usanewshour.com Open in urlscan Pro
2606:4700:3032::ac43:9871 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/...
Submission: On July 21 via api (July 21st 2021, 1:00:29 am UTC) from IE

Summary HTTP 261 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 22 domains to perform 261 HTTP transactions. The main IP is 2606:4700:3032::ac43:9871, located in United States and belongs to CLOUDFLARENET, US. The main domain is usanewshour.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.

This is the only time usanewshour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700:303... 2606:4700:3032::ac43:9871	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	88.99.215.229 88.99.215.229	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a03:2880:f22... 2a03:2880:f22d:1c2:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
3 6	2a03:2880:f22... 2a03:2880:f22d:1e6:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 28	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 3	13.226.145.101 13.226.145.101	16509 (AMAZON-02) (AMAZON-02)
10	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	35.169.188.209 35.169.188.209	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	94.130.218.84 94.130.218.84	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	18.208.241.4 18.208.241.4	14618 (AMAZON-AES) (AMAZON-AES)
8	2600:9000:218... 2600:9000:2182:5c00:8:3ed5:e880:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4006:804::2003	15169 (GOOGLE) (GOOGLE)
1 1	2001:6c8:170:... 2001:6c8:170:6::f	3292 (TDC TDC AS) (TDC TDC AS)
1 1	2a00:1450:401... 2a00:1450:401c:16::a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:6b::9	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:5b::7	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::64	15169 (GOOGLE) (GOOGLE)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
261	36

40 2606:4700:3032::ac43:9871 (United States)

ASN13335 (CLOUDFLARENET, US)

usanewshour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.215.229 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.215.99.88.clients.your-server.de

app.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:1c2:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f22d:1e6:face:b00c:0:4420 (Frankfurt am Main, Germany) 3 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.145.101 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-101.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.169.188.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-188-209.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.218.84 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.84.218.130.94.clients.your-server.de

cdn.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.241.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-241-4.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2182:5c00:8:3ed5:e880:93a1 (United States)

ASN16509 (AMAZON-02, US)

acdn.flickstree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4006:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6c8:170:6::f (Denmark) 1 redirects

ASN3292 (TDC TDC AS, DK)

r4---sn-uqj-j2id.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401c:16::a (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

r4---sn-5hnedn7s.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:6b::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5ednss.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:5b::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5ednls.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::64 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

s.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	395 KB
40	usanewshour.com usanewshour.com	517 KB
38	doubleclick.net 3 redirects googleads.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net	41 KB
25	googleapis.com fonts.googleapis.com imasdk.googleapis.com	4 MB
18	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com il-trc-events.taboola.com images.taboola.com	266 KB
16	aniview.com track1.aniview.com player.aniview.com go1.aniview.com	101 KB
14	google.com adservice.google.com www.google.com	3 KB
14	gstatic.com fonts.gstatic.com csi.gstatic.com	98 KB
12	2mdn.net s0.2mdn.net	197 KB
8	flickstree.com acdn.flickstree.com	1 MB
7	instagram.com 4 redirects platform.instagram.com www.instagram.com	5 KB
7	playstream.media app.playstream.media tg1.playstream.media cdn.playstream.media	88 KB
4	youtube.com s.youtube.com
4	googlevideo.com 2 redirects r4---sn-uqj-j2id.googlevideo.com r4---sn-5hnedn7s.googlevideo.com r4---sn-4g5ednss.googlevideo.com r1---sn-4g5ednls.googlevideo.com	3 MB
3	google-analytics.com www.google-analytics.com	19 KB
3	googleadservices.com partner.googleadservices.com www.googleadservices.com	661 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	avplayer.com player.avplayer.com	128 KB
2	google.de adservice.google.de	975 B
1	ytimg.com i.ytimg.com	8 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
261	22

	Domain	Requested by
40	usanewshour.com	usanewshour.com
35	pagead2.googlesyndication.com	usanewshour.com pagead2.googlesyndication.com tpc.googlesyndication.com srcdoc
27	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com imasdk.googleapis.com
24	imasdk.googleapis.com	app.playstream.media player.aniview.com imasdk.googleapis.com
14	track1.aniview.com	usanewshour.com player.aniview.com
13	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
12	s0.2mdn.net	imasdk.googleapis.com
9	pubads.g.doubleclick.net	imasdk.googleapis.com
8	acdn.flickstree.com	player.avplayer.com app.playstream.media
8	fonts.gstatic.com	fonts.googleapis.com imasdk.googleapis.com
6	csi.gstatic.com	imasdk.googleapis.com
6	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com
6	images.taboola.com	usanewshour.com
6	cdn.taboola.com	usanewshour.com cdn.taboola.com
6	www.instagram.com	3 redirects usanewshour.com platform.instagram.com
5	ade.googlesyndication.com
5	app.playstream.media	usanewshour.com app.playstream.media imasdk.googleapis.com
4	s.youtube.com	blank
3	il-trc-events.taboola.com	usanewshour.com cdn.taboola.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com app.playstream.media
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com usanewshour.com
2	www.googleadservices.com
2	ad.doubleclick.net	1 redirects
2	player.avplayer.com	tg1.playstream.media player.avplayer.com
2	trc.taboola.com	cdn.taboola.com
2	adservice.google.de	pagead2.googlesyndication.com imasdk.googleapis.com
1	r1---sn-4g5ednls.googlevideo.com
1	i.ytimg.com
1	r4---sn-4g5ednss.googlevideo.com
1	r4---sn-5hnedn7s.googlevideo.com	1 redirects
1	r4---sn-uqj-j2id.googlevideo.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	go1.aniview.com	player.aniview.com
1	15.taboola.com	cdn.taboola.com
1	player.aniview.com	player.avplayer.com
1	cdn.playstream.media	usanewshour.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	tg1.playstream.media	usanewshour.com
1	www.googletagmanager.com	usanewshour.com
1	platform.instagram.com	1 redirects
1	fonts.googleapis.com	usanewshour.com
261	42

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
youtube.com
pinterest.com
affiliate.flickstree.com
bit.ly
www.instagram.com
popup.taboola.com
hotpoptoday.com
facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.playstream.media AlphaSSL CA - SHA256 - G2	`2021-04-06` - `2022-05-08`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-06-19` - `2021-09-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
wl.aniview.com R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
outstreamedia.com R3	`2021-05-25` - `2021-08-23`	3 months	crt.sh
*.aniview.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
acdn.flickstree.com Amazon	`2021-07-09` - `2022-08-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-07-13` - `2021-09-21`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 48 frames:

Primary Page: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Frame ID: 20B53B5D62C84987510B888F87DE1C65
Requests: 144 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/zrt_lookup.html
Frame ID: 67AD82CE641E7CBEEC03CEA60384FB35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3233951301803490&output=html&adk=1812271804&adf=3025194257&lmt=1626829208&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626829207550&bpp=5&bdt=564&idt=400&shv=r20210714&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8394392213606&frm=20&pv=2&ga_vid=63848667.1626829208&ga_sid=1626829208&ga_hid=375464801&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060932%2C31061747%2C20211866%2C21065724&oid=3&pvsid=3969065074914131&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=481
Frame ID: 646649FAD9460BFF3D0A03F927C35CF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3233951301803490&output=html&h=200&slotname=2372405569&adk=3460302697&adf=983315409&pi=t.ma~as.2372405569&w=840&fwrn=4&lmt=1626829208&rafmt=11&psa=0&format=840x200&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626829207582&bpp=3&bdt=596&idt=575&shv=r20210714&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8394392213606&frm=20&pv=1&ga_vid=63848667.1626829208&ga_sid=1626829208&ga_hid=375464801&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=175&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060932%2C31061747%2C20211866%2C21065724&oid=3&pvsid=3969065074914131&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hPUlTad4VN&p=https%3A//usanewshour.com&dtd=609
Frame ID: E83CF2C4E3C47BFF40A891D30C70A2DF
Requests: 1 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: 718E777997247B3F09C93C023CDF3CC9
Requests: 1 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: 56B5CAECB33AAB6EC494BB9E31E77739
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895
Frame ID: F7E20A1BBC0CCDAA7C3785BBEB2CD5B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 136060DF8AC81CC58A1124ACA2A7505E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F27DBB8CDE7B77A6D4F288E9E55682A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FE4EE7B925A515FD52019A41C39584C4
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: CA7FC2AAA6779A70346A6F1D0C9D623E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A3972E4C5C196370288BD276CA38F48F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 106939FC7BF906D448673C6AD9526F19
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0F1AF0553D9735BBE8FDB3FF4ACA3A2F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: F73180EAB7A46BF8F113916F26B184E3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 75A8EAC676181FCE89606CF148F4E942
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 0E3C2265CABF9B06F76413BCA4BF7D11
Requests: 22 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 8F5D714206E613ABF3051E8B189FC156
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 0DBB37427C7E1D9ED965FAAA4E2EE0AC
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 88E1E67F37400DA984F5BF952C2E5652
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 47713B6746F7817A32B5E24715FE9B4F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B11EADA5E3EA3CAF6866AF146647B4FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3541800124BEED8E3725995C217366AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 575DA030309EE14945E34361113B87A4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7D888780810CF3564BF56304F89D55EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0A1B8D45CB7A9358C8A242C33BA3E3D6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C349B62F5EE997EB5F4B5CBF9047A4B1
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 705C0E9ECFEF890A7E1EB4AE7617677F
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 547AE4B4746584D2F32FB6FB15D6D8F8
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: AC42810486AD1004DBF6F9DB66117DA4
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: ABB2426BB437556B5001D8D73F3F08DA
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 658247D252D3C85AB3F43CD61F5F6C4E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 7A07E963613FA4DEA21C3454F5343E52
Requests: 32 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: EC94E03F316F013B17C4EDD84D56302D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 762E819C45EAFC46ECD1A8D2E75691C9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 2CDD3BE168AF82DC3AFBAC4F9E9BF96C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 3840B625EE107378BD1C86FA37207540
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B69C3124944E667F4D7B0E31009431E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A9A946F0A18113EB45712D9CA7B31AF7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FF5E469E14DB5482A5DBEE8339DD2246
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DDE94C152C9831429C3D01149B551E48
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A3E5CFC0CF142B60784ADA9F4FBF8C54
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 9640CA752E86A7F6DD039D86FE95A901
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D9700070E5AD41FDF3478D6851B8ACC1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 8863F3DFACA4A6E1757687020764401B
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/playback?ns=yt&el=adunit&cpn=pUOLj6E6EyBo_4Lh&docid=U7w32ZVCeuk&ver=2&cmt=0.222&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fusanewshour.com%2F&len=18.181&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=16&rtn=10
Frame ID: 40E0168EC406E6102B55ABFE98A1051F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: CFBD10F1CD462F710DA511B8EF947F68
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.198&rtn=18.181&ns=yt&el=adunit&cpn=pUOLj6E6EyBo_4Lh&docid=U7w32ZVCeuk&ver=2&cmt=10.198&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fusanewshour.com%2F&len=18.181&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: A722EB5E3D38797100A671EE8B384A11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

261
Requests

99 %
HTTPS

71 %
IPv6

22
Domains

42
Subdomains

36
IPs

6
Countries

9420 kB
Transfer

20633 kB
Size

6
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/USANewshour
Title: Likes

Search URL Search Domain Scan URL

URL: https://twitter.com/USANewshour
Title: Followers

Search URL Search Domain Scan URL

URL: https://instagram.com/USANewshour
Title: Followers

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/usanewshour/
Title:

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCCRkjtLvqZuklCy9dnk6yAQ
Title: Subscribers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=EXCLUSIVE:%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20sets%20of%20Resurrection%20Mary%20@USANewshour&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&media=https://usanewshour.com/wp-content/uploads/2021/04/Pamela-Jean-Noble.jpg&description=EXCLUSIVE:%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20sets%20of%20Resurrection%20Mary

Search URL Search Domain Scan URL

URL: https://affiliate.flickstree.com/click?pid=9&offer_id=233
Title: Learn More

Search URL Search Domain Scan URL

URL: https://bit.ly/2UvMJCg
Title: PLAYSTREAM

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CGqhsC9M5jT/?utm_source=ig_embed&utm_campaign=loading
Title: View this post on Instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CHPEQjXs6Gv/?utm_source=ig_embed&utm_campaign=loading
Title: View this post on Instagram

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/hi/?template=colorbox&utm_source=v2technosys-usanewshour&utm_medium=referral&utm_content=alternating-thumbnails-a:below-article:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://hotpoptoday.com/keep-calm-and-carry-on-dx/?utm_source=taboola-dx&utm_campaign=dx-ww-a-hpt-packhen-all-300621-c2184&utm_medium=tb11350660_1383841&utm_term=v2technosys-usanewshour&click_id=GiDwhGfcadVMwC6HGc69CD0XTCaD6_PUeFbA3sAdflAx7SDHt08oyYX50Z7jl7An&cpc=0.002
Title: HotPopToday

Search URL Search Domain Scan URL

URL: https://facebook.com/usanewshour

Search URL Search Domain Scan URL

URL: https://twitter.com/usanewshour

Search URL Search Domain Scan URL

URL: https://instagram.com/usanewshour

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCCRkjtLvqZuklCy9dnk6yAQ/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 55

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1626829208226&ns_c=UTF-8&cv=3.5&c8=EXCLUSIVE%3A%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20sets%20of%20Resurrection%20Mary&c7=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1626829208226&ns_c=UTF-8&cv=3.5&c8=EXCLUSIVE%3A%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20sets%20of%20Resurrection%20Mary&c7=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&c9=

Request Chain 57

https://www.instagram.com/p/CGqhsC9M5jT/embed/captioned/?cr=1&v=13&wp=658&rd=https%3A%2F%2Fusanewshour.com&rp=%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F HTTP 302
https://www.instagram.com/accounts/login/

Request Chain 58

https://www.instagram.com/p/CHPEQjXs6Gv/embed/captioned/?cr=1&v=13&wp=658&rd=https%3A%2F%2Fusanewshour.com&rp=%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F HTTP 302
https://www.instagram.com/accounts/login/

