04 May 2020 12:16:55 GMT
server
cloudflare
etag
"7e16c555b09abddb8088e5bfca7a1cde"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7ac58a871cc03624-FRA
expires
Thu, 23 Mar 2023 13:10:25 GMT
8481.0.jpg
pardus.cloud/uploads/media/21/21/
Redirect Chain
  • https://dsp.pardus.cloud/uploads/media/21/21/8481.0.jpg
  • https://pardus.cloud/uploads/media/21/21/8481.0.jpg
15 KB
16 KB
Image
General
Full URL
https://pardus.cloud/uploads/media/21/21/8481.0.jpg
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81af2788a30ba5dcff59b0f89f2cf75aa40054d96e4384cfd2a43617e89baaea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Feb 2023 11:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
897
etag
"63e4d4ea-3d20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDvvrTM9mWFVCsLHv2qSzZL3zn5oi5hpDjsMf2F6ICUujByr56I8VtXzrK%2F22HeJeAW7IbzeRA14cQyoQkwesrrc%2BquHzapJSZ47M6PPPr5KOqSBjL1oxF1cyDY3pDMFvz5CsKJV1Pfw7VA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
7ac58a87f91e39d9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15648

Redirect headers

Location
https://pardus.cloud/uploads/media/21/21/8481.0.jpg
Date
Thu, 23 Mar 2023 09:10:25 GMT
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
170
Content-Type
text/html
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81NDk4OTUvMGI4N...
s-img.steepto.com/g/15694570/492x277/-/
14 KB
14 KB
Image
General
Full URL
https://s-img.steepto.com/g/15694570/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81NDk4OTUvMGI4NGE0YjkzNmY3MmMzZTQ1N2MyZWI1ZThkNzE2Y2UuanBn.webp?v=1679562625-1TNS59OfviRt5vxm-bEh7osyr4iyYKrmvc_Gj0ALbbM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990cf81db20fa7157451e2b6d0f77833a93273cb36fe14da270b2eb7e36a720f

Request headers

Referer
https://usnewson.com/
Origin
https://usnewson.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Mar 2023 16:57:57 GMT
x-mg-request-uuid
b4e7c47e-925c-4790-9282-edf15fd98636
server
cloudflare
age
68443
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7ac58a876d276993-FRA
content-length
13986
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODcxNjIvMjNlY...
s-img.steepto.com/g/15650159/492x277/-/
15 KB
15 KB
Image
General
Full URL
https://s-img.steepto.com/g/15650159/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODcxNjIvMjNlYzg0ZWYxMjM3NDgxMTZmMDIxYmMwNjA1NzEzNGQuanBn.webp?v=1679562625-Jco-eJyrUpi-ZtGk4krGhU1yKOQV0UM3Jy53PpQPoxQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de96d7c90417b556442b440c64d4829327a8d4796a8d5de9a60fa5e16e19929

Request headers

Referer
https://usnewson.com/
Origin
https://usnewson.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Mar 2023 11:35:22 GMT
x-mg-request-uuid
39709935-dd95-4bc4-9c0d-667529ee4f34
server
cloudflare
age
250204
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7ac58a876d286993-FRA
content-length
14958
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy80MzkwMjkvM2I2N...
s-img.steepto.com/g/15661840/492x277/-/
19 KB
20 KB
Image
General
Full URL
https://s-img.steepto.com/g/15661840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy80MzkwMjkvM2I2Nzc1NzEzNDU2ZTQ5NjA2ZDA4NWI1OTUyZTBjZjEucG5n.webp?v=1679562625-ShDaoAOYBk-Bid7PtrFCwPVJdnlhxKqo7SDJlQivYpI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ecd5bd5e32b79599479869d1f15dffbff60c257411b0805516dad331c33c97

