usnewson.com
Open in
urlscan Pro
81.28.12.12
Public Scan
Submission: On March 23 via api from IE — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 11th 2023. Valid for: 3 months.
This is the only time usnewson.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
cdn.fuseplatform.net |
ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com | |
c.mgid.com | |
servicer.mgid.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net
c.amazon-adsystem.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com |
ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-254-171.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.7.140.132.142.clients.your-server.de
dsp.pardus.cloud |
ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-20-73.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 12794 |
118 KB |
8 |
steepto.com
cdn.steepto.com — Cisco Umbrella Rank: 226983 s-img.steepto.com — Cisco Umbrella Rank: 138713 cm.steepto.com — Cisco Umbrella Rank: 109735 |
59 KB |
8 |
quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 2751 test.cmp.quantcast.com — Cisco Umbrella Rank: 10333 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12076 |
203 KB |
7 |
mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9082 c.mgid.com — Cisco Umbrella Rank: 6456 servicer.mgid.com — Cisco Umbrella Rank: 9125 |
76 KB |
7 |
usnewson.com
usnewson.com — Cisco Umbrella Rank: 325876 |
53 KB |
6 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 70 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 ad.doubleclick.net — Cisco Umbrella Rank: 166 |
185 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2368 |
21 KB |
4 |
criteo.com
1 redirects
gum.criteo.com — Cisco Umbrella Rank: 392 mug.criteo.com — Cisco Umbrella Rank: 2797 |
1 KB |
3 |
btloader.com
btloader.com — Cisco Umbrella Rank: 808 api.btloader.com — Cisco Umbrella Rank: 902 |
14 KB |
3 |
amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296 |
58 KB |
3 |
fuseplatform.net
cdn.fuseplatform.net — Cisco Umbrella Rank: 18134 |
130 KB |
2 |
pardus.cloud
1 redirects
dsp.pardus.cloud pardus.cloud |
16 KB |
2 |
ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 892 |
1 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
142 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194 |
57 KB |
1 |
gstatic.com
csi.gstatic.com |
225 B |
1 |
crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1547 |
316 B |
1 |
pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 475 |
59 KB |
1 |
id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 924 |
17 KB |
1 |
imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 13023 |
804 KB |
1 |
trafficbfd.com
dsp.trafficbfd.com — Cisco Umbrella Rank: 983875 |
427 B |
1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 |
349 B |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334 |
2 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6058 |
408 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
408 B |
82 | 25 |
Domain | Requested by | |
---|---|---|
9 | i.ibb.co |
usnewson.com
|
7 | usnewson.com |
usnewson.com
|
6 | cmp.quantcast.com |
cdn.fuseplatform.net
cmp.quantcast.com |
4 | s-img.steepto.com | |
4 | c.mgid.com |
jsc.mgid.com
usnewson.com |
4 | securepubads.g.doubleclick.net |
cdn.fuseplatform.net
securepubads.g.doubleclick.net |
3 | c.amazon-adsystem.com |
cdn.fuseplatform.net
c.amazon-adsystem.com |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com usnewson.com |
3 | cdn.fuseplatform.net |
usnewson.com
cdn.fuseplatform.net |
2 | mug.criteo.com | |
2 | gum.criteo.com | 1 redirects |
2 | cm.steepto.com |
jsc.mgid.com
|
2 | api.btloader.com |
btloader.com
|
2 | ad-delivery.net |
usnewson.com
|
2 | cdn.steepto.com |
usnewson.com
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | jsc.mgid.com |
usnewson.com
jsc.mgid.com |
2 | www.googletagmanager.com |
usnewson.com
www.googletagmanager.com |
2 | cdnjs.cloudflare.com |
usnewson.com
|
1 | csi.gstatic.com |
securepubads.g.doubleclick.net
|
1 | id.crwdcntrl.net |
ads.pubmatic.com
|
1 | ads.pubmatic.com |
jsc.mgid.com
|
1 | cdn.id5-sync.com |
jsc.mgid.com
|
1 | cl.imghosts.com | |
1 | pardus.cloud | |
1 | dsp.pardus.cloud | 1 redirects |
1 | dsp.trafficbfd.com | |
1 | servicer.mgid.com |
jsc.mgid.com
|
1 | audit-tcfv2.cmp.quantcast.com |
cmp.quantcast.com
|
1 | pagead2.googlesyndication.com | |
1 | test.cmp.quantcast.com |
cmp.quantcast.com
|
1 | ad.doubleclick.net |
usnewson.com
|
1 | btloader.com |
cdn.fuseplatform.net
|
1 | cdn.jsdelivr.net |
cdn.fuseplatform.net
|
1 | www.google.de |
usnewson.com
|
1 | www.google.com |
usnewson.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
82 | 37 |
This site contains links to these domains. Also see Links.