Request Chain 197

https://r4---sn-uqj-j2id.googlevideo.com/videoplayback?expire=1626858012&ei=nHH3YNb3CpeC6dsP4d6dcA&ip=82.102.20.235&id=53bc37d995427ae9&itag=22&source=youtube&requiressl=yes&mh=qK&mm=31&mn=sn-uqj-j2id&ms=au&mv=m&mvi=4&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=18.227&lmt=1625609548059861&mt=1626829003&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAMrosKiX_NMBPvJYa-HwevrXKegLOo9ABO5Pzhirv27qAiBWEPx_pYS3nnF4LWyoiXZLzhactE9djHyj2XDQkuveFQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVyYq8ksGWhCMjfyPFuytCwnl692Tj7u3wUjyoBYlOPwCICI4ovBNpy4JMGm15UJRDe0tq4iyplfeiRhbF5cyf2He&cpn=pUOLj6E6EyBo_4Lh HTTP 302
https://r4---sn-5hnedn7s.googlevideo.com/videoplayback?expire=1626858012&ei=nHH3YNb3CpeC6dsP4d6dcA&ip=82.102.20.235&id=53bc37d995427ae9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=18.227&lmt=1625609548059861&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAMrosKiX_NMBPvJYa-HwevrXKegLOo9ABO5Pzhirv27qAiBWEPx_pYS3nnF4LWyoiXZLzhactE9djHyj2XDQkuveFQ==&cpn=pUOLj6E6EyBo_4Lh&redirect_counter=1&rm=sn-uqj-j2id7z&req_id=3436734d06f736e2&cms_redirect=yes&mh=qK&mm=29&mn=sn-5hnedn7s&ms=rdu&mt=1626829004&mv=m&mvi=4&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANf1Tgx80PciVzBLAgP-1q4PS31eiWWgz50smTt-h_6lAiBV9zy5gEdMZxa34xwsrqAkmet-_wfY245JthxcR3FpXA%3D%3D HTTP 302
https://r4---sn-4g5ednss.googlevideo.com/videoplayback?expire=1626858012&ei=nHH3YNb3CpeC6dsP4d6dcA&ip=82.102.20.235&id=53bc37d995427ae9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=18.227&lmt=1625609548059861&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAMrosKiX_NMBPvJYa-HwevrXKegLOo9ABO5Pzhirv27qAiBWEPx_pYS3nnF4LWyoiXZLzhactE9djHyj2XDQkuveFQ==&cpn=pUOLj6E6EyBo_4Lh&rm=sn-uqj-j2id7z,sn-5hnks7z&req_id=3436734d06f736e2&redirect_counter=2&cms_redirect=yes&ipbypass=yes&mh=qK&mip=2a01:4f8:192:5414::2&mm=29&mn=sn-4g5ednss&ms=rdu&mt=1626829054&mv=u&mvi=4&pl=52&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALm_0Fr2ZagNuXPgwaf_ishmzHUVA5VruotvKLmarU5HAiBrlhuzDfJ71052M9-iwcOo0eKQ_oJ1jQh9MpoUci0V1g%3D%3D

Request Chain 237

https://ad.doubleclick.net/ddm/trackimp/N1224350.4098416ETOROMARKETS/B25828467.302888100;dc_trk_aid=495341487;dc_trk_cid=150207816;ord=3683416506;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=6014856069703793843;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1224350.4098416ETOROMARKETS/B25828467.302888100;dc_pre=CNyPkov78vECFQDLEQgdMicDMg;dc_trk_aid=495341487;dc_trk_cid=150207816;ord=3683416506;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=6014856069703793843;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23

Request Chain 275

https://googleads.g.doubleclick.net/aclk?sa=l&ai=CEqFbm3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1wJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7K6Xr5XQinahrfNqhUXk7Dsie0M8x_j_qM8PwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGxCU678I3vAjwAgAoDmAsByAsB0AsPuAwB2BMCiBQB0BUBgBcB&num=1&sig=AOD64_05ttohQmoeKHuCWJcZD2m77WByyA&client=ca-pub-3452022011371122&adurl=https://www.diabeteswhatsnext.com/dk/da/penne-og-naale/smartpens.html%3Fcid%3Dpse-ga-vd-full-novopen-allevideoer&ctype=110&label=video_10s_engaged_view&ad_mt=10198&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26p0%3D1137,275,1617,915%26p1%3D1137,275,1617,915%26p2%3D1137,275,1617,915%26tos%3D0,0,0,0,10232%26mtos%3D0,0,0,0,10232%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,4732%26mtos2%3D0,0,4500%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10232%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2253%26pst%3D452%26dur%3D18181%26vmtime%3D10198%26is%3D274%26i0%3D274%26i1%3D274%26i2%3D274%26cs%3D4882%26c%3D0.13%26c0%3D0.13%26c1%3D0.13%26c2%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,1000%26qnc%3D0.13%26qmv%3D0%26qnv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D0,0,0,0,53%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829223405%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10232%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1626829212613 HTTP 302
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CO3cum3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1wJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7K6Xr5XQinahrfNqhUXk7Dsie0M8x_j_qM8PwASKv6v20gPgBAHABW6gBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCUVodHRwczovL3d3dy5kaWFiZXRlc3doYXRzbmV4dC5jb20vZGsvZGEvcGVubmUtb2ctbmFhbGUvc21hcnRwZW5zLmh0bWyxCU678I3vAjwAgAoDmAsByAsB0AsPuAwB2BMCiBQB0BUBgBcB&num=1&client=ca-pub-3452022011371122&ctype=110&label=video_10s_engaged_view&ad_mt=10198&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26p0%3D1137,275,1617,915%26p1%3D1137,275,1617,915%26p2%3D1137,275,1617,915%26tos%3D0,0,0,0,10232%26mtos%3D0,0,0,0,10232%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,4732%26mtos2%3D0,0,4500%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10232%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2253%26pst%3D452%26dur%3D18181%26vmtime%3D10198%26is%3D274%26i0%3D274%26i1%3D274%26i2%3D274%26cs%3D4882%26c%3D0.13%26c0%3D0.13%26c1%3D0.13%26c2%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,1000%26qnc%3D0.13%26qmv%3D0%26qnv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D0,0,0,0,53%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829223405%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10232%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1626829212613&cid=CAQSKQCNIrLM4lG4mKrus43VB0NNLqQsjYpN6x86tiErJBQ3dC7C56ncSmPF&dblrd=1&val=ChAyMjRiMzI1MzgwYzgwMGYyEKfj3YcGGggcbOKFCmwkwyABKAE&sig=AOD64_1_gyGnK6sJC9MeGzd5iT8OXm25nA&adurl=https://www.diabeteswhatsnext.com/dk/da/penne-og-naale/smartpens.html%3Fcid%3Dpse-ga-vd-full-novopen-allevideoer

Request Chain 278

https://googleads.g.doubleclick.net/aclk?sa=l&ai=CkdCTnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSoAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PbgELpx_a_D-XiTUXnlWr6LWDF3JebrQXUjVawATk-s780wOIBZC68bMtkgUGCAMQAhgBoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCRhodHRwczovL3d3dy5ldG9yby5jb20vZGWxCaww-O8n4kNigAoDyAsB0AsO4AsBogwIKgYKBPmesQK4DAHYEw2IFAHQFQGYFgHiFgIIAYAXAQ&num=1&sig=AOD64_08Km159Lbc1BWKWnAkVU89O_mNBQ&client=ca-video-pub-6968738577620513&adurl=https://www.etoro.com/aw.aspx%3FA%3D58091%26SubAffiliateID%3DDE_YT_TradeLikeSteve_Broad-25-34_DE_58091%7CAG_125620698468%7CKW_%7CMT_%26Task%3DClick%26TargetURL%3Dhttps://www.etoro.com/de&ctype=110&label=video_10s_engaged_view&ad_mt=10181&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26p0%3D933,1134,1190,1590%26p1%3D933,1134,1190,1590%26tos%3D10244,0,0,0,0%26mtos%3D10244,10244,10244,10244,10244%26amtos%3D0,0,0,0,0%26mtos1%3D7744,0,0%26mcvt%3D10244%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10244%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2256%26pst%3D441%26dur%3D30000%26vmtime%3D10181%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2500,2500,2500,2500,2500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D52,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1626829223775%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10244%26ss0%3D0.06%26ss1%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1626829213370 HTTP 302
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5QrknHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSoAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PbgELpx_a_D-XiTUXnlWr6LWDF3JebrQXUjVawATk-s780wOIBZC68bMtkgUGCAMQAhgBwAVuoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCRhodHRwczovL3d3dy5ldG9yby5jb20vZGWxCaww-O8n4kNigAoDyAsB0AsO4AsBogwIKgYKBPmesQK4DAHYEw2IFAHQFQGYFgHiFgIIAYAXAQ&num=1&client=ca-video-pub-6968738577620513&ctype=110&label=video_10s_engaged_view&ad_mt=10181&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26p0%3D933,1134,1190,1590%26p1%3D933,1134,1190,1590%26tos%3D10244,0,0,0,0%26mtos%3D10244,10244,10244,10244,10244%26amtos%3D0,0,0,0,0%26mtos1%3D7744,0,0%26mcvt%3D10244%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10244%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2256%26pst%3D441%26dur%3D30000%26vmtime%3D10181%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2500,2500,2500,2500,2500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D52,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1626829223775%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10244%26ss0%3D0.06%26ss1%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1626829213370&cid=CAQSKQCNIrLMswdWrRxzVgAsUDFTupqd0dZNcg34SCqn5VwhFHwr4xvLCOjn&dblrd=1&val=ChAyMjRiMzI1MzgwYzgwMGYyEKfj3YcGGggcbOKFCmwkwyABKAE&sig=AOD64_1tYJgQbz2u9w1zNL2dtxrPt2M_Ag&adurl=https://www.etoro.com/aw.aspx%3FA%3D58091%26SubAffiliateID%3DDE_YT_TradeLikeSteve_Broad-25-34_DE_58091%7CAG_125620698468%7CKW_%7CMT_%26Task%3DClick%26TargetURL%3Dhttps://www.etoro.com/de

261 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/ 97 KB
22 KB 707ms
668ms Document
text/html 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f3e59541e68fe6c1f040edc9ff79e9ed170cdcfa1d4fba1212f194e23c4f684

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:method: GET
:authority: usanewshour.com
:scheme: https
:path: /exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:06 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://usanewshour.com/xmlrpc.php
link: <https://usanewshour.com/wp-json/>; rel="https://api.w.org/", <https://usanewshour.com/wp-json/wp/v2/posts/19321>; rel="alternate"; type="application/json", <https://usanewshour.com/?p=19321>; rel=shortlink
vary: Accept-Encoding,Cookie
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erwfbkejJ1s0EOfL5L8Vt9Pv3yc4TuyJvDYTGPZ4rygQFwjgIN0e5fFy3olNpiBkgUMKTnda4PrT30u0zDv%2BBzR83KOYqxeBQtkNCPWjs2coWFQr3j6LjqV%2B8UqJGMH6QTlGctcOyoesgcT2GZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67207d8b68b64e07-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.min.css
usanewshour.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 52ms
38ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 15 Apr 2021 03:05:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19yLjGKtvfa2iAGKHK54edWDRAkyPUKL6irM7wscsnBt%2BV0vrRAo1t0xDAHAtGxx9%2FgbFncpMQ5ac8x0kIkt2bT7J2EdXoP4Z7FnxjJxl2E1tTsyZqIxRQda3s6TI%2F3jWm6Q%2BI29W0gsd5nntU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc12d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 bs-icons.css
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 4 KB
1 KB 71ms
57ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f72197efe9b8796e643755698e3a888880b381ba02aebbdf6367506a7e37686

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4633
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbqucFygOJNgyvnAvzVjMjMowuC4%2Fl0ZS5rIYSt23pnuJCk%2FYDOm1rt70pUjU%2BreK5uHv%2FJwuAJQ1NFHUmqIDsEtDwZYk%2BSdQuIpVRySDB30lVwCJdRo36XP9d0OfhjIvdmucRx0w5nTqC9hkEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc13d6bd-FRA
cf-bgj: minify

GET
H3-29 200 style.min.css
usanewshour.com/wp-content/plugins/better-social-counter/css/ 54 KB
6 KB 70ms
56ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/plugins/better-social-counter/css/style.min.css?ver=1.13.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1583f28a50c73c0f65790ed46f422295ae9c61397fba7acd291e4d6487636909

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 07 Jan 2021 18:07:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbK5HG52ax8G8Z%2FyLsctdywfZdUbm9iQN%2Blvs7LoTTa%2FJqQRmR26qp%2FI3x%2BH%2F%2Ft%2FSOrnWLjDTtiOtjZLa5NpLgyxdq0%2B75Ws6kQiMi7p34WlNDnuI9T6Q27Ri1hZD3yZRLSV2A1eu0fL0sKzDv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc10d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 slick.min.css
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 1 KB
1 KB 71ms
57ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/slick.min.css?ver=3.11.15

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dcf5513db2216b938acffe6e78d51addb42160ad58c5d06206578a6fc251fa5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuehArt197GpG%2FUIORzAWUuBCKQHEA32UbllF9jEGeFL6AbYeNZdZ%2FE9TdNhRMleY2GofehS4onJnvEsBvZ32tJXjl0MP%2F9QJy%2BmeHnGv4WeemUJp6mDd8mnXGib%2FWOLhbZJ6JpVS18r2zXhgQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc17d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 pretty-photo.min.css
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 7 KB
2 KB 61ms
47ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/pretty-photo.min.css?ver=3.11.15

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c79b80ec32a532b360605538ac97c5b2b4fc85f57825582eff5318be177cca2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fedjr9j9NvoOAbOFRR83f7%2B%2FX8m6tKbF6RSmgrat8FWpFHH8NfrMiUqzf6r5GAC5ZcXA3kHCdxc%2BYlUE9D04LN6JkYLjeOuezZW5Di1i0rosWjPmZpP4hSywWwsOrrYwKngG3XPFTHZy87qizIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc14d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 theme-libs.min.css
usanewshour.com/wp-content/themes/publisher/css/ 102 KB
17 KB 62ms
48ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/css/theme-libs.min.css?ver=7.9.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed09e939fdfe0e6aeb1a27a6de975577b8856af406d240d38e7c0fd08d408ee9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvKXoXd9CBp34sp6gy52W4A33fRAf051ENV9l1%2Fy%2Fbh3A87qhtwxwjxOGMxefJaFWY%2BjjvvHTq8vKYovdTlaxJUJYMvLlOQ7QL95JMjVUsCoFg078KQPXaIGjDysTzwjR%2FiACB1SVkLV%2FtRY7M8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc16d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 font-awesome.min.css
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 30 KB
7 KB 89ms
75ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed2d77ad6f19808e45fa19719a3818fa3f7c9f8f2e1accceefe0026d8376eab2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngTaFpw2PisjZDwovYjDIv8ZZAj8Skg5EcEPlR9txIjTV6iqZO7whXxl6ECaR%2F4u0wzMYwd0Uf9lLG9IorO8Bb%2BDbQ1e0NZYLPeKkYiU3DvX4tIO8M0qu69C08XdvGL%2BOtq3JY5kFNfRwKrXagY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc1ed6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style-7.9.2.min.css
usanewshour.com/wp-content/themes/publisher/ 557 KB
74 KB 78ms
64ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/style-7.9.2.min.css?ver=7.9.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0bb5bc05daa2d25715af74acf2c91817b3b55e0e28f0161029db6b8db02b686