Request headers

Referer
https://usnewson.com/
Origin
https://usnewson.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
MISS
last-modified
Mon, 20 Mar 2023 08:11:00 GMT
x-mg-request-uuid
cbf1263b-fd83-48db-b668-bf1eacbf7955
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7ac58a876d296993-FRA
content-length
19846
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81MzA0NTMvMzJlM...
s-img.steepto.com/g/15659576/492x277/-/
5 KB
5 KB
Image
General
Full URL
https://s-img.steepto.com/g/15659576/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81MzA0NTMvMzJlMWUxY2E5OGNjOTE3MmU4MTQxNTY1ZGFjNjUwNWEuanBlZw.webp?v=1679562625-T0hjOP2U0PbK0R3hSzFNKDEtV2rH89cR-i_gy5KSlfc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4aebe296ff8415b2179b645b5d49503898a81dac49c76f9f1573c6db2233594

Request headers

Referer
https://usnewson.com/
Origin
https://usnewson.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2023 18:53:37 GMT
x-mg-request-uuid
4a06d54e-0f1f-4dae-8d00-f17668667ddb
server
cloudflare
age
34371
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7ac58a877d2b6993-FRA
content-length
5366
b85726d869beb6fb194a3419f3ea95fe.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/604941/
803 KB
804 KB
Media
General
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/604941/b85726d869beb6fb194a3419f3ea95fe.mp4?v=1679562625-uws3TBIoMbhtO1h37w5T8ZQ-mA58fc13GTTuDM5mxCM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a78783a0778aba86d928bfb1a6669b05da378d8a709761d00a937afabd368775
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://usnewson.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
428257
Content-Range
bytes 0-822291/822292
server-timing
fastly;dur=124;cpu=0;start=2023-03-18T10:12:48.745Z;desc=miss,rtt;dur=0,cloudinary;dur=120;start=2023-03-18T10:12:48.747Z
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
822292
last-modified
Mon, 13 Mar 2023 14:52:18 GMT
server
cloudflare
etag
"756ed12093631e53e4ff49ff221f5a22"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
cf-ray
7ac58a87781a5c32-FRA
i.js
cm.steepto.com/
0
39 B
Script
General
Full URL
https://cm.steepto.com/i.js?&cbuster=1679562625143664988196
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/s/usnewson.com.849723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Mar 2023 09:10:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
7ac58a873d0e3624-FRA
content-length
0
i-noref.js
cm.steepto.com/ Frame CB25
0
134 B
Script
General
Full URL
https://cm.steepto.com/i-noref.js?cbuster=1679562625148346804391
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/s/usnewson.com.849723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:25 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Mar 2023 09:10:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
7ac58a873d113624-FRA
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/s/usnewson.com.849723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
6NND2HHRKMSS3679
age
2861
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ac58a87889c3a6c-FRA
x-amz-id-2
tce8G18M7O5Q52rVqeOqv52Dsa7S3Zh6zBcokJB5a9KXma6omeNSSNXJAGjbiRsnj0QVsy41ZRg=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/