Domain |
---|
steepto.com |
clck.steepto.com |
quantumai |
ketoxplode |
bitcoincode |
erogenx |
Subject Issuer | Validity | Valid | |
---|---|---|---|
usnewson.com R3 |
2023-02-11 - 2023-05-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
ibb.co R3 |
2023-02-06 - 2023-05-07 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
cdn.fuseplatform.net R3 |
2023-03-13 - 2023-06-11 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
cmp.quantcast.com R3 |
2023-02-13 - 2023-05-14 |
3 months | crt.sh |
c.amazon-adsystem.com Amazon RSA 2048 M01 |
2023-02-28 - 2024-02-17 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
api.btloader.com GTS CA 1D4 |
2023-02-16 - 2023-05-17 |
3 months | crt.sh |
*.trafficbfd.com E1 |
2023-03-03 - 2023-06-01 |
3 months | crt.sh |
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-25 - 2024-01-24 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-09 - 2023-06-03 |
3 months | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2022-05-01 - 2023-06-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://usnewson.com/
Frame ID: 2B5FC72E2D4899A449B8870EEE5CA4D8
Requests: 79 HTTP requests in this frame
Frame:
https://cm.steepto.com/i-noref.js?cbuster=1679562625148346804391
Frame ID: CB2538F3B6C9E58C48A285A8858379C0
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
USNewsON - Watch USA TV Live Streaming FreeClose searchMoreNews TV Live StreamWatchTerms of ServiceNews TV Live StreamWatchSearchPlayPlayPlayPlayPlayDetected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 64- https://dsp.pardus.cloud/uploads/media/21/21/8481.0.jpg HTTP 301
- https://pardus.cloud/uploads/media/21/21/8481.0.jpg
- https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fusnewson.com%2F&domain=usnewson.com&cw=1&lsw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=ysQeZnxaQlVzMlhJdFk3Y3FJUjhkTFhDVDFYKytjc0hQVHp0eVM0SE5jZmM3YzJCWGtJUWVaWFN5dnViY0w1aVhRS0U2ay9WYkpiT09HYnQ3ZDN2ek9nbTRHam53bTdUNXJRRnBXUUl6SjdvazdKOHVGSk9iVkhjZlhEQnJ4NEtJTW02SGF5Tm5ITkExWitiU1dXRTNQNDY4bzRUejhqcWRNUk5sc3JWdXZReis2d1l2V3lDcTVzY0FSQU1NR1dJUHduZFVDSG9ZYnFHNzNJOHd1K3k2MlB1NW8xVGxuY09rdmFOeEtvYi91QjBPeVBjPXw&cppv=2
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
usnewson.com/ |
72 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-components-web.min.css
cdnjs.cloudflare.com/ajax/libs/material-components-web/3.2.0/ |
262 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
USNewsON.svg
usnewson.com/assets/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trump-claims-he-will-be-arrested-call-for-protests.jpg
i.ibb.co/QNCrN42/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trump-kicks-off-2024-presidential-campaign.jpg
i.ibb.co/TRYDnCK/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mccarthy-to-lose-fourth-house-speaker-vote.jpg
i.ibb.co/jJR7WT2/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
donald-trump-announces-2024-presidential-run.jpg
i.ibb.co/b1bKhGy/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
biden-trump-headline-dueling-rallies-in-final-midterms-election-push.jpg
i.ibb.co/0YXsDNd/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trumps-twitter-account-to-be-restored-after-elon-musk-takeover.jpg
i.ibb.co/k1SVrsJ/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trump-tells-jews-to-get-their-act-together.jpg
i.ibb.co/RcrLPSL/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
donald-trump-says-mitch-mcconnell.jpg
i.ibb.co/6HH82h7/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-york-ag-sues-trump-and-his-family-for-business-fraud.jpg
i.ibb.co/xgr2RS6/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
og-fox-news.jpg
usnewson.com/assets/images/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
og-msnbc.jpg
usnewson.com/assets/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
og-cnn.jpg
usnewson.com/assets/images/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
og-oann.jpg
usnewson.com/assets/images/ |
9 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
og-weather-channel.jpg