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DGjMqkicIGH9qCf9mowVLWQ9orp0FxdhJ%2FT2m8CxbU9LeHWnLTIsu9XUsAGy0z1cZ0nRzAqFc9N7c6ZB5PLi03NQMp%2B5V4Jzf0zeGxXEWoiCsH5cznnw8XKltRzmtxBZbwu5L25FQzQmgJ9g5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc1dd6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.css
usanewshour.com/wp-content/themes/publisher-child/ 0
611 B 77ms
64ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher-child/style.css?ver=1.0.0

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=341
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
last-modified: Sat, 11 Feb 2017 13:02:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMUuhsNF8CZBBwrXBhuZWnOGctGuaLstTOM%2BIIjZ%2BV%2FBNy%2F9zjR5ejXQODOsCT6mloU5Y8riT0mLax8vAWObuR%2Fg4CYNtx98xEnvV7t%2Bjz3paxqEkfQ5jK7jz8nbSuIMLlfcRgk6KEmiGnACvRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 67207d8fcc1cd6bd-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 20ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:500,400%7CPoppins:400,700,600,500,400italic%7CQuestrial:400%7CRoboto:500,700&display=swap

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59b509e570b16015d0c91d8f647d039d71865f409b3825779163208103290e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 01:00:07 GMT
server: ESF
date: Wed, 21 Jul 2021 01:00:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jul 2021 01:00:07 GMT

GET
H3-29 200 style.min.css
usanewshour.com/wp-content/themes/publisher/includes/styles/view-magazine/ 10 KB
3 KB 75ms
62ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/styles/view-magazine/style.min.css?ver=7.9.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1465806941428e917e4b8ba5860b7b4a36f7d57e5cd11e79e012dd219018a25e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLQ6fGhVSYP2dNmzlHwLRLcETOw5tbTIbb35ek6c9EcbPTf75uBwmWwdipeZe%2BO7%2ByzUBQdnfuOkcPmPsr5d8o8QsHAZlFHhgKDWhT5aqU31OohIaEMSBZSTzrhHZCh%2FTpuDSnRLRU5Gm5JFbng%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc1bd6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 jquery.min.js Show response
usanewshour.com/wp-includes/js/jquery/ 87 KB
31 KB 70ms
58ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 20 Dec 2020 04:53:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvB5KEH3ClWpjbdZmuLPGXI6pYn5G9UJOeN0nJ90UMc4g0cN2IPfeHIgGp7TF3BkWKrbEeqsd9q20UWsb0tMtuDdRCfMMpJT552yk0Xu%2BSL3G60dK0cpolPaI0pRq6U%2BmdvdinRLdYJIXyWUhtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc19d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 jquery-migrate.min.js Show response
usanewshour.com/wp-includes/js/jquery/ 11 KB
5 KB 69ms
57ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 20 Dec 2020 04:53:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REUOQho79rWm%2FlZToM2vm4i4h3wY6j9teH5z3Kt02X7Yqz08KD5gCKzYIjjlMdbK6G9XhnQd%2Bpc3LiSgOmVC6iHqx4DzajWOJ4IQ%2FQXJksmONuhBvfP6SJH6CBAzz46j5861fIyOFNAYtcRo7yw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc18d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 86ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a0d872e203e1bf37b0803dbecb31c24aa40da6cbb02ca4fe50268baefc6dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48528
x-xss-protection: 0
server: cafe
etag: 2197643862975836962
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Jul 2021 01:00:07 GMT

GET
H3-29 200 5bf0d989d391a6d3853e52369bae8afb.css
usanewshour.com/wp-content/bs-booster-cache/ 58 KB
8 KB 73ms
61ms Stylesheet
text/css 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/bs-booster-cache/5bf0d989d391a6d3853e52369bae8afb.css

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6a6b7e9dd9d0a6783bbebbfdaec4453c855fda039073afc7bde990fa72725a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 19:54:48 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0BbXsdw3VqQTRPeRP9qEPUT%2BxnH8yYd26%2BEEftcu1TnNkJcGx0Sc%2Fk86YVdkdPhxCBRkKpuqkt6xMzj9X2hG2EobXI7Xhv%2FwsFa9xuHi1hUV%2Fo3r5W7BR%2BkHfA%2FwVMFQUKUO%2BDGiZNqblRP088%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d8fcc1ad6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 USA_NH-2.png
usanewshour.com/wp-content/uploads/2020/09/ 7 KB
7 KB 35ms
19ms Image
image/png 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2020/09/USA_NH-2.png

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa4b3213eda65cdf9fe142297ecdacb3d377b321a079acdd586b6f638621faf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2020/09/USA_NH-2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6670
last-modified: Sun, 27 Sep 2020 12:11:15 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQaMgEv5mZXlZLPBkWvtCHbpD1SeUbHFe5%2FujdPbIpUrIZpml0YljHZuL7cBa3v%2BN%2FSH2NlWxAtwp5KE9IUoN3ZYyjKb4L%2BTdJeSM6%2FUJOjSP0%2Fd%2FPSAIJxbdZHhjbHJPgD9fKDsc6iK%2BtjIoHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d90fd02d6bd-FRA

GET
H3-29 200 email-decode.min.js Show response
usanewshour.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b682cce2b0000d6bd878f8000000001
last-modified: Tue, 13 Jul 2021 12:09:10 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ed8266-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xbMJ5AeGjR4I85z1m6vJvChQZrAJ%2B5MMTlMMs2WhbOnuoapdoA%2BfpzZVRFiz0mYNsF%2BHB%2Fma3B%2F6uXT8w9m1efwQo8dS2gV6fHv8EwQGZzl9yT71AnbICKvhfdIjjHLPFKSWfWL1rUhUQ7XjBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 67207d904c69d6bd-FRA
expires: Fri, 23 Jul 2021 01:00:07 GMT

GET
H2 200 955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558.js Show response
app.playstream.media/domain/instream/ 722 B
490 B 168ms
40ms Script
application/javascript 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/domain/instream/955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558.js
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: b494852663d6ade78142cc7238bb41dbb29cd5719512f7ade8aeed5da0e8f947

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: br
last-modified: Wed, 07 Apr 2021 09:25:55 GMT
server: nginx/1.17.10
etag: W/"606d7aa3-2d2"
content-type: application/javascript; charset=utf-8

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

33ms
9ms

Script
text/javascript

2a03:2880:f22d:1e6:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 15:47:07 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Wed, 21 Jul 2021 01:00:07 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: vll
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-29 200 wp-emoji-release.min.js Show response
usanewshour.com/wp-includes/js/ 14 KB
5 KB 38ms
21ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 03:05:10 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fatKD6bLges2Iba%2FF%2BEAGdd0f1bYiEoWJxiLUXGQc0S2ylpC1HV%2Bcw1lmcs9yugHwVImgwCJqxOMg3QtuGE%2BY8qJRKxJWyp6QIAcKFF%2FQtzFoYvvER0vRdpxBChVFQkcgRlCW9xvOOYDswW8h7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fd04d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 USA_NH-1.png
usanewshour.com/wp-content/uploads/2021/01/ 4 KB
5 KB 47ms
29ms Image
image/png 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/01/USA_NH-1.png

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83222854a0726f7e1abeddc9036aa00f97e1d3f92afed8e5bb81a47112a0e8b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/01/USA_NH-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4485
last-modified: Fri, 22 Jan 2021 07:48:16 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBtf0uxfS1Atg6tN1akVi5upcffWFetrXn9AL6oGJL44Z3uuvU%2Bb0pFLJiJprJJUDvT4jXfybBEoDVZMAd6sE4XbXaGJsXz2JaZCVruGohzOUlcBHi4f%2FnuQw6bd8Hv1l3k0RibUloMCmCAzg5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d90fd05d6bd-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 38ms
20ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175803653-1

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f88421b49ffa6c5b3add2257c75572a47ae8c5ffe3a8ea63bbcc8a2e5e463e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39696
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jul 2021 01:00:07 GMT

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 21 KB
6 KB 352ms
294ms Script
text/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=60d9c15e69f9692eee1b39a9&AV_PUBLISHERID=60d9b376ef552b1df4426895
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eda77ad54ff37b74ad189f35a5d88e473e426d98ca93d58be272a72c91f5a97f

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Jul 2021 01:00:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 5452
Expires: Wed, 21 Jul 2021 01:05:07 GMT

GET
H3-29 200 better-post-views.min.js Show response
usanewshour.com/wp-content/plugins/better-post-views/js/ 336 B
795 B 29ms
11ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/plugins/better-post-views/js/better-post-views.min.js?ver=1.6.0

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a45d4286c79864158a9c7f5d543c21ebd53726ea5fa1fd984622db2f74a91798

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/plugins/better-post-views/js/better-post-views.min.js?ver=1.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 07:53:48 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnFyKfIJqwwnw5UXrvWYTdEDzATggj6a%2FPGw5EiTDbFslKd1P%2BF%2FG46Cf59BCUVAgEd6STZDDNQ%2BovTy0QgxvuW2h86ZdIP8HH6SBUtABW%2FKdB%2Buh3OmxSJN4CR1DvOIp0T4Zwz3UZ23G9xKHU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcf6d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 element-query.min.js Show response
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 2 KB
2 KB 35ms
17ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/element-query.min.js?ver=3.11.15

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092fdebe9f307e967429648b19de6244fd57f38b3b0c0d751a42669f41f2ded8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/includes/libs/better-framework/assets/js/element-query.min.js?ver=3.11.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTyYsmJTfBrmXIfpZbFn%2B6BClR9NK9oxfm9N%2BuGgLVIlWKZH5i9XpTIhKu32VAbD1uYnDPIYx1Ep6CIdqtj1huReZ4ec4LRFSfWnSCj2j3ecbg8HS5QWXrFGxNtf7ftHQK442yZjyD39LF0dawA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcf7d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 script.min.js Show response
usanewshour.com/wp-content/plugins/better-social-counter/js/ 375 B
800 B 32ms
15ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/plugins/better-social-counter/js/script.min.js?ver=1.13.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8ad16c76e27370b6b095f7348b39c4e30d82d2c8116da80fad6f8b1e275721a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/plugins/better-social-counter/js/script.min.js?ver=1.13.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 18:07:19 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FMCjo0dnUXQTECy98bUa2nCvAtEaXZDV%2FicbXX6WHlXEJO5ZhT4vvhNCm4ZADPKvtbNFX%2FsJ6NU8XDf19gPVcbzth05Rc6Hdst1sZwuvZqFaGg9Y40%2Fe0dv2CuwQ1ZM0EFQzss%2F3rcHK1GEuCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcf8d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 blazy.min.js Show response
usanewshour.com/wp-content/themes/publisher/includes/libs/bs-theme-core/lazy-load/assets/js/ 5 KB
3 KB 31ms
13ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/bs-theme-core/lazy-load/assets/js/blazy.min.js?ver=1.12.0

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6e68991e534ac55d80a69df4d51057ad66a080257fdc44e0553c40530ddaab8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/includes/libs/bs-theme-core/lazy-load/assets/js/blazy.min.js?ver=1.12.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4i4zPZXAmGzOgzNN4eiNZ4vxs4xMbENwq3%2Fvccb5DHJoOWw8s8JzBe3x4QisxKE0f6ZwLJGp6l30wWhXmekF5tBgrBeEvyne4%2Bf%2B%2FzhQX8fTPAsdMHdzfUi0BcDM3yOog4eRn5NaLahU2qJ3mcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcf9d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 bs-ajax-pagination.min.js Show response
usanewshour.com/wp-content/themes/publisher/includes/libs/bs-theme-core/listing-pagin/assets/js/ 11 KB
4 KB 42ms
25ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/bs-theme-core/listing-pagin/assets/js/bs-ajax-pagination.min.js?ver=7.9.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f11d54dddc73d809715f0b2e3bc6cbb0b6ad52fdcd784b54708821e0e62b31a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/includes/libs/bs-theme-core/listing-pagin/assets/js/bs-ajax-pagination.min.js?ver=7.9.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2q2nMhdBhjByJTVjn4uRxzCJGGRCbANV9H%2FH%2FV7pg3OIQL173IUDAktm2R1ZAFg1JoR430pGcsixFcwn4b%2BcdQfhDGXUbk6tTBea5IV9pv0sjUuVWPtMjteWXeckD1XYeCrf7g4nSMn6rJAh0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcfad6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 slick.min.js Show response
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 43 KB
11 KB 35ms
18ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/slick.min.js?ver=3.11.15

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05c8453ef5c4db83686dde6d5efd93af9751a56d94e761c8f849989e67065e02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/includes/libs/better-framework/assets/js/slick.min.js?ver=3.11.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ1ZN5hseM7wc%2BVnQkmQYtZAOSNRv8q%2BepVo9PCieiGYbLOAdyxgRcvkI2Z0vZmSnN6Pwku%2FCXdgvHneD6NCK4xHs1GTaNyjm2Z3EEjrTpFvtFXE7LP2C%2B%2F0b08uN0VsFasmHGwn%2BYkU6QngKSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcfbd6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 theme-libs.min.js Show response
usanewshour.com/wp-content/themes/publisher/js/ 128 KB
41 KB 52ms
35ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/js/theme-libs.min.js?ver=7.9.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2084e373a9091ddf7ca22a0ed52e04be90ce4f4c2c49f85e844e89e1b74ddbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/js/theme-libs.min.js?ver=7.9.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJynOC7xk8fmtPwXUta0QEpcRNR0gL90ETyVjRYLYmRMKzmSZAazEmmmplzjZ6DhzChVnXdQJmEAkt8F0pThUm9LAk5nMMCR%2B6jDvShj%2F3wqPY1WvqZO4iXYlmFegHNyyV60HMon6onr9E2sAtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcfcd6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 pretty-photo.min.js Show response
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 20 KB
6 KB 37ms
20ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/pretty-photo.min.js?ver=3.11.15

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c739a5eba13b38defdc30afea1f7598eb5385d698f326f7e3b24a33aafac04e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/includes/libs/better-framework/assets/js/pretty-photo.min.js?ver=3.11.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nu4oyDLo8Kp4Ot50YysYopQ5b9HIp%2Frs3%2FyDMsB2ejDHtevXODxcf7W63XT4EGFnBnPm%2BZXePMKbAcG3MgK7%2FGTvC0VKw5tZ%2BSkjfL40ZmeT1qUGiYJUnIBU2Y4067Krz05Rb%2F9Bo12H%2BGhJ6ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcfdd6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 theme.min.js Show response
usanewshour.com/wp-content/themes/publisher/js/ 42 KB
13 KB 37ms
20ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/js/theme.min.js?ver=7.9.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feb91b734e9a65531d51d8567992477fa7885f4a2babf9e2b9bfee8d6db03f43