190 KB
59 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/s/usnewson.com.849723.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:25 GMT
content-encoding
gzip
last-modified
Wed, 22 Feb 2023 07:52:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32107
accept-ranges
bytes
content-length
60066
expires
Thu, 23 Mar 2023 18:05:32 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fusnewson.com%2F&domain=usnewson.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://usnewson.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://usnewson.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Mar 2023 09:10:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
678636
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fusnewson.com%2F&domain=usnewson.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ysQeZnxaQlVzMlhJdFk3Y3FJUjhkTFhDVDFYKytjc0hQVHp0eVM0SE5jZmM3YzJCWGtJUWVaWFN5dnViY0w1aVhRS0U2ay9WYkpiT09HYnQ3ZDN2ek9nbTRHam53bTdUNXJRRnBXUUl6SjdvazdKOHVGSk9iVkhjZlhEQn...
360 B
650 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=ysQeZnxaQlVzMlhJdFk3Y3FJUjhkTFhDVDFYKytjc0hQVHp0eVM0SE5jZmM3YzJCWGtJUWVaWFN5dnViY0w1aVhRS0U2ay9WYkpiT09HYnQ3ZDN2ek9nbTRHam53bTdUNXJRRnBXUUl6SjdvazdKOHVGSk9iVkhjZlhEQnJ4NEtJTW02SGF5Tm5ITkExWitiU1dXRTNQNDY4bzRUejhqcWRNUk5sc3JWdXZReis2d1l2V3lDcTVzY0FSQU1NR1dJUHduZFVDSG9ZYnFHNzNJOHd1K3k2MlB1NW8xVGxuY09rdmFOeEtvYi91QjBPeVBjPXw&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9ca4b33c015df1f317514e0031b273535f1608a2d4f16dc816af06878b7b522f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1039058
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=ysQeZnxaQlVzMlhJdFk3Y3FJUjhkTFhDVDFYKytjc0hQVHp0eVM0SE5jZmM3YzJCWGtJUWVaWFN5dnViY0w1aVhRS0U2ay9WYkpiT09HYnQ3ZDN2ek9nbTRHam53bTdUNXJRRnBXUUl6SjdvazdKOHVGSk9iVkhjZlhEQnJ4NEtJTW02SGF5Tm5ITkExWitiU1dXRTNQNDY4bzRUejhqcWRNUk5sc3JWdXZReis2d1l2V3lDcTVzY0FSQU1NR1dJUHduZFVDSG9ZYnFHNzNJOHd1K3k2MlB1NW8xVGxuY09rdmFOeEtvYi91QjBPeVBjPXw&cppv=2
access-control-allow-origin
https://usnewson.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
739419
content-length
0
expires
0
id
id.crwdcntrl.net/
43 B
316 B
XHR
General
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.20.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-20-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://usnewson.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://usnewson.com
cache-control
no-cache
x-server
10.45.14.177
access-control-allow-credentials
true
content-length
43
expires
0
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=ysQeZnxaQlVzMlhJdFk3Y3FJUjhkTFhDVDFYKytjc0hQVHp0eVM0SE5jZmM3YzJCWGtJUWVaWFN5dnViY0w1aVhRS0U2ay9WYkpiT09HYnQ3ZDN2ek9nbTRHam53bTdUNXJRRnBXUUl6SjdvazdKOHVGSk9iVkhjZlhEQnJ4NEtJTW02SGF5Tm5ITkExWitiU1dXRTNQNDY4bzRUejhqcWRNUk5sc3JWdXZReis2d1l2V3lDcTVzY0FSQU1NR1dJUHduZFVDSG9ZYnFHNzNJOHd1K3k2MlB1NW8xVGxuY09rdmFOeEtvYi91QjBPeVBjPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Mar 2023 09:10:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
292760
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
csi
csi.gstatic.com/
0