usnewson.com/assets/images/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-components-web.min.js
cdnjs.cloudflare.com/ajax/libs/material-components-web/3.2.0/ |
292 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
164 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fuse.js
cdn.fuseplatform.net/publift/tags/2/2885/ |
240 KB 56 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usnewson.com.849723.js
jsc.mgid.com/u/s/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
242 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 243 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 143 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usnewson.com.849723.es6.js
jsc.mgid.com/u/s/ |
260 KB 70 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 347 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
choice.js
cmp.quantcast.com/choice/PRrmquD1Ggcb1/usnewson.com/ |
10 KB 4 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid-b49ae35822b18f4c0e4bea8e32aeebba.js
cdn.fuseplatform.net/prebid/ |
239 KB 74 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
224 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
78 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noconsent
cdn.fuseplatform.net/telemetry/ |
1 B 275 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d9ac14a7-66b0-4d43-9e55-02c4dc16dfe2
https://usnewson.com/ |
0 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3449e013-4cf5-4324-b6ae-cc217747adea
https://usnewson.com/ |
250 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
c.mgid.com/pv/ |
0 43 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
bbf9ea8d-55a9-4889-89eb-f8030ab6f2c4
https://usnewson.com/ |
1 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
widget-ssp-performance
c.mgid.com/ |
43 B 203 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2023032001.js
securepubads.g.doubleclick.net/gpt/ |
396 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
703 B 342 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
0 308 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag
btloader.com/ |
53 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum.js
securepubads.g.doubleclick.net/pagead/js/ |
62 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
choice.js
cmp.quantcast.com/choice/PRrmquD1Ggcb1/usnewson.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
ad-delivery.net/ |
43 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
ad.doubleclick.net/ |
1 KB 571 B |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
ad-delivery.net/ |
43 B 339 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
country
api.btloader.com/ |
16 B 203 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pv
api.btloader.com/ |
0 66 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2.js
cmp.quantcast.com/tcfv2/ |
178 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ |
10 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 349 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2ui-en.js
cmp.quantcast.com/tcfv2/46/ |
248 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ |
351 KB 47 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-atp-list.json
cmp.quantcast.com/tcfv2/ |
151 KB 37 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audit-tcfv2.cmp.quantcast.com/ |
2 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
servicer.mgid.com/849723/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_tracking
dsp.trafficbfd.com/dsp/ |
0 427 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
widget-ssp-performance
c.mgid.com/ |
43 B 167 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8481.0.jpg
pardus.cloud/uploads/media/21/21/ Redirect Chain
|
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81NDk4OTUvMGI4N...
s-img.steepto.com/g/15694570/492x277/-/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODcxNjIvMjNlY...
s-img.steepto.com/g/15650159/492x277/-/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy80MzkwMjkvM2I2N...
s-img.steepto.com/g/15661840/492x277/-/ |
19 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81MzA0NTMvMzJlM...