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/js/theme.min.js?ver=7.9.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcD6zwvkd5bruPUoak0sgJBc4cEAlK1eZGk%2BMZhq%2BE77gkuDOyB%2F9SsMxkq5aF8F2%2F3SHDI%2B34NujQdOTgfFJSWD09AvgLOnJofQ2R7aFQ8Qwlefz01pL4zbWSchB5eBaDPnDi%2BRfQ9I0QNVsNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fcffd6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 wp-embed.min.js Show response
usanewshour.com/wp-includes/js/ 1 KB
1 KB 47ms
30ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-includes/js/wp-embed.min.js?ver=5.7.2

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 03:05:10 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrMBU6owFo6T8v9ynVEO%2FRVWhvgaFfFXEWiqcEW2n77stvVyhlJX99w%2FgKu37KFbcfb0XbfoaOif4DMzcOdz%2FFJ6pPTDFkUcXhqEP1%2BVZMfsIQvZJTN9eg%2FYlyt7NPADRSOIY1HOn6OPYhEuOEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d90fd00d6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 advertising.min.js Show response
usanewshour.com/wp-content/plugins/better-adsmanager/js/ 29 B
600 B 32ms
15ms Script
application/javascript 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.20.5

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.20.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29
last-modified: Wed, 10 Mar 2021 18:33:21 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqhza2e5UgsOyybUpuXIHlCmdQE08p1hKhxMA002CiJzBniRGl31HP2IsptCD9tbcU23I3uhIr1FvWgEtrb%2BEFEqcj7d4KxclwcHRAMv9xQ81XCX0oRZfi9G2EmQegQD%2BYvY%2FV1Rb068o7Ke2GU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d90fd01d6bd-FRA

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/v2technosys-usanewshour/ 126 KB
22 KB 305ms
218ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/v2technosys-usanewshour/loader.js
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.64.2 /
Resource Hash: 51cabd2d725aea533cf3989c0b98dc1cc63c988e4d4d012afceeaeca84b509dd

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: R.kYCOlBuCjtY7v855Pa_0V0j1EXDUee
content-encoding: gzip
etag: "14ee2883fd0c24b12f854709e237e60f158f92e7"
age: 0
via: 1.1 varnish
x-cache: HIT
content-length: 22514
x-amz-id-2: j2hhpzo1kjHDl3KRhJvxqmzoJE++X+Gw+u7JjmswCUJxOMFlAphqaQZ5hbc5S6XLhHOdN3tUVZo=
x-served-by: cache-fra19140-FRA
last-modified: Wed, 21 Jul 2021 01:00:07 UTC
server: obaker.93.1.2-11.64.2
x-timer: S1626829207.285997,VS0,VE183
date: Wed, 21 Jul 2021 01:00:07 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: 9VEDSVM4F4E1EFHY
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 16
x-cache-hits: 1

GET
H3-29 200 bs-icons.woff
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 29ms
14ms Font
font/woff 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
pragma: no-cache
origin: https://usanewshour.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: usanewshour.com
referer: https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://usanewshour.com
Referer: https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13852
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avlQHOsWcsGVpopLF3O3j45lKdoIMLUY8I3V90lSNOVwYI2REzRJPxzDDePb7co68CDYb%2BLLq5H9atRRkfzG6U4wpIN5zbfNuJBIoiZJ7wXeMBpgseOVZN3xEB8WLtJtA3iBaim%2FQ%2FDncx9ZEaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d914d2bd6bd-FRA

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 15ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,400%7CPoppins:400,700,600,500,400italic%7CQuestrial:400%7CRoboto:500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://usanewshour.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 09:11:24 GMT
x-content-type-options: nosniff
age: 56923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 09:11:24 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 16ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,400%7CPoppins:400,700,600,500,400italic%7CQuestrial:400%7CRoboto:500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://usanewshour.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:05:46 GMT
x-content-type-options: nosniff
age: 96861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:05:46 GMT

GET
H3-29 200 fontawesome-webfont.woff2
usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 22ms
15ms Font
font/woff2 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://usanewshour.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: usanewshour.com
referer: https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://usanewshour.com
Referer: https://usanewshour.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
last-modified: Sun, 04 Apr 2021 15:46:43 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XV49AqCzf5Q339iLYTd7fURawbZwg6ti0iM91TffDFTBjuJwf04uZ0ZpCDutDy9AiRo5yPo9m6Rrw7iXcgxJ20pDZG1NpapQnW%2FoWIO1rtrT0MWqtS5Tkt8AYWfwvQDg%2FQnED%2BFWYUOLEdBKv%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d914d2cd6bd-FRA

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 16ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,400%7CPoppins:400,700,600,500,400italic%7CQuestrial:400%7CRoboto:500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://usanewshour.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:08:26 GMT
x-content-type-options: nosniff
age: 107501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 19:08:26 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 16ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,400%7CPoppins:400,700,600,500,400italic%7CQuestrial:400%7CRoboto:500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://usanewshour.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:45:28 GMT
x-content-type-options: nosniff
age: 83679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:45:28 GMT

GET
H2 200 instream.js Show response
app.playstream.media/js/instream/ 283 KB
78 KB 70ms
69ms Script
application/javascript 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/js/instream/instream.js
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/domain/instream/955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 58ee36480aa68e791322f58872f412e74002d6ed20de2bb8ea2b69d95487b903

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: br
last-modified: Sat, 06 Mar 2021 07:09:26 GMT
server: nginx/1.17.10
etag: W/"60432aa6-46db6"
content-type: application/javascript; charset=utf-8

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107200101/ 246 KB
91 KB 45ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3233951301803490&plah=usanewshour.com&amaexp=1&bust=exp%3D31061747

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6804e057a916411f2ede2d88df7c916e5dd8d01293ca7692ee5a617806b43f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93615
x-xss-protection: 0
server: cafe
etag: 8483732643728970489
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jul 2021 01:00:07 GMT

GET
H3-29 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v13/ 19 KB
19 KB 19ms
17ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v13/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,400%7CPoppins:400,700,600,500,400italic%7CQuestrial:400%7CRoboto:500,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://usanewshour.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:17:04 GMT
x-content-type-options: nosniff
age: 45783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19404
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:43:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:17:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/ Frame 67AD 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210714/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Jul 2021 16:30:53 GMT
expires: Tue, 03 Aug 2021 16:30:53 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 30554
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 impl.20210720-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 530 KB
118 KB 35ms
34ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210720-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/v2technosys-usanewshour/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1f4c9402c18a9ed4379c6e4db828518f9a1956f5a28bf85129396fd4aac42b7b

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qpl7dFxU123Wt65QRbE5PupDr24YbQfn
content-encoding: br
etag: "4cb0d9da5f80555d2dca73234c4fca4a"
age: 1297
x-cache: HIT
content-length: 120616
x-amz-id-2: kgByegl6mwF8qWHVwT5yc6QJLBBLMfAM69K8kHHHjVTQmZPw7jtOlKsWDx64bL0NpHehJ2mLcOo=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 20 Jul 2021 08:30:34 GMT
server: AmazonS3-br
x-timer: S1626829208.740100,VS0,VE0
date: Wed, 21 Jul 2021 01:00:07 GMT
vary: Accept-Encoding
x-amz-request-id: JGH0ZVJV45K4Z150
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 50
x-cache-hits: 609

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 133ms
36ms Script
application/javascript 13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/v2technosys-usanewshour/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:55:52 GMT
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: Y_FxVmHK8UGtHWf8zzWUM2p936lXBtxG6yUHIMHj1T96JX_AhIswMg==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e1ec145df4e72f13fe27c2c946ae4305f9e9fa17ed3cfc22ae39b84d28b7d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
661 B 198ms
65ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=usanewshour.com&callback=_gfp_s_&client=ca-pub-3233951301803490

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3233951301803490&plah=usanewshour.com&amaexp=1&bust=exp%3D31061747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

04c6c7ad23891ddbc2ca04df203e9552c4493307e1291b7a1b69112fd0f39ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 53ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=usanewshour.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 52ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6466 0
19 B 99ms
73ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3233951301803490&output=html&adk=1812271804&adf=3025194257&lmt=1626829208&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626829207550&bpp=5&bdt=564&idt=400&shv=r20210714&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8394392213606&frm=20&pv=2&ga_vid=63848667.1626829208&ga_sid=1626829208&ga_hid=375464801&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060932%2C31061747%2C20211866%2C21065724&oid=3&pvsid=3969065074914131&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=481

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3233951301803490&output=html&adk=1812271804&adf=3025194257&lmt=1626829208&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626829207550&bpp=5&bdt=564&idt=400&shv=r20210714&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8394392213606&frm=20&pv=2&ga_vid=63848667.1626829208&ga_sid=1626829208&ga_hid=375464801&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060932%2C31061747%2C20211866%2C21065724&oid=3&pvsid=3969065074914131&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=481
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Jul 2021 01:00:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Jul-2021 01:15:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Jul 2021 01:00:08 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 57ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736025986498"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28059
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:08 GMT

GET
H3-29 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,400%7CPoppins:400,700,600,500,400italic%7CQuestrial:400%7CRoboto:500,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://usanewshour.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 09:27:55 GMT
x-content-type-options: nosniff
age: 55933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 09:27:55 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E83C 436 B
235 B 96ms
96ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3233951301803490&output=html&h=200&slotname=2372405569&adk=3460302697&adf=983315409&pi=t.ma~as.2372405569&w=840&fwrn=4&lmt=1626829208&rafmt=11&psa=0&format=840x200&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626829207582&bpp=3&bdt=596&idt=575&shv=r20210714&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8394392213606&frm=20&pv=1&ga_vid=63848667.1626829208&ga_sid=1626829208&ga_hid=375464801&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=175&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060932%2C31061747%2C20211866%2C21065724&oid=3&pvsid=3969065074914131&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hPUlTad4VN&p=https%3A//usanewshour.com&dtd=609

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa6207e0296ae54fef23a81ccd4f6408170b30ac34b83196608b844c25cc425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3233951301803490&output=html&h=200&slotname=2372405569&adk=3460302697&adf=983315409&pi=t.ma~as.2372405569&w=840&fwrn=4&lmt=1626829208&rafmt=11&psa=0&format=840x200&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626829207582&bpp=3&bdt=596&idt=575&shv=r20210714&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8394392213606&frm=20&pv=1&ga_vid=63848667.1626829208&ga_sid=1626829208&ga_hid=375464801&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=175&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060932%2C31061747%2C20211866%2C21065724&oid=3&pvsid=3969065074914131&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hPUlTad4VN&p=https%3A//usanewshour.com&dtd=609
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 21 Jul 2021 01:00:08 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: IDE=AHWqTUmkaCersyyUYR_0EPIOBnnkxwOM1boDGbzOgnfcVMu3n2mKe4jGXhK2nJEIF2A; expires=Mon, 15-Aug-2022 01:00:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Jul 2021 01:00:08 GMT
cache-control: private

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1626829208226&ns_c=UTF-8&cv=3.5&c8=EXCLUSIVE%3A%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20sets...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1626829208226&ns_c=UTF-8&cv=3.5&c8=EXCLUSIVE%3A%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20set...

64 B
331 B

47ms
46ms

Image
image/gif

13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1626829208226&ns_c=UTF-8&cv=3.5&c8=EXCLUSIVE%3A%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20sets%20of%20Resurrection%20Mary&c7=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&c9=
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Wghdll9_nysZbP0H1BrImNSxdPos6zdbvoXzRhPPWZZ5Jyk0jyy5Jw==

Redirect headers

date: Wed, 21 Jul 2021 01:00:08 GMT
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1626829208226&ns_c=UTF-8&cv=3.5&c8=EXCLUSIVE%3A%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20sets%20of%20Resurrection%20Mary&c7=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&c9=
content-length: 393
x-amz-cf-id: 335rA1KQykb_grdLxKR81IIteo8pTk6xGw-JtjAeGJRGY0WZ1HjS_g==

GET
H2 200 json Show response
trc.taboola.com/v2technosys-usanewshour/trc/3/ 9 KB
4 KB 461ms
459ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/v2technosys-usanewshour/trc/3/json?tim=03%3A00%3A08.246&lti=deflated&data=%7B%22id%22%3A424%2C%22ii%22%3A%22%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1626770753367%2C%22vi%22%3A1626829208242%2C%22cv%22%3A%2220210720-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6511%2C%22ad%22%3A%7B%22sdkd%22%3A%7B%22os%22%3A%22Wordpress%22%2C%22osv%22%3A%225.7.2%22%2C%22sdkt%22%3A%22Taboola%20Wordpress%20Plugin%22%2C%22sdkv%22%3A%221.0.9%22%7D%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22below-article%22%2C%22orig_uip%22%3A%22below-article%22%2C%22cd%22%3A5151.078125%2C%22mw%22%3A840.390625%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 07525f756d352d01f20083bc6156929b65ba6b6a4917f7a89d5570a5b534ea4e

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 424
date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
server: nginx
x-timer: S1626829208.266656,VS0,VE424
x-served-by: cache-fra19140-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://usanewshour.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-29

429

/
www.instagram.com/accounts/login/ Frame 718E
Redirect Chain

https://www.instagram.com/p/CGqhsC9M5jT/embed/captioned/?cr=1&v=13&wp=658&rd=https%3A%2F%2Fusanewshour.com&rp=%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurr...
https://www.instagram.com/accounts/login/

0
0

265ms
264ms

Document
text/html

2a03:2880:f22d:1e6:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/accounts/login/

Requested by

Host: platform.instagram.com
URL: https://platform.instagram.com/en_US/embeds.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://.fbcdn.net https://.instagram.com https://.cdninstagram.com https://.facebook.com https://.fbsbx.com; font-src data: https://.fbcdn.net https://.instagram.com https://.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://graphql.instagram.com https://.cdninstagram.com https://api.instagram.com https://i.instagram.com https://.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.instagram.com
:scheme: https
:path: /accounts/login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-language: en
date: Wed, 21 Jul 2021 01:00:08 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 45
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 20793
x-ig-origin-region: vll
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

content-type: text/html; charset=utf-8
location: https://www.instagram.com/accounts/login/
vary: Accept-Language, Cookie
content-language: en
date: Wed, 21 Jul 2021 01:00:08 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 45
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 0
x-ig-origin-region: vll
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29