225 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lfkw7yvt&c=4464741409598440&e=31073290%2C31061691%2C31061693&ctx=1&met.9=1.mv~2.oz~13.pj&met.3=947.p4~5.p4~947.p4~14.p4~947.p4~9.p4~947.p5~6.p5~947.p5~86.p5~947.p5~86.p5~947.p5~86.p5~947.p5~86.p5~947.p5~86.p5~947.p5~1.p5~947.p5~1.p5~947.p5~1.p5~947.p5~1.p5~947.p5~1.p5~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~947.p6~1.p6~91.p6~73.p7_2~947.p9~43.p9~91.p9~95.p9_1~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~947.pa~1.pa~598.pa~947.pa~11.pa_1~947.pb~1.pb~947.pb~1.pb~77.p4_7~724.pd~724.pd~725.pe~894.pl~894.pl~112.q4_2~74.15n~947.15n~43.15n~95.15n~76.15n_1~74.15o~947.15o~43.15o~95.15o~76.15o~74.15p~947.15p~43.15p~95.15p~76.15p~724.15p~724.15p~724.15p~94.15s~947.15v~573.15v~598.15v~598.15v~598.15v~598.15v~113.15u_2&met.7=CBsQCMABkaL8mQc~CBsQByBcOFHAAfyytbkB~CBsQBiBcOCnAAa-C46EP~CBsQBiBcOMUBwAG5j4yODg~CBsQBiBcONMBwAGRn-W9BQ~CBsQBiBcOK8BwAH0zN_6Cg~CBsQBiBcONwBwAHB8P6zAw~CBsQBiBcOOgBwAHS17yyAg~CBsQBiBcON4BwAGZrsDjAw~CBsQBiBdOOoBwAHw647SDA~CBsQBiBdOC_AAcTwmbkB~CBsQBiBdODPAAb6vnqQN~CBsQBiBdONYBwAGkq57fCA~CBsQBiBdOOsBwAGc8KrHDQ~CBsQBiBdOC_AAeP_xe8M~CBsQBiBdODTAAaDzjPsG~CBsQBiBdOP0BwAGik_XxBA~CBsQCiBdOFrAAdfksEc~CBsQChgBIF0oXTDtATiQAcABjNXY6wQ~CBsQCiC8ATjjA8ABjcO9xQE~CBsQCiDAATiKAsABps7c6g0~CBsQChgBILECKLECMIADOE_AAYzV2OsE~CBsQCiCzAjhQwAHZ67DzCg~CBsQDSCxAzgowAGAkfKHCA~CBsQBiCzAzgTwAGG7L72DA~CBsQCiDLAzjjAcAB3uaZvQs~CCgQDRgBINsDKNsDMKoEOE_AAeKygLkD~CBsQBhgBIKsEKKsEMP8EOFRArARIswRQswRY3wRgxQRo3wRw_gR41gKAASqIASqwAQG4AQPAAf_m6MwL~CBsQBhgBIKsEKKsEMPkEOE5ArARIrQRQrQRY2gRgvwRo2gRw-AR41gKAASqIASqwAQG4AQPAAf23jOYB~CBsQDSCwBTjnAcAB_ZL8xwM~CBsQCiDHBThHwAGI0cvWCA~CBsQCiDHBTh7wAGH0_WlDQ~CDsQChgBIMcFKMcFMLAGOGlAyAVI1AVQ1AVYgQZg5wVoggZwngZ4-tgBgAHO1gGIAYXwBLABAbgBA8AB4s3qlgk~CBsQCiD8BTguwAGDopSgBg~CBsQBiCIBjhPwAGAw8iXBQ~CBsQDSCnBjhSwAHjqP_QBA~CBsQBiCrBjgmwAGK7ID3Cw~CA4QChgBILgGKLgGMO4GODZouAZwywZ4p64IgAH7qwiIAfLhGLABAbgBA8ABwKTVqgw~CDwQDRgBILkGKLkGMJcHOF5QugZY4AZgugZo4AZwlgd46QSAAb0CiAG_BbABAbgBA8AB6NSvzQk~CBsQDSDRBjgrwAHc16HUDA~CCgQChgBIJEHKJEHMKkHOBhokQdwpAd4wbsBgAGVuQGIAeDxA7ABAbgBA8ABm-H6cA~CBsQDSDOBjh0wAGDwojKCw~CBsQCiCPBzhQwAH9-5jkBQ~CBsQBiDlBzhKwAHa-rM3~CBsQBhgBIOUHKOUHMLQIOE_AAd6F_4YN~CBsQBiDlBzhQwAHa-rM3~CBsQDSC4CDiyAcAB0bKOkgU~CBsQCiCaBzj4A8AB_ZL8xwM~CBsQCiCTCzg1wAGQsJusDw~CBsQCDjgC8ABkaL8mQc~CBsQDSDYCzhFwAGQlsHADg~CBwQBhgBIOULKOULMMcMOGJA5QtI5QtQ5QtYkgxg9wtokgxwxgx4rAKwAQG4AQPAAZSE4rUO~CBsQCiCeDDgmwAHH2YEn~CBsQDSCiDDgzwAHFpJnHCw~CBsQDSCjDDg9wAGmy42aAw~CBsQDSDmDDhEwAGZoYGMAQ~CBsQCiClDjiOAcAB7b_oqAU~CBsQBiC2DzglwAGK7ID3Cw~CBsQBiC-DzgiwAGAw8iXBQ~CBsQBiC1DzhWwAGlv7KYCg~CBsQBiC-DzhNwAGb8bm9BQ~CBsQBiC-DzhQwAH95fjVAQ~CBsQBiC-DzhfwAG1wIXODQ~CBsQCiDQDzhQwAGkt6rDDw~CBsQCiDQDzhzwAHjgoSRAQ~CBsQBiC-DzimAcAB0IPW3QE~CBsgwA84pgHAAZfj7V0~CBsQCiDJDzimAsAB45vL7gg~CBsQBiC-Dzi7AsABj7abqg4~CBsQDSCMETiFAcAB5onp3wg&met.1=1.lfkw7y5p~6.0~7.2~8.l~9.l~10.1p~11.12~12.1p~13.2f~14.81~15.2i~16.84~17.89~18.89~19.15m~20.15q~21.15s~22.5a~23.5a&met.10=1_3.IOILEAAIABiAmHUoAA~1_8.IOILEAAIABiAmHUoAA~1_5.IOILEAAIABiAmHUoAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:820::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.mgid.com/
43 B
213 B
Image
General