s-img.steepto.com/g/15659576/492x277/-/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b85726d869beb6fb194a3419f3ea95fe.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/604941/ |
803 KB 804 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.js
cm.steepto.com/ |
0 39 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i-noref.js
cm.steepto.com/ Frame CB25 |
0 134 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id5-api.js
cdn.id5-sync.com/api/1.0/ |
58 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ |
190 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
json
gum.criteo.com/sid/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Redirect Chain
|
360 B 650 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
id.crwdcntrl.net/ |
43 B 316 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
sid
mug.criteo.com/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csi
csi.gstatic.com/ |
0 225 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c
c.mgid.com/ |
43 B 213 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
77 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless function| gtag object| dataLayer object| mdc function| setupJW function| selectPll object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| fusePbjs object| fusetag function| __tcfapi object| apstag object| googletag object| _mgIntExchangeNews object| MarketGidInfC849723 boolean| mg_loaded_554294_849723 object| _mgUserPages object| onClickExcludes function| mgReject849723 function| mgLoadAds849723_06c46 function| MarketGidCReject849723 function| MarketGidLoadGoods849723_06c46 function| mgReject1103836 function| mgLoadAds1103836_06c46 function| MarketGidCReject1103836 function| MarketGidLoadGoods1103836_06c46 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint554294 string| _mgCanonicalUri object| _mgPageView554294 string| _mgPvid object| fusePbjsChunk object| _pbjsGlobals object| pbjs object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| _aps object| apscustom boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_rum_config number| google_srt object| _google_rum_ns_ object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| __bt_already_invoked object| regeneratorRuntime function| __tcfapiui function| __uspapi undefined| google_rum_values object| google_image_requests string| _mgUniqueHash849723_06c46 boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT function| setImmediate function| clearImmediate object| ID5 object| ihowpbjsChunk object| ihowpbjs object| IHPWT object| _mgwcapping object| _mgPageImp5542949 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.usnewson.com/ | Name: _ga_X1YMW7PXDN Value: GS1.1.1679562623.1.1.1679562623.0.0.0 |
|
.usnewson.com/ | Name: _ga Value: GA1.2.898311015.1679562624 |
|
.usnewson.com/ | Name: _gid Value: GA1.2.72320969.1679562624 |
|
.usnewson.com/ | Name: _gat_gtag_UA_148072844_1 Value: 1 |
|
.mgid.com/ | Name: __cf_bm Value: 2sf8aPJy3OEcyrchZeNw5U_9s_QFbYGBa8qssIuKJw8-1679562623-0-AQAbpUG0uRjikPjn6xkWuUvh8kIFpypdWghy6gp8ODR5Q822iR3hYp3btRuhLvKubRdN2p68fkX0uO/LVC5Awlg= |
|
usnewson.com/ | Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C849723%22%3A%7B%22page%22%3A1%2C%22time%22%3A1679562625130%7D%7D |
|
usnewson.com/ | Name: _pbjs_userid_consent_data Value: 6683316680106290 |
|
.usnewson.com/ | Name: cto_bundle Value: 8j5iml9UaldySThIendXTHllOGQyWWw4cmltZ3RJZFZvSTZ1Tkc0WHBtWTVEeEVPMHk4NlpKZWNzcVk5bjY3RnZXSjJtdXZMTHhsT0klMkZoaGhiSThHMzZoJTJGR0o5MVRxOEpua3RFUDVDRW40bWFMRmQxSHJ5QjlJT05tVUpRazRnVGpyaiUyQg |
|
.usnewson.com/ | Name: cto_bidid Value: a55n0F9KNFlYeSUyQmljV3hheU1JWmglMkJkOUtjS1l3R2RuT3BiUURBNTdablhDUWttdVJ5YzRnSzNlTVB1OWduTnFvazFwSCUyRnl4VzkycUJjYjdkS1VjQTluRGp6ZyUzRCUzRA |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
audit-tcfv2.cmp.quantcast.com
btloader.com
c.amazon-adsystem.com
c.mgid.com
cdn.fuseplatform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.steepto.com
cdnjs.cloudflare.com
cl.imghosts.com
cm.steepto.com
cmp.quantcast.com
csi.gstatic.com
dsp.pardus.cloud
dsp.trafficbfd.com
gum.criteo.com
i.ibb.co
id.crwdcntrl.net
jsc.mgid.com
mug.criteo.com
pagead2.googlesyndication.com
pardus.cloud
region1.google-analytics.com
s-img.steepto.com