429

/
www.instagram.com/accounts/login/ Frame 56B5
Redirect Chain

https://www.instagram.com/p/CHPEQjXs6Gv/embed/captioned/?cr=1&v=13&wp=658&rd=https%3A%2F%2Fusanewshour.com&rp=%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurr...
https://www.instagram.com/accounts/login/

0
0

169ms
163ms

Document
text/html

2a03:2880:f22d:1e6:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/accounts/login/

Requested by

Host: platform.instagram.com
URL: https://platform.instagram.com/en_US/embeds.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://.fbcdn.net https://.instagram.com https://.cdninstagram.com https://.facebook.com https://.fbsbx.com; font-src data: https://.fbcdn.net https://.instagram.com https://.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://graphql.instagram.com https://.cdninstagram.com https://api.instagram.com https://i.instagram.com https://.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.instagram.com
:scheme: https
:path: /accounts/login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-language: en
date: Wed, 21 Jul 2021 01:00:08 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 45
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 20793
x-ig-origin-region: vll
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

content-type: text/html; charset=utf-8
location: https://www.instagram.com/accounts/login/
vary: Accept-Language, Cookie
content-language: en
date: Wed, 21 Jul 2021 01:00:08 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 45
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 0
x-ig-origin-region: vll
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 239 KB
57 KB 28ms
7ms Script
application/javascript 2a02:26f0:6c00::210:bb21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=60d9c15e69f9692eee1b39a9&AV_PUBLISHERID=60d9b376ef552b1df4426895
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 365a607bc597a72cbb8b1134378bb96bfd290faaf3185191d2bb4d576d83873a

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdukrsi6LQ0zojW0v7pF7aIyoqiVCYoNOSDqNH-hyyQ8WDBql0lN-njMWEtIjV775WL6L1UKfMJs7-ngw7qknoU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 58119
last-modified: Mon, 12 Jul 2021 06:18:29 GMT
server: UploadServer
etag: "9c2e9f1b50ee96e637aa4ca9d455b230"
vary: Accept-Encoding
x-goog-hash: crc32c=8CBobQ==, md5=nC6fG1DuluY3qkyp1FWyMA==
content-language: en
x-goog-generation: 1626070709676083
cache-control: public, max-age=300
x-goog-stored-content-length: 58119
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 21 Jul 2021 01:05:08 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 369ms
119ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=60d9b376ef552b1df4426895&cid=60d9bef0f380430341376627&cb=1626829208347&r=usanewshour.com&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&e=playerLoaded
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3-29 200 admin-ajax.php Show response
usanewshour.com/wp-admin/ 96 B
813 B 552ms
552ms XHR
text/html 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usanewshour.com/wp-admin/admin-ajax.php

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466e9981b770e7f0332292f6fc2876f5d4c1f2e6aa71510e8ba3e8fcb9419ac9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://usanewshour.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
content-length: 51
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGCYYPq3bDep0p66fU5lrn3KVOa8aaoZhul3IzreN0tAzmB4qr4p6U%2FcUy%2FOz9t9NIgTRmRx%2Brw%2BCO%2B4LqViwIJe5A%2Bsr6XG901VSq2iTKl4KPN%2BRLPtTtDFXjdgwlmqeDYcRX6ja9DOt4%2BtO%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://usanewshour.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests;
cf-ray: 67207d983ac6d6bd-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175803653-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3170
date: Wed, 21 Jul 2021 00:07:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 21 Jul 2021 02:07:18 GMT

GET
H3-29 200 Photo-Arunika-Swaroop-150x150.jpg
usanewshour.com/wp-content/uploads/2021/01/ 8 KB
9 KB 18ms
16ms Image
image/jpeg 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/01/Photo-Arunika-Swaroop-150x150.jpg

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c549186f6445b396411112536f2a4d38ff0b67ce7e5c28b4349892ef56700e7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/01/Photo-Arunika-Swaroop-150x150.jpg
pragma: no-cache
cookie: __gads=ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8538
last-modified: Tue, 26 Jan 2021 15:01:13 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BduW89FE3B%2B2%2FEBE6XOf1BN8Zva7lF2leelWqwRyrQhmCnUs6dTr2sbkJ6WjIWOzgCIk5VQGTbcyQosvi4mQxdzQcW4IGFB5AA6FmzniFa0HKMLbk2LkQLT1Zleo%2BIfcyn6kKJJnonfjUemf6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d999bcad6bd-FRA

GET
H3-29 200 Pamela-Jean-Noble.jpg
usanewshour.com/wp-content/uploads/2021/04/ 74 KB
75 KB 96ms
94ms Image
image/jpeg 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/04/Pamela-Jean-Noble.jpg

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

117c186fa011ae9e0e06c03928d60852a1969e5979b337d29574b31f101fd181

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/04/Pamela-Jean-Noble.jpg
pragma: no-cache
cookie: __gads=ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: MISS
last-modified: Wed, 21 Apr 2021 18:41:08 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BP7M%2Fe%2FlIxYkr%2B7JZrqiDwKZNIkz5hS0JhG56jeQ9xr0BgacvUoSrIr29t2usnT%2Fa6BZEp%2FRFwR82p6p%2FL14aQCN7ZnizsagaPNLDL771huIXSONXbVNvDC43ueulBY6hWtQ9UnuNfoTHfqtks%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67207d999bcbd6bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75842

GET
H3-29 200 Eid-210x136.jpg
usanewshour.com/wp-content/uploads/2021/07/ 10 KB
11 KB 17ms
16ms Image
image/jpeg 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/07/Eid-210x136.jpg

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b55a42eb5c74c7c4ba963480bbf5d72ad2955041fcd60716e951b7654bcff07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/07/Eid-210x136.jpg
pragma: no-cache
cookie: __gads=ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10710
last-modified: Tue, 20 Jul 2021 18:42:38 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAS5kbI8F5Ei42Rh5YMsjOQox4O4w%2BrTWaC4jf%2Bh161OuYVF9iSlQhO6uk2EfEvLxqboyDaDfrZSramnhinOr5AbJqvAN%2Bxs8tnqu%2FIhG2vM4XpyXLseXOBSIqZN1Fd4NjJdJCX%2BOwqTMa%2F%2FvVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d999bcdd6bd-FRA

GET
H3-29 200 Kanter-not-210x136.jpg
usanewshour.com/wp-content/uploads/2021/07/ 4 KB
5 KB 20ms
19ms Image
image/jpeg 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/07/Kanter-not-210x136.jpg

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962299548f48d5eaf5b383dcee2d5ebcd846b99e1f5f6bc4a6109254aa5a3570

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/07/Kanter-not-210x136.jpg
pragma: no-cache
cookie: __gads=ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4482
last-modified: Tue, 20 Jul 2021 19:01:59 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oI8uOIkvbA8YppoINwmMqeQs8fcfBeZ%2FCeVCZVHCfrNpRH%2FRlqWsy%2FblQGqoUERtf1VdxXBUwxxKGVQLfIPS8t%2B0syPR8Yknt3GG2kCo6tAZWCgueicUkwu5VOga3E%2BSP2Iy0wyKdn%2FuBxXbsJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d999bced6bd-FRA

GET
H3-29 200 Untitled-design-10-3-210x136.jpg
usanewshour.com/wp-content/uploads/2021/07/ 5 KB
6 KB 19ms
18ms Image
image/jpeg 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/07/Untitled-design-10-3-210x136.jpg

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a5af61ac2a1cec35006725b335457b7f261d713694ce97b1049b3e24bc3b867

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/07/Untitled-design-10-3-210x136.jpg
pragma: no-cache
cookie: __gads=ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5518
last-modified: Tue, 20 Jul 2021 18:03:59 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLhwBjEh97JQuxFPO2mBYUkPFThOwdU92xqOaYYLfQSS5ZFRcmvZHNTB%2FqBSGUy5GDHV3QveL5qqkhf%2FN0GuNN2H%2F8zRzW2O5k9Mvpwm4x2uM0%2F0LQCp3gkh3S6FlpM0eI0KMr8L6%2FYFHkQyEEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d999bcfd6bd-FRA

GET
H3-29 200 Untitled-designv-12-210x136.jpg
usanewshour.com/wp-content/uploads/2021/07/ 11 KB
11 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/07/Untitled-designv-12-210x136.jpg

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8756eb2f65f4df8ff86f514cf4c0756d35e9ea54a5ec23c6777d406f554a87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/07/Untitled-designv-12-210x136.jpg
pragma: no-cache
cookie: __gads=ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11078
last-modified: Mon, 19 Jul 2021 13:51:16 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmbUc%2FHn%2BZRll%2B91auf1O%2Bm8%2F2ywB9A9LCUW4PW%2FNKygW9M7mfnmpVy91s4DbOjmWlzo5cB4NeHvZG2tn4EHP%2B%2FvfkMPYfC3DUvg%2FA4y11TP9ooB4C2vmht5dzSxwB%2FyHCDzZQZUXH43DYpXivw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d999bd0d6bd-FRA

GET
H3-29 200 Untitled-design-9-6-210x136.jpg
usanewshour.com/wp-content/uploads/2021/07/ 10 KB
11 KB 14ms
13ms Image
image/jpeg 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/07/Untitled-design-9-6-210x136.jpg

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f422dad84bdd9f085fb7590475bf24f8c222d14872614d9db20df3445153f29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/07/Untitled-design-9-6-210x136.jpg
pragma: no-cache
cookie: __gads=ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10512
last-modified: Tue, 20 Jul 2021 17:41:05 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th3U4h7FiQRFsF%2BV3wnPwFC0xT8Ody%2B74qFpUE492xlWIZfMNJWomEPeAO6Ng9mPUB6ETA8r1R2uPPm6yKxdSqxA2pn7%2B%2BHOGiJC8Ardj3vIksMMUfPl2%2FW%2FcuzFs4fAuje2C4T8FHvL%2B5BQ%2Bmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d999bd1d6bd-FRA

GET
H3-29 200 Untitled-design-9-4-210x136.jpg
usanewshour.com/wp-content/uploads/2021/07/ 10 KB
10 KB 15ms
13ms Image
image/jpeg 2606:4700:3032::ac43:9871
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usanewshour.com/wp-content/uploads/2021/07/Untitled-design-9-4-210x136.jpg

Requested by

Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ba769358e898d9c7e3dd39ba0f852cd87a8c81e190522cfc1c00035ddd2075

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:path: /wp-content/uploads/2021/07/Untitled-design-9-4-210x136.jpg
pragma: no-cache
cookie: __gads=ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: usanewshour.com
referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10165
last-modified: Fri, 16 Jul 2021 18:22:50 GMT
server: cloudflare
date: Wed, 21 Jul 2021 01:00:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Js29PGT696Woud39Y9w7Ks3%2FSaBkYpvhsJIBj4IJLU3FaFVyccFoTRG1WYZsV6w7C8Hfj8lsy2J%2F6zFeiUroUsxXV9CTNy50X%2F2XxSAnzNYKe8GoGL8GSbVvyaFEhr%2BHKXeLuKZFIweJ82Dl0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67207d999bd2d6bd-FRA

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 16ms
7ms Script
application/javascript 2a02:26f0:6c00::210:bb21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uzg4smcUyUdWef64hHqkVmexb85uQtozqglSdLDYlq0y4WzGiRoCxPq02FU-Y5pBb8g369Z-mWegPyPvosNsY8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 21 Jul 2021 01:05:08 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
1 KB 137ms
40ms Image
image/png 94.130.218.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.130.218.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.218.130.94.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: nginx/1.17.10
etag: "60068ec0-4f1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1265
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame F7E2 344 KB
98 KB 42ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6775ae3a750e03d17aef17361eb2ff327abc112796226aafc0dba8f3d7845d0d

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduaDgPkp_R4LCB6X0nkLqtQRAGmWpF51Ckil2fG4W5xfkIAHKuFEF1VpjBSyXZNRUlxFUGRvikgiqoAdEmOLXvUWRKXhQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 99395
last-modified: Wed, 14 Jul 2021 08:58:16 GMT
server: UploadServer
etag: "ae36937a7d404d46344fcd812980641d"
vary: Accept-Encoding
x-goog-hash: crc32c=GfSxwg==, md5=rjaTen1ATUY0T82BKYBkHQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1626253096644759
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=300
x-goog-stored-content-length: 99395
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 21 Jul 2021 01:05:08 GMT

GET
H2 200 tfa-eid.20210720-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 41ms
33ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210720-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/v2technosys-usanewshour/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87a2d468f26b863378c319b42c7a5ca7284efd10bbbb93c3f7b0b3e13bb7b75b

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NavD8N5.l263zOZbN2eyRc0EEHsxGNRC
content-encoding: gzip
etag: "7d7e76eb6c608853ce883c07b2dd9a87"
age: 111
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: /LR10yAUfYMeDDcRyn9DG2smRwjAfmV9Tz38jXWLdGHA/gUBYsDNsKnFYXq1nTy6En+45rj4Ns8=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 20 Jul 2021 08:41:32 GMT
server: AmazonS3
x-timer: S1626829209.804945,VS0,VE0
date: Wed, 21 Jul 2021 01:00:08 GMT
vary: Accept-Encoding
x-amz-request-id: 1TMD8RKC7BTF7SWV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 50
x-cache-hits: 60

GET
H2 200 sha256.20210720-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 42ms
34ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210720-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/v2technosys-usanewshour/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 251eeb606918edcd0a39186ad31d1c8b28811aa00ee7ed5adb93afc2b8628471

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PNEsa5M5ZLytjd6Y1FHuFfdtQwWXFN8Q
content-encoding: gzip
etag: "12c407c73f8bc8cc86bb3c14b7c3dc1e"
age: 103
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: q0GGTs+J11w/TriAC2WZq6zR005EaQywvY4/rTihVYggUdbzX6JlF+WVr+UPMcD/WY5UnDSmx+I=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 20 Jul 2021 08:41:44 GMT
server: AmazonS3
x-timer: S1626829209.805009,VS0,VE0
date: Wed, 21 Jul 2021 01:00:08 GMT
vary: Accept-Encoding
x-amz-request-id: Q2ARSYX8K3C9Y347
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 50
x-cache-hits: 52