Full URL
https://c.mgid.com/c?f=1&pv=3&v=180|198|8|6ng3bsSzFrG_Zg4vuawn2E_sSWMqCXHjd6wXIsIys53U3GA1c3fI1I9_MmkpVwz5y5y815FgnAoO-udQ7w7elQ**&fw=1&extjs=66044&v=180|198|24|6ng3bsSzFrG_Zg4vuawn2NDgd--qyAs7ZjXD_x4Emc2rOCcvg70oaUhH52ZvdUXmiPYGwovqgvKWhJWZWFxdKg**&v=180|215|24|6ng3bsSzFrG_Zg4vuawn2NlfsZ6r5TQG9qIivT08Uzna47xvopptOedsAHVoqoga_aPer16kxyVWwJiEB8bvxA**&v=180|198|24|6ng3bsSzFrG_Zg4vuawn2DsHZUu8k-DenIOlU32ZPerJOq-wexSS435VQe7338uV-whxqgvHvXge-Tho2EYXnQ**&v=180|215|8|6ng3bsSzFrG_Zg4vuawn2KjXa32t43k6doRRiIN3WkNR8Lyow1rbFSbmN7PxqPx9upTqOUI9XTDwo2ppTS-sww**&v=180|198|8|6ng3bsSzFrG_Zg4vuawn2JIeZdM-FVLYhwfk4get4knFliJE2_NAJmfpuLsgyOxu_20LY35Qxt6-0YSmRoDEfQ**&cid=849723&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*&rid=8beb86a5-c95a-11ed-a42d-e43d1a2a96ea&tt=Direct&iv=11&pageImp=1&pvid=1870dbbcba79a612453&cbuster=1679562626503167574521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:10:26 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
6e46d51a-e766-41ae-bb6d-ce0c4373a58c
server
cloudflare
content-type
image/gif
cf-ray
7ac58a8fbb66917d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X1YMW7PXDN&gtm=45je33k0&_p=1194291935&cid=898311015.1679562624&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1679562623&sct=1&seg=1&dl=https%3A%2F%2Fusnewson.com%2F&dt=USNewsON%20-%20Watch%20USA%20TV%20Live%20Streaming%20Free&en=page_view&_ee=1&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X1YMW7PXDN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usnewson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 09:10:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://usnewson.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| gtag object| dataLayer object| mdc function| setupJW function| selectPll object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| fusePbjs object| fusetag function| __tcfapi object| apstag object| googletag object| _mgIntExchangeNews object| MarketGidInfC849723 boolean| mg_loaded_554294_849723 object| _mgUserPages object| onClickExcludes function| mgReject849723 function| mgLoadAds849723_06c46 function| MarketGidCReject849723 function| MarketGidLoadGoods849723_06c46 function| mgReject1103836 function| mgLoadAds1103836_06c46 function| MarketGidCReject1103836 function| MarketGidLoadGoods1103836_06c46 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint554294 string| _mgCanonicalUri object| _mgPageView554294 string| _mgPvid object| fusePbjsChunk object| _pbjsGlobals object| pbjs object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| _aps object| apscustom boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_rum_config number| google_srt object| _google_rum_ns_ object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| __bt_already_invoked object| regeneratorRuntime function| __tcfapiui function| __uspapi undefined| google_rum_values object| google_image_requests string| _mgUniqueHash849723_06c46 boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT function| setImmediate function| clearImmediate object| ID5 object| ihowpbjsChunk object| ihowpbjs object| IHPWT object| _mgwcapping object| _mgPageImp554294