securepubads.g.doubleclick.net
servicer.mgid.com
stats.g.doubleclick.net
test.cmp.quantcast.com
usnewson.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.19.135.80
104.19.137.80
130.211.23.194
142.132.140.7
142.250.184.198
162.19.58.158
178.250.1.11
18.158.254.171
2001:4860:4802:32::36
23.35.236.201
2404:6800:4005:820::2003
2600:9000:2127:3e00:9:46dc:4700:93a1
2600:9000:225e:bc00:3:a4cd:8380:93a1
2606:4700:10::6816:3456
2606:4700:1::6813:854e
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:3031::ac43:a2f7
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:d2d
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:400c:c00::9a
2a02:2638::1c
2a02:26f0:480:e::210:f10f
2a06:98c1:3120::3
54.229.20.73
65.9.90.93
81.28.12.12
01a39e4ee5bd7fab010c33c27302113abc03adc2ce756e8f3bbfc6dad9c087c4
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06151854fcd04eb012241937c67c90bb5c0ab1be01f3db8371233196f3ce5a78
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0de96d7c90417b556442b440c64d4829327a8d4796a8d5de9a60fa5e16e19929
0ecc896f089d3bf79eedaa258544afb531a25a07e1d0f2faebb993e30922ce98
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
30ecd5bd5e32b79599479869d1f15dffbff60c257411b0805516dad331c33c97
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
3f15b248094422f252d5b490dc4bd3a367901f3d8c889584b36cfbf4f31d513f
4ec6c963e1d4752c3e15bcef35b975c4f790c504de69609177a2e041152b38fa
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
586935a8a91b4e419d44df7a7c52851bc7e8eb1cc04357d5dd11babbdd9bee02
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a
6085e25042bfecc8d7ff3c47a7486dc89e3208fb75c730744da21de1dde8ab60
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
679fb29bfc45cbfd545415c2d717b6a79ed1fcd47329062a94ebec32a48be7d8
6d49daaadd59ab24e947a8786d41a1cd7d3d16f876a2ea1709cf1e72608d8dfc
706e3893379d6d84ec54d0d15cefca7113f2b22a31fe36bfa7345be2de867c54
709217a175f0d9b049be1cc3c9980b3e2b2e0417b0d939bc26224a18aad6de97
7230d24632cae9f9a8575ee3e4e17ec586f3f8ae1242a7edd90546b67553beff
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
7c570eabe49bfd4e167dffefb1f4c1124e545b85c9b30198c9a055b1302f9a4e
7dcc7e482f358b41c055a2a4edcc9776b4819622595264792f9b28d1bbc838ae
80927669258cdb6aa81ff4addc15d3728f6808232d9f4065f0f05f371aefaaba
81406a4b22ccafda757324c3d9d97fcf8eadb3506954cdfb0cf4ef5510ac66cc
81af2788a30ba5dcff59b0f89f2cf75aa40054d96e4384cfd2a43617e89baaea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855dfbae42eb6ae7faaa629932dad117408a1dbc5d5639295cbddbe201fd7503
8e354ae6c33bcc7b55fe59c07ac05a0fc128a0556f9485858b84e344ec24b271
8fed4e1f0a0aace7abdfe156e08a208c04c799810c70ac250cee2870333e1e84
990cf81db20fa7157451e2b6d0f77833a93273cb36fe14da270b2eb7e36a720f
99e088adc4a664e237e868c3e2e200df03fcca5fe383c2818292f80776efe439
9a3c664c7e45751bc0eaf7d49096f76bb4671e5e96ff3a9c115ee6b142cd5775
9ada237edd824c642620e722db439ce709237e7623f832d77a0c0122827da4b6
9ca4b33c015df1f317514e0031b273535f1608a2d4f16dc816af06878b7b522f
9d35d2a87e773b061f6a87a13c5b4cd9048f401283450ee91498fe0a6a79e33c
9f626a74f609de91b2158e7839ed41f8b09fcf6c92afdf07a24c8d3626a28bf6
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
a4aebe296ff8415b2179b645b5d49503898a81dac49c76f9f1573c6db2233594
a78783a0778aba86d928bfb1a6669b05da378d8a709761d00a937afabd368775
a7d5c8d34e214ecc74d2d7d083f9658fa0c3be9a452f25e2d6342d128989a059
a924222dd7b462bddb714cfd5caf19764f090a719fab03e69484c2bb30dfd693
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aca8f8a0b12ffc76422efc49fe4fa814c0a35e28a64049df70024fe94f9bb47d
b15c094a683c050f4de3a028a8d461c800b7b8af0159eccfb27bbfb36563982c
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
ddaea112d8f5150920897f24b8e46d964d6bf682abaf04e5cc5bfc1ade1a964b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dedf39c86f33bcac956135cb0362249cc180b1e08836f606132106c0b5dec676
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53caacf5897deb87075499ff8030f7a96276011353bd1be5cceacedf2be4e82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff2aa6285d8939a9020e3b5ec122704439227eacd6c3cf7fe4f6c7b4a50e360
f4701d4450183452168f0d796509d773f0defe8efef1b46ff3e9484a78bf2f8e
fd8da1c146e33be677b3b94add5708250e6f0e3ad6c6968661d4d40327c6c219