GET
H2 200 tb Show response
15.taboola.com/ 147 B
452 B 47ms
43ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=v2technosys-usanewshour&unitType=59&tbloc=&pageType=text&pstn=Slider%20-%20Video&uuip=&cisrf=&cirf=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&encoded=1&uid=245d0b02-c187-4b7a-be27-a7a5fc668a9f-tuct7f0f718&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1626829208828&tagid=&cntry=DK&platform=1&sesid=41f1438850f6e4e29531bf1fb59a1807&itemid=/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321&viewid=1626829208242&geolat=&geoing=&deviceifa=&appid=&sd=v2_41f1438850f6e4e29531bf1fb59a1807_245d0b02-c187-4b7a-be27-a7a5fc668a9f-tuct7f0f718_1626829208_1626829208_CNawjgYQobtUGLL1zrSsLyABKAEwOjj5twhAn4oQSNuB2QNQwNkMWABgAGixr-m1yv33zq0BcAA&ri=1f5ce75126685556832a4767645ca552&appname=&cdb=&gdprApplies=true&rid=&sii=-732462097249067784&oee=true&tpubid=1383841&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=84&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1033322&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e687b1e7848cc065c48f1625e4912847e84f01377245e76c4d1935a2d65e3fdd

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Jul 2021 01:00:08 GMT
content-encoding: gzip
access-control-allow-origin: https://usanewshour.com
machineid: 1430
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19140-FRA
pragma: no-cache
server: nginx
x-timer: S1626829209.848728,VS0,VE9
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210720-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 35ms
34ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210720-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/v2technosys-usanewshour/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a5acb3305f5beef7a26544a0036762c1c586fc213633e6dc47fae8504fe138d

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: aCw_MU9KdBWPmRhWtkn9IprFiZ_gR5rH
content-encoding: gzip
etag: "d6dae085df6d5ae11fa2b9a4ff3138dd"
age: 105
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7949
x-amz-id-2: Y2tHHDx9Aw4kyqtOOf3PvS1qFivxR95YCfnqvcVUUFHr16Q4KEQ7fCyXUcV+kp0RzyJeKbga5D4=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 20 Jul 2021 08:41:27 GMT
server: AmazonS3
x-timer: S1626829209.848663,VS0,VE0
date: Wed, 21 Jul 2021 01:00:08 GMT
vary: Accept-Encoding
x-amz-request-id: 2K66MYEQKGY56PAZ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 50
x-cache-hits: 15

GET
H2 204 debug
il-trc-events.taboola.com/v2technosys-usanewshour/log/2/ 0
90 B 285ms
92ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/v2technosys-usanewshour/log/2/debug?tim=03%3A00%3A08.827&type=info&msg=wordpress-integ&id=8618&cv=20210720-4-RELEASE&lt=deflated
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69460

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=375464801&t=pageview&_s=1&dl=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&ul=en-us&de=UTF-8&dt=EXCLUSIVE%3A%20Pamela%20Jean%20Noble%20opens%20up%20about%20paranormal%20activity%20on%20the%20sets%20of%20Resurrection%20Mary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=382111993&gjid=32730674&cid=63848667.1626829208&tid=UA-175803653-1&_gid=243777263.1626829209&_r=1&gtm=2ou7j0&z=907796607

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://usanewshour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1622445737279da2f7d51f4c265d477152a7de4afc2fa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/ 20 KB
21 KB 56ms
46ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1622445737279da2f7d51f4c265d477152a7de4afc2fa.jpg
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 330bbad493076bbcc4ae7af2bcf94791e8f85b882a60638c08947172da18d04e

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 21 Jul 2021 01:00:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 3089859
edge-cache-tag: 569613677417522298174250816130998282533,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 49
expiration: expiry-date="Thu, 01 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1622445737279da2f7d51f4c265d477152a7de4afc2fa.jpg
content-length: 20502
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 31 May 2021 13:29:55 GMT
server: nginx
x-timer: S1626829209.928696,VS0,VE1
etag: "bb95aee3daf7a5d5527ae3acd90df017"
x-served-by: cache-wdc5536-WDC, cache-dca17777-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 0001-561216459_20210429_210345_0000.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/ 32 KB
32 KB 50ms
41ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/0001-561216459_20210429_210345_0000.jpg
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 790360d989c15d53b57b84faba6f93ab45f9b579d402abb7c8fa27eccb47437d

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 21 Jul 2021 01:00:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 1688367
edge-cache-tag: 459976332788312703110440781016407181737,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 32
expiration: expiry-date="Sat, 10 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/0001-561216459_20210429_210345_0000.jpg
content-length: 32278
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 09 Jun 2021 10:19:30 GMT
server: nginx
x-timer: S1626829209.928688,VS0,VE1
etag: "0b87bceceaff536e8ecd8f4fbb36d4e6"
x-served-by: cache-wdc5575-WDC, cache-dca17752-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 Untitled-design-7-4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/ 11 KB
12 KB 46ms
38ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/Untitled-design-7-4.jpg
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ee06bf337d496c3801d1d889978c058839cdea2f2e466b1b7b2c5fe11c4c796

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 21 Jul 2021 01:00:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 2295687
edge-cache-tag: 537208180064557425465914337726693440847,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 29
expiration: expiry-date="Sat, 03 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/Untitled-design-7-4.jpg
content-length: 11760
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Wed, 02 Jun 2021 18:58:56 GMT
server: nginx
x-timer: S1626829209.928567,VS0,VE1
etag: "e2f40142fda765d58d1f594048ef5926"
x-served-by: cache-wdc5539-WDC, cache-dca17750-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 Ford.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/ 11 KB
11 KB 44ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/Ford.jpg
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bfdd9ed5d6c2c4271509ba206137e81d5855478058c4b87e6ecb0b5e4a8e2e17

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 21 Jul 2021 01:00:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 453960
edge-cache-tag: 513938422137527884198872682383824403403,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 575
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/Ford.jpg
content-length: 11054
x-request-id: e67c1f5e5c67812d1d8b48491a4aa647
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Fri, 02 Jul 2021 03:27:46 GMT
server: nginx
x-timer: S1626829209.928553,VS0,VE1
etag: "f5cd50dd50915f82a570c19189d0fa42"
x-served-by: cache-wdc5523-WDC, cache-dca17769-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 20210505_224005_0000.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/05/ 14 KB
14 KB 39ms
32ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/05/20210505_224005_0000.jpg
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1bef3bd25610a6248487cd4d522d464f88ebf345505d2d6ff190810a2810bbb6

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 21 Jul 2021 01:00:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 2894178
edge-cache-tag: 360047671820313984678945486381418910224,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 25
expiration: expiry-date="Fri, 02 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/05/20210505_224005_0000.jpg
content-length: 14028
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Tue, 01 Jun 2021 14:46:18 GMT
server: nginx
x-timer: S1626829209.928308,VS0,VE1
etag: "a8d4dd0e216edfdd5392096622543974"
x-served-by: cache-wdc5581-WDC, cache-dca17724-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 Untitled-design-26-9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/ 12 KB
12 KB 40ms
34ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/Untitled-design-26-9.jpg
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da299c73034620ffd3957b27abb53bd6e6c44bb47f66aa7cc3a774c58b51c670

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 21 Jul 2021 01:00:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 1077273
edge-cache-tag: 484291845089419240521527387982208226994,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 33
expiration: expiry-date="Thu, 22 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//usanewshour.com/wp-content/uploads/2021/04/Untitled-design-26-9.jpg
content-length: 12218
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Mon, 21 Jun 2021 00:10:32 GMT
server: nginx
x-timer: S1626829209.928473,VS0,VE1
etag: "487f4120508e180760642bd0f0997038"
x-served-by: cache-wdc5534-WDC, cache-dca17746-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 204 debug
il-trc-events.taboola.com/v2technosys-usanewshour/log/2/ 0
89 B 93ms
93ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/v2technosys-usanewshour/log/2/debug?tim=03%3A00%3A09.033&type=warn&msg=TRC.TranslationsManager%20-%20language%20key%3A%20hi%20not%20recognized%20for%20feature%20userx.&id=7524&cv=20210720-4-RELEASE&lt=deflated&pct=1
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69460

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=usanewshour.com&sn=&ic=0&tgt=0&app=&wi=456&he=257&test=&apppkg=&fv=1&proto=https&pid=60d9b376ef552b1df4426895&cid=60d9bef0f380430341376627&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&e=inventory&vi=100&cb=1626829209108
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 21 KB
2 KB 1079ms
652ms XHR
application/json 18.208.241.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=60d9c15e69f9692eee1b39a9&AV_PUBLISHERID=60d9b376ef552b1df4426895&AV_VIDEOURL=https%3A%2F%2Facdn.flickstree.com%2F9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7%2F270p.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&AV_CHANNELID=60d9bef0f380430341376627&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=usanewshour.com&AV_DADPOS=1&AV_TAG=60d9c15e69f9692eee1b39a9&AV_TEMPLATE=60d9c0213e8b2e52081657bb&v=6.1.1.243&avtoken=209107&AV_WIDTH=456&AV_HEIGHT=257&AV_DNT=0&cb=1626829209142
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.241.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-241-4.compute-1.amazonaws.com
Software: /
Resource Hash: 82296f13888cc55dd6d7157a5ad218ce6e651206464055461406a5256c47d3d5

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://usanewshour.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Fri, 09 Jul 2021 11:13:30 GMT

GET
H2 200 270p.m3u8 Show response
acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/ 923 B
1 KB 389ms
11ms XHR
application/octet-stream 2600:9000:2182:5c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/270p.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14ed3f459d855379c289e664d5512c1a801ab700073da27ede502fa8038e92b8

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 16:22:02 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
vary: Origin
age: 31088
x-cache: Hit from cloudfront
content-length: 923
last-modified: Sat, 21 Nov 2020 17:58:13 GMT
server: AmazonS3
etag: "f524365f0f3b4ef52d0b64d99ebf16c1"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 2XdF1yEI_Stm10opT1MhjbGg-LPxCM30LMGrB2CxjAc3zIJhRMMAow==

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 41ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210714&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abc61b3a869a4446e3faea5cd5196599fd9d84334bfa485c38eb3cab1adfb1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8446
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:09 GMT

GET
H2 200 270p_000.ts Show response
acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/ 132 KB
133 KB 21ms
13ms XHR
application/octet-stream 2600:9000:2182:5c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/270p_000.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88450c55b72b16d159e529768f3f7414162deb61d982f4a7a7e53c8a50a3ec75

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 16:22:03 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
vary: Origin
age: 31087
x-cache: Hit from cloudfront
content-length: 135360
last-modified: Sat, 21 Nov 2020 17:58:13 GMT
server: AmazonS3
etag: "743249ffe249767afaf8e7214d0a52c3"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 5_TY6IrqmBi-Clq6REGs4nrt3isuAN453YHlAxMTwvVpTlAJBGnvFg==

GET
BLOB 200
OK ac5ef80e-f108-4e22-a212-378271f28070
https://usanewshour.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://usanewshour.com/ac5ef80e-f108-4e22-a212-378271f28070
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1360 12 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 19:48:47 GMT
expires: Wed, 20 Jul 2022 19:48:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3F27 783 B
535 B 21ms
20ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e23832eb4235730dde0c5eb0d8cad94b81485cbf5adacef2099ed214ad33c246

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-96X91fTvGzAiI7AWLN30BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

expires: Wed, 21 Jul 2021 01:00:09 GMT
date: Wed, 21 Jul 2021 01:00:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-96X91fTvGzAiI7AWLN30BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 516
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 1360 35 KB
13 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 15:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 15:24:02 GMT

GET
H2 200 270p_001.ts Show response
acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/ 225 KB
226 KB 29ms
12ms XHR
application/octet-stream 2600:9000:2182:5c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/270p_001.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bd10b48e7bb1c1c6c28c359ebebedeb73360ff8827074eb3470fd56345e6d5c

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:09 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
vary: Origin
age: 1
x-cache: Hit from cloudfront
content-length: 230676
last-modified: Sat, 21 Nov 2020 17:58:13 GMT
server: AmazonS3
etag: "f386515fa0186006619bed9be4fe9761"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: X-egGwBNPZ8dfuso_dHMhTdmHV_Hh_KUZdMY25vmuX0pkPX_c_N4zw==

POST
H2 204 bulk Show response
trc.taboola.com/v2technosys-usanewshour/log/3/ 0
296 B 136ms
129ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/v2technosys-usanewshour/log/3/bulk?tvi2=4948&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 58
pragma: no-cache
date: Wed, 21 Jul 2021 01:00:10 GMT
via: 1.1 varnish
server: nginx
x-timer: S1626829210.967560,VS0,VE58
x-served-by: cache-fra19140-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://usanewshour.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 340 KB
117 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H2 200 270p_002.ts Show response
acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/ 283 KB
284 KB 13ms
11ms XHR
application/octet-stream 2600:9000:2182:5c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/270p_002.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b74dcca6a3255958e6bf340ce814b6b873745e2906ecff91b0cd3aa15116c93

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 16:22:04 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
vary: Origin
age: 31086
x-cache: Hit from cloudfront
content-length: 289708
last-modified: Sat, 21 Nov 2020 17:58:14 GMT
server: AmazonS3
etag: "f4acfa627f2cc6cfd0651b21d96ade88"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: fk3RWXIjV4HZ9MnHLfDIW8iYdOlya_RAovYDttFN_AgznL8dpFu_ag==

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
705 B 38ms
37ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: usanewshour.com
URL: https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 4960
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by: cache-fra19140-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1626829210.102670,VS0,VE0
date: Wed, 21 Jul 2021 01:00:10 GMT
x-amz-request-id: 6P8Y14FA9N2SAAH6
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 50
x-cache-hits: 455

GET
H2 200 urlChecker Show response
app.playstream.media/api/ 15 B
203 B 127ms
47ms Fetch
application/json 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/urlChecker?url=https://usanewshour.com/exclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary/19321/
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.11
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: br
server: nginx/1.17.10
x-powered-by: PHP/7.4.11
vary: Origin
content-type: application/json
access-control-allow-origin: https://usanewshour.com
cache-control: no-cache, private

GET
H2 200 track
track1.aniview.com/ 0
70 B 129ms
129ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257&&ppid=60d9b376ef552b1df4426895&nid=5e7b9048180bd02ded4b0937&pcid=60d9bef0f380430341376627&ncid=60d9b948753fc26ab279a5c9&pasid=60d9b9eec44b3024965e3384&e=request&cb=1626829210273&asid=60d5af2b42460c7abd508715%2C60d9a586015ec733c735b927%2C60d9a3cd90ccc5323b283724%2C60d9a43aa53bec0e71226a88%2C60d9a52686ebe35a1f504ec8%2C60d9a43890ccc5323b283728%2C60d5aef44d161618f3127b89%2C60d5af2956b7a024bf02df8b%2C60d9a435a53bec0e71226a86%2C60d5af2ebc1c1c60451678eb%2C60d5af319da302793b7d48f6&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 134ms
124ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257&&ppid=60d9b376ef552b1df4426895&nid=5e7b9048180bd02ded4b0937&pcid=60d9bef0f380430341376627&ncid=60d9b948753fc26ab279a5c9&pasid=60d9b9eec44b3024965e3384&e=bid&cb=1626829210279&asid=60d5af2b42460c7abd508715%2C60d9a586015ec733c735b927%2C60d9a3cd90ccc5323b283724%2C60d9a43aa53bec0e71226a88%2C60d9a52686ebe35a1f504ec8%2C60d9a43890ccc5323b283728%2C60d5aef44d161618f3127b89%2C60d5af2956b7a024bf02df8b%2C60d9a435a53bec0e71226a86%2C60d5af2ebc1c1c60451678eb%2C60d5af319da302793b7d48f6&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FE4E 340 KB
117 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CA7F 340 KB
117 KB 36ms
25ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A397 340 KB
117 KB 56ms
47ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1069 340 KB
117 KB 32ms
26ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0F1A 340 KB
117 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H2 200 955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558 Show response
app.playstream.media/api/getVideos/ 324 B
388 B 70ms
66ms Fetch
application/json 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/getVideos/955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.11
Resource Hash: 3b45f4378d29efc48961dd9bb89af3ed695562bbafdf78a8b3586315ed1c0a93