9 Cookies

Domain/Path Name / Value
.usnewson.com/ Name: _ga_X1YMW7PXDN
Value: GS1.1.1679562623.1.1.1679562623.0.0.0
.usnewson.com/ Name: _ga
Value: GA1.2.898311015.1679562624
.usnewson.com/ Name: _gid
Value: GA1.2.72320969.1679562624
.usnewson.com/ Name: _gat_gtag_UA_148072844_1
Value: 1
.mgid.com/ Name: __cf_bm
Value: 2sf8aPJy3OEcyrchZeNw5U_9s_QFbYGBa8qssIuKJw8-1679562623-0-AQAbpUG0uRjikPjn6xkWuUvh8kIFpypdWghy6gp8ODR5Q822iR3hYp3btRuhLvKubRdN2p68fkX0uO/LVC5Awlg=
usnewson.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C849723%22%3A%7B%22page%22%3A1%2C%22time%22%3A1679562625130%7D%7D
usnewson.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.usnewson.com/ Name: cto_bundle
Value: 8j5iml9UaldySThIendXTHllOGQyWWw4cmltZ3RJZFZvSTZ1Tkc0WHBtWTVEeEVPMHk4NlpKZWNzcVk5bjY3RnZXSjJtdXZMTHhsT0klMkZoaGhiSThHMzZoJTJGR0o5MVRxOEpua3RFUDVDRW40bWFMRmQxSHJ5QjlJT05tVUpRazRnVGpyaiUyQg
.usnewson.com/ Name: cto_bidid
Value: a55n0F9KNFlYeSUyQmljV3hheU1JWmglMkJkOUtjS1l3R2RuT3BiUURBNTdablhDUWttdVJ5YzRnSzNlTVB1OWduTnFvazFwSCUyRnl4VzkycUJjYjdkS1VjQTluRGp6ZyUzRCUzRA