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 01:00:10 GMT
cache-control: no-cache, private
server: nginx/1.17.10
content-encoding: br
x-powered-by: PHP/7.4.11
content-type: application/json

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F731 578 KB
190 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FE4E 44 KB
17 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FE4E 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 75A8 578 KB
190 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0F1A 44 KB
16 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0F1A 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 270p.m3u8 Show response
acdn.flickstree.com/QaNMO7vg-32Mx-0YXg-VJjo-xrkK2yy8gfmp/ 1 KB
2 KB 578ms
577ms XHR
application/octet-stream 2600:9000:2182:5c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/QaNMO7vg-32Mx-0YXg-VJjo-xrkK2yy8gfmp/270p.m3u8
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3971718699b4540076a5147a7c789947f3d35f821d76df8b6026c9c0e8988855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-length: 1343
last-modified: Sat, 27 Mar 2021 02:51:23 GMT
server: AmazonS3
etag: "a3371725c9651fad7ccae6f1928ea0a4"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: RYnjYn95etRhg_Fjw0mhvCUv-8r9inZHDDo6Xpe24YqJr6H5y_Hlvg==

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
0 35ms
15ms Fetch
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://usanewshour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0E3C 578 KB
190 KB 13ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8F5D 578 KB
190 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame CA7F 44 KB
16 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame CA7F 107 B
122 B 17ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0DBB 578 KB
190 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1069 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1069 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 88E1 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A397 44 KB
16 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:10 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A397 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
13ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?u=f&lid=152&sdkv=h.3.472.0&id=ima_html5&c=1881918329321584&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=%2F%2Fapp.playstream.media%2Fapi%2Fvmap%2F955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558%3Fheight%3D480%26width%3D640%26url%3Dhttps%253A%252F%252Fusanewshour.com%252Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%252F19321%252F&customPlayback=f&customClick=f&lid=8&sdkv=h.3.472.0&id=ima_html5&c=1881918329321584&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4771 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B11E 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3541 36 KB
12 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 575D 36 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7D88 36 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0A1B 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H2 200 270p_000.ts Show response
acdn.flickstree.com/QaNMO7vg-32Mx-0YXg-VJjo-xrkK2yy8gfmp/ 113 KB
113 KB 714ms
706ms XHR
application/octet-stream 2600:9000:2182:5c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/QaNMO7vg-32Mx-0YXg-VJjo-xrkK2yy8gfmp/270p_000.ts
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c8159452b16d035dd9bbc679ca1b96ce2aec9baf9502c389a9fefe294d4141b

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-length: 115244
last-modified: Sat, 27 Mar 2021 02:51:23 GMT
server: AmazonS3
etag: "0fed4d952e01e9b67031f137581e5add"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: spXQNEefNKFGxkcLzYVa5dI92FWTCoLVoQb9lQyBUaEBpkEACQvQkA==

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 21ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210714&jk=3969065074914131&bg=!Pj2lPXnNAAZjFomlYxY7ACkAdvg8WpBeaBuLJrV5IPf6qDRpVKqUKGflr8kO9EGZV6jQB1_GxZ_xcQIAAARUUgAAAJVoAQeZAnlt37Ok3f-3zqZq08ZEf84TyFOTRz31EGNijzl2Orb3r5e6xo0i96gon1X1UGYXEcCrMEO1zliBwu61v-4neTAL9Rd37B9nj6WLszjiVEsFVG5eduqhF-xUT04XfXarQRAjfU13nUzFBFu-eHB_64zsoitpCeC-39yUxsnS7A0aHwjpp-iZW5m-I1pMwAsU6ZmY8bXvHunmv5fKIsAlGNbuj5W02WlCz7fmRUn-z-ocXaW4a6VK-ue-y_Vx05BQp6uWzoB1OujgLSGeo8tTEAPajwBY1riRgNVxBEuboqcyCvIhaI-Ektgd7m7YMUS24VdUeK7rQlwZXD9s7cmnoC_ATxh7H9OjRFVgRTnmwhWrzYYJ9vza99YYYlgJ6E59RBLDqXhESBn4zF1BdeZGk9v5XwIvztPhR5MwMExEz03UIb3dvcosJ57RbWkbDqAZ8LH6aGJ1sB-8TLF1e6FFZ9DJ3fYVAA1MCBDZ07s2btd9LTBHbhvFImfNO8oNj1onBujRBhENL7kWKm5DRPLipmt8hC9s5itQm7XGgHU7pcRaQVpUacv-qM3kTbSqrsILEhukCoQhWkny1Znk0JEyBNHBIikXsNzroQdkU9-KyhYAwlScFeVDdCyBpLqhSYs0txYQFETGDDU7-VNIp4VUaIwISWhFEyBJmCDw6viQvLmCSk1BJmAqmZXWR9ajmtrss37-n7EzqlRKtr_z4NofWUBa_s3tZzLnAOrBG6lppdpMuqwG5E3MWkc16guJctByRdZBVTUDmTgcwKeoDDzsCtDIEwp012UjYFiSa2blyQ2IyulYqqjcRjFpGGJJSyzZus0G1JRftWO7erU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 784ecf5c-bdac-426d-95bc-5c6984f1519d
https://usanewshour.com/ 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://usanewshour.com/784ecf5c-bdac-426d-95bc-5c6984f1519d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e635a151ae79f1f8a17aec79f96bddb164b751445fb93f80d0357390560e65b6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62383
Content-Type: text/javascript

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F731 156 B
185 B 258ms
152ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F1009127%2Fadsolut_usanewshour.com_vast_1.0usd_in&description_url=https%3A%2F%2Fusanewshour.com%2F%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2468754758645829&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2899431784&sdk_apis=2%2C8&sid=4101BD88-9123-4D68-9A5A-0427254C20C7&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829211755&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&scor=499261419003292&ged=ve4_td2_tt1_pd2_la2000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 75A8 156 B
769 B 214ms
122ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2Fadsolut_usanewshour.com_vast_0.7usd_du&description_url=https%3A%2F%2Fusanewshour.com%2F%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1068937899246902&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1205157624&sdk_apis=2%2C8&sid=5DD6F4C0-A440-42BB-B603-E21CE03F0293&eid=44736285&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829211780&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&scor=1617588402504164&ged=ve4_td2_tt1_pd2_la2000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558 Show response
app.playstream.media/api/vmap/ Frame 0E3C 1 KB
1 KB 49ms
49ms XHR
text/xml 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/vmap/955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558?height=480&width=640&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.11
Resource Hash: 1e1f86eda71257c82be452535249e64972691db17bbe924bcdc5b70048cfc0cf

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Wed, 21 Jul 2021 01:00:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx/1.17.10
x-powered-by: PHP/7.4.11
content-type: text/xml; charset=UTF-8

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8F5D 156 B
185 B 199ms
127ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2Fadsolut_usanewshour.com_vast_0.5usd_du&description_url=https%3A%2F%2Fusanewshour.com%2F%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=882413683994115&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=701978305&sdk_apis=2%2C8&sid=2570694B-F800-4DAC-9A5B-6AE2956A2029&eid=44737475&top=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829211798&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&scor=4253950062173596&ged=ve4_td2_tt1_pd2_la2000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0DBB 156 B
185 B 209ms
143ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F1009127%2Fadsolut_usanewshour.com_vast_0.5usd_in&description_url=https%3A%2F%2Fusanewshour.com%2F%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3816936328608512&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=4076163043&sdk_apis=2%2C7%2C8&sid=DCD43EB6-D342-4CB1-A3C0-C6CDE3674ADA&eid=44746669&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829211805&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&scor=1366706847533470&ged=ve4_td2_tt1_pd2_la2000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 88E1 156 B
185 B 192ms
131ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F1009127%2Fadsolut_usanewshour.com_vast_0.7usd_in&description_url=https%3A%2F%2Fusanewshour.com%2F%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4394433294477452&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1141705736&sdk_apis=2%2C8&sid=682E40A5-81E9-4145-A759-8D6234148A7B&eid=44745939&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829211810&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&scor=3240363300134274&ged=ve4_td2_tt1_pd2_la2000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 13ms
13ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?vd=diff&oc=f&nc=f&oi=f&ni=f&custVid=959343618&lid=93&sdkv=h.3.472.0&id=ima_html5&c=1881918329321584&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=%2F%2Fapp.playstream.media%2Fapi%2Fvmap%2F955cc0e9-a1fb-4b9a-bb42-0b9cd42e0558%3Fheight%3D480%26width%3D640%26url%3Dhttps%253A%252F%252Fusanewshour.com%252Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%252F19321%252F&customPlayback=f&lid=30&sdkv=h.3.472.0&id=ima_html5&c=1881918329321584&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0E3C 74 KB
14 KB 367ms
362ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2FSPM_Adsolut_USAnewshour%2FSPM_Adsolut_USAnewshour_Inread_PreRoll&description_url=http%3A%2F%2FUSAnewshour.com&tfcd=0&npa=0&sz=400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3444618316530053&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3145083004&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fusanewshour.com%2F983e82e7-be6e-40d4-8567-1a00f9c2087c&sid=D61F8373-3D4E-4F86-BA4B-79777BBBD3E1&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829211865&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&scor=3983349614910605&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9d3fa014ea85bbe4a9eaa7fdda426bc5905c44c02c8be9fbb127bd7af372b7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14577
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C349 340 KB
117 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 364ms
124ms XHR
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 01:00:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 705C 340 KB
117 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 547A 340 KB
117 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame AC42 340 KB
117 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame ABB2 340 KB
117 KB 24ms
17ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6582 578 KB
190 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C349 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C349 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7A07 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 705C 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 705C 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EC94 578 KB
190 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 547A 44 KB
16 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 547A 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 762E 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2CDD 578 KB
190 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame ABB2 44 KB
16 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame ABB2 107 B
122 B 16ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3840 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame AC42 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame AC42 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 0E3C 0
348 B 104ms
37ms Ping
image/gif 2a00:1450:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~krcs3xeq&c=8394392213606&slotId=4197196106803&qqid=CLnRpor78vECFVIT4AodluwKQQ&gqid=m3H3YOG1N5mygAediKSYCQ&fb=ima_html5-lima&sdkv=h.3.472.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&met.4=ghmsh_s.krcs3xzi~ghmsh_s.krcs3xzj&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=pUOLj6E6EyBo_4Lh
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0E3C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 gm_help_outline_white_24dp.png
fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/ Frame 0E3C 412 B
435 B 26ms
11ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/gm_help_outline_white_24dp.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a628979bbae350718233d3a7bca320732305a1b56187a2d61ef43510de5c4825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 2020 06:06:13 GMT
server: sffe
age: 59150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Wed, 20 Jul 2022 08:34:22 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0E3C 42 B
64 B 18ms
16ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEqFbm3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1wJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7K6Xr5XQinahrfNqhUXk7Dsie0M8x_j_qM8PwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGxCU678I3vAjwAgAoDmAsByAsB0AsPuAwB2BMCiBQB0BUBgBcB&sigh=oHgoNgv_k7Y&label=show_ad&acvw=&sdkv=h.3.472.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUh0QDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 0E3C 0
0 113ms
57ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=Cuktvm3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1AJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7PaWFYHYqOivP2vXVTZMPHj6ogbkNrTnwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RvYBwHyBwQQnY0lqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zNzE3NDA2Mjk3MDkyNzYxgAoDyAsBwhMGGM6U1eYB2BMCiBQB0BUBgBcBshcaChgIABIUcHViLTY5Njg3Mzg1Nzc2MjA1MTM&sigh=_b92WDTrP2w&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAI&vt=10&sdkv=h.3.472.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUh0QDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B69C 36 KB
12 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
13ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?lid=130&sdkv=h.3.472.0&id=ima_html5&c=1881918329321584&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ 0
17 B 73ms
37ms Ping
image/gif 2a00:1450:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~krcs3wa9&c=8394392213606&slotId=4197196106803&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E3C 0
20 B 14ms
13ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.472.0&id=ima_html5&c=1765571574832045&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A9A9 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H/1.1

206
Partial Content

videoplayback
r4---sn-4g5ednss.googlevideo.com/
Redirect Chain

https://r4---sn-uqj-j2id.googlevideo.com/videoplayback?expire=1626858012&ei=nHH3YNb3CpeC6dsP4d6dcA&ip=82.102.20.235&id=53bc37d995427ae9&itag=22&source=youtube&requiressl=yes&mh=qK&mm=31&mn=sn-uqj-j...
https://r4---sn-5hnedn7s.googlevideo.com/videoplayback?expire=1626858012&ei=nHH3YNb3CpeC6dsP4d6dcA&ip=82.102.20.235&id=53bc37d995427ae9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...
https://r4---sn-4g5ednss.googlevideo.com/videoplayback?expire=1626858012&ei=nHH3YNb3CpeC6dsP4d6dcA&ip=82.102.20.235&id=53bc37d995427ae9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...