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
audit-tcfv2.cmp.quantcast.com
btloader.com
c.amazon-adsystem.com
c.mgid.com
cdn.fuseplatform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.steepto.com
cdnjs.cloudflare.com
cl.imghosts.com
cm.steepto.com
cmp.quantcast.com
csi.gstatic.com
dsp.pardus.cloud
dsp.trafficbfd.com
gum.criteo.com
i.ibb.co
id.crwdcntrl.net
jsc.mgid.com
mug.criteo.com
pagead2.googlesyndication.com
pardus.cloud
region1.google-analytics.com
s-img.steepto.com
securepubads.g.doubleclick.net
servicer.mgid.com
stats.g.doubleclick.net
test.cmp.quantcast.com
usnewson.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.19.135.80
104.19.137.80
130.211.23.194
142.132.140.7
142.250.184.198
162.19.58.158
178.250.1.11
18.158.254.171
2001:4860:4802:32::36
23.35.236.201
2404:6800:4005:820::2003
2600:9000:2127:3e00:9:46dc:4700:93a1
2600:9000:225e:bc00:3:a4cd:8380:93a1
2606:4700:10::6816:3456
2606:4700:1::6813:854e
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:3031::ac43:a2f7
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:d2d
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:400c:c00::9a
2a02:2638::1c
2a02:26f0:480:e::210:f10f
2a06:98c1:3120::3
54.229.20.73
65.9.90.93
81.28.12.12
01a39e4ee5bd7fab010c33c27302113abc03adc2ce756e8f3bbfc6dad9c087c4
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06151854fcd04eb012241937c67c90bb5c0ab1be01f3db8371233196f3ce5a78
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0de96d7c90417b556442b440c64d4829327a8d4796a8d5de9a60fa5e16e19929
0ecc896f089d3bf79eedaa258544afb531a25a07e1d0f2faebb993e30922ce98
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
30ecd5bd5e32b79599479869d1f15dffbff60c257411b0805516dad331c33c97
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
3f15b248094422f252d5b490dc4bd3a367901f3d8c889584b36cfbf4f31d513f
4ec6c963e1d4752c3e15bcef35b975c4f790c504de69609177a2e041152b38fa
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
586935a8a91b4e419d44df7a7c52851bc7e8eb1cc04357d5dd11babbdd9bee02
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a
6085e25042bfecc8d7ff3c47a7486dc89e3208fb75c730744da21de1dde8ab60
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
679fb29bfc45cbfd545415c2d717b6a79ed1fcd47329062a94ebec32a48be7d8
6d49daaadd59ab24e947a8786d41a1cd7d3d16f876a2ea1709cf1e72608d8dfc
706e3893379d6d84ec54d0d15cefca7113f2b22a31fe36bfa7345be2de867c54
709217a175f0d9b049be1cc3c9980b3e2b2e0417b0d939bc26224a18aad6de97
7230d24632cae9f9a8575ee3e4e17ec586f3f8ae1242a7edd90546b67553beff
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
7c570eabe49bfd4e167dffefb1f4c1124e545b85c9b30198c9a055b1302f9a4e
7dcc7e482f358b41c055a2a4edcc9776b4819622595264792f9b28d1bbc838ae
80927669258cdb6aa81ff4addc15d3728f6808232d9f4065f0f05f371aefaaba
81406a4b22ccafda757324c3d9d97fcf8eadb3506954cdfb0cf4ef5510ac66cc
81af2788a30ba5dcff59b0f89f2cf75aa40054d96e4384cfd2a43617e89baaea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855dfbae42eb6ae7faaa629932dad117408a1dbc5d5639295cbddbe201fd7503
8e354ae6c33bcc7b55fe59c07ac05a0fc128a0556f9485858b84e344ec24b271
8fed4e1f0a0aace7abdfe156e08a208c04c799810c70ac250cee2870333e1e84
990cf81db20fa7157451e2b6d0f77833a93273cb36fe14da270b2eb7e36a720f
99e088adc4a664e237e868c3e2e200df03fcca5fe383c2818292f80776efe439
9a3c664c7e45751bc0eaf7d49096f76bb4671e5e96ff3a9c115ee6b142cd5775
9ada237edd824c642620e722db439ce709237e7623f832d77a0c0122827da4b6
9ca4b33c015df1f317514e0031b273535f1608a2d4f16dc816af06878b7b522f
9d35d2a87e773b061f6a87a13c5b4cd9048f401283450ee91498fe0a6a79e33c
9f626a74f609de91b2158e7839ed41f8b09fcf6c92afdf07a24c8d3626a28bf6
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
a4aebe296ff8415b2179b645b5d49503898a81dac49c76f9f1573c6db2233594
a78783a0778aba86d928bfb1a6669b05da378d8a709761d00a937afabd368775
a7d5c8d34e214ecc74d2d7d083f9658fa0c3be9a452f25e2d6342d128989a059
a924222dd7b462bddb714cfd5caf19764f090a719fab03e69484c2bb30dfd693
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aca8f8a0b12ffc76422efc49fe4fa814c0a35e28a64049df70024fe94f9bb47d
b15c094a683c050f4de3a028a8d461c800b7b8af0159eccfb27bbfb36563982c
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
ddaea112d8f5150920897f24b8e46d964d6bf682abaf04e5cc5bfc1ade1a964b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dedf39c86f33bcac956135cb0362249cc180b1e08836f606132106c0b5dec676
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53caacf5897deb87075499ff8030f7a96276011353bd1be5cceacedf2be4e82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff2aa6285d8939a9020e3b5ec122704439227eacd6c3cf7fe4f6c7b4a50e360
f4701d4450183452168f0d796509d773f0defe8efef1b46ff3e9484a78bf2f8e
fd8da1c146e33be677b3b94add5708250e6f0e3ad6c6968661d4d40327c6c219