653 KB
653 KB

250ms
235ms

Media
video/mp4

2a00:1450:4001:6b::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednss.googlevideo.com/videoplayback?expire=1626858012&ei=nHH3YNb3CpeC6dsP4d6dcA&ip=82.102.20.235&id=53bc37d995427ae9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=18.227&lmt=1625609548059861&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAMrosKiX_NMBPvJYa-HwevrXKegLOo9ABO5Pzhirv27qAiBWEPx_pYS3nnF4LWyoiXZLzhactE9djHyj2XDQkuveFQ==&cpn=pUOLj6E6EyBo_4Lh&rm=sn-uqj-j2id7z,sn-5hnks7z&req_id=3436734d06f736e2&redirect_counter=2&cms_redirect=yes&ipbypass=yes&mh=qK&mip=2a01:4f8:192:5414::2&mm=29&mn=sn-4g5ednss&ms=rdu&mt=1626829054&mv=u&mvi=4&pl=52&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALm_0Fr2ZagNuXPgwaf_ishmzHUVA5VruotvKLmarU5HAiBrlhuzDfJ71052M9-iwcOo0eKQ_oJ1jQh9MpoUci0V1g%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6b::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7483ee9e3c4ec7bd1c8fa809ab8afe68713783473ebeb7b7a62b2fa0f7f2a017

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Jul 2021 01:00:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 06 Jul 2021 22:12:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-668448/668449
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 668449
Expires: Wed, 21 Jul 2021 01:00:12 GMT

Redirect headers

Date: Wed, 21 Jul 2021 01:00:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r4---sn-4g5ednss.googlevideo.com/videoplayback?expire=1626858012&ei=nHH3YNb3CpeC6dsP4d6dcA&ip=82.102.20.235&id=53bc37d995427ae9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=18.227&lmt=1625609548059861&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAMrosKiX_NMBPvJYa-HwevrXKegLOo9ABO5Pzhirv27qAiBWEPx_pYS3nnF4LWyoiXZLzhactE9djHyj2XDQkuveFQ==&cpn=pUOLj6E6EyBo_4Lh&rm=sn-uqj-j2id7z,sn-5hnks7z&req_id=3436734d06f736e2&redirect_counter=2&cms_redirect=yes&ipbypass=yes&mh=qK&mip=2a01:4f8:192:5414::2&mm=29&mn=sn-4g5ednss&ms=rdu&mt=1626829054&mv=u&mvi=4&pl=52&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALm_0Fr2ZagNuXPgwaf_ishmzHUVA5VruotvKLmarU5HAiBrlhuzDfJ71052M9-iwcOo0eKQ_oJ1jQh9MpoUci0V1g%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Wed, 21 Jul 2021 01:00:12 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FF5E 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DDE9 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 0E3C 0
17 B 36ms
36ms Ping
image/gif 2a00:1450:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~krcs3xzn&c=8394392213606&slotId=4197196106803&qqid=CLnRpor78vECFVIT4AodluwKQQ&gqid=m3H3YOG1N5mygAediKSYCQ&fb=ima_html5-lima&sdkv=h.3.472.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.krcs3xzp~vss_tr.19w
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6582 156 B
135 B 204ms
203ms XHR
text/xml 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-6968738577620513&slotname=SPM_Adsolut_USAnewshour.com_3&ad_type=video&description_url=http%3A%2F%2FUSAnewshour.com&max_ad_duration=33000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.472.0&video_product_type=0&min_ad_duration=0&sz=456x257&adsafe=high&hl=en&vid_d=106&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=721459435&sdk_apis=2%2C8&eid=44729309&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829212852&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&correlator=4119144409605571&ad_block=1&ged=ve4_td1_tt1_pd1_la1000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 270p_003.ts Show response
acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/ 220 KB
221 KB 10ms
10ms XHR
application/octet-stream 2600:9000:2182:5c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/9wWDuZpm-mnCp-uch9-LPSA-3pQ09piLh2n7/270p_003.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: deb34ecc1aec96ff1dd0b58501bce5e95edcbe1b22d1bd287631771bcd5f4136

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 16:26:32 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
vary: Origin
age: 30821
x-cache: Hit from cloudfront
content-length: 225600
last-modified: Sat, 21 Nov 2020 17:58:14 GMT
server: AmazonS3
etag: "408d38e4ba386ae510015e3395cafc6a"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: erFcWu3rNrzLrUMw5_3FsUiKXc9AfzFFnKEeFZR5FZ18Yc3XhMnXPg==

GET
H2 200 270p_001.ts Show response
acdn.flickstree.com/QaNMO7vg-32Mx-0YXg-VJjo-xrkK2yy8gfmp/ 262 KB
262 KB 572ms
572ms XHR
application/octet-stream 2600:9000:2182:5c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/QaNMO7vg-32Mx-0YXg-VJjo-xrkK2yy8gfmp/270p_001.ts
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5455905afcea4293f1d3f1d63064d749c86e7ab5b40c2a20835263dace639e3

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:14 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-length: 267900
last-modified: Sat, 27 Mar 2021 02:51:24 GMT
server: AmazonS3
etag: "b92141e4aa6787ed847dd550d2d5c0e1"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: XAD-tylQCwsCqz9-QSs4IfKn_x3-0EnUBlWLErb3ebX-NdvaZI4PUA==

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A07 78 KB
15 KB 210ms
210ms XHR
text/xml 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-6968738577620513&slotname=SPM_Adsolut_USAnewshour.com_1&ad_type=video&description_url=http%3A%2F%2FUSAnewshour.com&max_ad_duration=33000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.472.0&video_product_type=0&min_ad_duration=0&sz=456x257&adsafe=high&hl=en&vid_d=106&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=2310985495&sdk_apis=2%2C8&eid=44731467%2C44737473&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829212929&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&correlator=566533935923329&ad_block=1&ged=ve4_td1_tt0_pd1_la1000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69509c6b99aba6a57c7eb9f3908e72e3755baf5e01458565e8a40251cb89a298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15482
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC94 156 B
135 B 159ms
159ms XHR
text/xml 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-6968738577620513&slotname=SPM_Adsolut_USAnewshour.com_2&ad_type=video&description_url=http%3A%2F%2FUSAnewshour.com&max_ad_duration=33000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.472.0&video_product_type=0&min_ad_duration=0&sz=456x257&adsafe=high&hl=en&vid_d=106&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=855366160&sdk_apis=2%2C8&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829212940&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&correlator=2245086016998961&ad_block=1&ged=ve4_td1_tt0_pd1_la1000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CDD 156 B
135 B 222ms
221ms XHR
text/xml 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-6968738577620513&slotname=SPM_Adsolut_USAnewshour.com_5&ad_type=video&description_url=http%3A%2F%2FUSAnewshour.com&max_ad_duration=33000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.472.0&video_product_type=0&min_ad_duration=0&sz=456x257&adsafe=high&hl=en&vid_d=106&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=3224457744&sdk_apis=2%2C7%2C8&eid=44746669&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829212950&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&correlator=4171113786953467&ad_block=1&ged=ve4_td1_tt0_pd1_la1000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3840 156 B
142 B 109ms
109ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F1009127%2Fadsolut_usanewshour.com_vast_1.2usd_in&description_url=https%3A%2F%2Fusanewshour.com%2F%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1813996023547230&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2654234090&sdk_apis=2%2C8&sid=7D63888E-3B2E-42DC-AE33-8F4A18EA7133&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829212960&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&scor=709672179345502&ged=ve4_td1_tt0_pd1_la1000_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A3E5 340 KB
117 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:13 GMT

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9640 578 KB
190 KB 8ms
6ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usanewshour.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usanewshour.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:02 GMT
expires: Sat, 16 Jul 2022 07:35:02 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 408311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A3E5 44 KB
16 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:00:13 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A3E5 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usanewshour.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0E3C 42 B
64 B 18ms
16ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEqFbm3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1wJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7K6Xr5XQinahrfNqhUXk7Dsie0M8x_j_qM8PwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGxCU678I3vAjwAgAoDmAsByAsB0AsPuAwB2BMCiBQB0BUBgBcB&sigh=oHgoNgv_k7Y&label=video_ad_loaded&acvw=&sdkv=h.3.472.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUh0QDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D970 36 KB
12 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Jul 2021 01:06:16 GMT

GET
H3-29 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E3C 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 04:30:47 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 0E3C 0
0 58ms
57ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=Cuktvm3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1AJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7PaWFYHYqOivP2vXVTZMPHj6ogbkNrTnwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RvYBwHyBwQQnY0lqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zNzE3NDA2Mjk3MDkyNzYxgAoDyAsBwhMGGM6U1eYB2BMCiBQB0BUBgBcBshcaChgIABIUcHViLTY5Njg3Mzg1Nzc2MjA1MTM&sigh=_b92WDTrP2w&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAI&sdkv=h.3.472.0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0E3C 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVE95m3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1AJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7PaWFYHYqOivP2vXVTZMPHj6ogbkNrTnwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwHYEwKIFAHQFQGAFwE&sigh=CagzDe0RO0s&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D18181%26vmtime%3D-1%26is%3D274%26cs%3D274%26c%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829213183%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1626829212613&sdkv=h.3.472.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IkwZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0E3C 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXHrV5tNZsbnY8NpEbQxFvwdZEJdFBjS1ptFGRb7edFO0CUQF6Wx4nagiOiJMMLsi3ZfodGVbXODkYwv_PhuQvWSWTlKyvBfkNVZXcInxwLHemfVM1JEcMnbBw4A&sai=AMfl-YR_rC6I8G3sGZ5pOGpdnYZusoI2ANmfmakMeAn6YKrAIeCvQcSSOF8bdCn6-7Vm4ZpIfVDObUAj5SAdmmGWLOyOeRhl6roJjI5bff3LNtBVVSMrQAprF3qk2VU&sig=Cg0ArKJSzGVEtpVW3c4KEAE&cid=CAASF-RoTo5IXgZGWhzWzlZ-yg0VRB_Ecpx4&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D18181%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829213186%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626829212613&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0E3C 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVE95m3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1AJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7PaWFYHYqOivP2vXVTZMPHj6ogbkNrTnwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwHYEwKIFAHQFQGAFwE&sigh=CagzDe0RO0s&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D18181%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829213193%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626829212613&sdkv=h.3.472.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IkwZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E3C 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.472.0&id=ima_html5&c=1765571574832045&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0E3C 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVE95m3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1AJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7PaWFYHYqOivP2vXVTZMPHj6ogbkNrTnwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwHYEwKIFAHQFQGAFwE&sigh=CagzDe0RO0s&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAI&label=admute&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26tos%3D0,0,0,0,32%26mtos%3D0,0,0,0,32%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D32%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D32%26pst%3D-1%26dur%3D18181%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D32%26is%3D274%26i0%3D274%26ic%3D4096%26cs%3D4370%26c%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829213206%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,32&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626829212613&sdkv=h.3.472.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IkwZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 8863 23 KB
9 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/hhrtBw21.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Tue, 20 Jul 2021 01:12:54 GMT
expires: Wed, 20 Jul 2022 01:12:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 85639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 csi
csi.gstatic.com/ Frame 7A07 0
17 B 36ms
36ms Ping
image/gif 2a00:1450:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~krcs3ybt&c=8394392213606&slotId=4197196106803&qqid=CK6I5Ir78vECFYv6dwodOtoJ9w&gqid=nHH3YOeXOd6U7_UP9Law0Ag&fb=ima_html5-lima&sdkv=h.3.472.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44731467%2C44737473&met.4=ghmsh_s.krcs3ylp~ghmsh_s.krcs3ylp&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=ZwNaPQ2R1qsd2EeN
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gm_help_outline_white_24dp.png
fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/ Frame 7A07 412 B
435 B 9ms
8ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/gm_help_outline_white_24dp.png

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a628979bbae350718233d3a7bca320732305a1b56187a2d61ef43510de5c4825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 2020 06:06:13 GMT
server: sffe
age: 59151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Wed, 20 Jul 2022 08:34:22 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7A07 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CkdCTnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSoAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PbgELpx_a_D-XiTUXnlWr6LWDF3JebrQXUjVawATk-s780wOIBZC68bMtkgUGCAMQAhgBoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCRhodHRwczovL3d3dy5ldG9yby5jb20vZGWxCaww-O8n4kNigAoDyAsB0AsO4AsBogwIKgYKBPmesQK4DAHYEw2IFAHQFQGYFgHiFgIIAYAXAQ&sigh=IUxVNirLZEQ&label=show_ad&acvw=&sdkv=h.3.472.0&vci=CmgIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ4MDM3MjEwMDc5OTIMNTIxMTQ0ODA5NDE0QOUBUh0QDyUAAPhBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7A07 0
0 44ms
43ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/adview?ai=C80MHnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSlAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PblkKPW3S_seZG_n-OmFfTKYhqk33-7QPwATk-s780wOgBlSAB7iQ7HmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBBCmtxqoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwGiDAgqBgoE-Z6xAsITBhiw75OGA9gTDYgUAdAVAZgWAeIWAggBgBcBshcaChgIABIUcHViLTY5Njg3Mzg1Nzc2MjA1MTM&sigh=aCtjR5Kv4K8&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAE&vt=10&sdkv=h.3.472.0&vci=CmgIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ4MDM3MjEwMDc5OTIMNTIxMTQ0ODA5NDE0QOUBUh0QDyUAAPhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/dnSuZ48TLek/ Frame 7A07 8 KB
8 KB 36ms
6ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dnSuZ48TLek/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c10e2c1872393cc8807864f67dc235ef6b77358c1d9173a859ec49185c30d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 00:59:56 GMT
x-content-type-options: nosniff
server: sffe
age: 17
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8008
x-xss-protection: 0
expires: Wed, 21 Jul 2021 02:59:56 GMT

GET
DATA 200
OK truncated
/ Frame 7A07 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3-29 204 csi
csi.gstatic.com/ Frame 705C 0
17 B 42ms
42ms Ping
image/gif 2a00:1450:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~krcs3xug&c=8394392213606&slotId=4197196106803&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A07 0
20 B 13ms
13ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.472.0&e=44731467%2C44737473&id=ima_html5&c=3571769664248488&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 206 videoplayback
r1---sn-4g5ednls.googlevideo.com/ 2 MB
2 MB 23ms
10ms Media
video/mp4 2a00:1450:4001:5b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednls.googlevideo.com/videoplayback?expire=1626858013&ei=nXH3YIbOBpGRgAeL2L-wCg&ip=2a01:4f8:192:5414::2&id=7674ae678f132de9&itag=22&source=youtube&requiressl=yes&mh=Nk&mm=31&mn=sn-4g5ednls&ms=au&mv=u&mvi=1&pl=52&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.069&lmt=1615887724361423&mt=1626828663&txp=5535432&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAKs_lAa23YI1R7mWKqhVBGuahXfC7lhqnDpyQWjjtUroAiEAzWyx9Jm1nJD9Oi-bAAubO-hgOmVMdm8CTWvHqPdyEzA=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgWeH86Ta47PnLWszyEZZW4BAe2hyvrgElwbOQ649EVoUCIQCpFs7OmUT97VcE5LGe5qGlCiCVFWDAt-DoGiyZyvsZrg==&cpn=ZwNaPQ2R1qsd2EeN

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5b::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

aa9b078eec4788435ce5ccd507a968274013f8ee9e8ca3ddb05237656ee5dd9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usanewshour.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 09:42:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1954878/1954879
client-protocol: quic
cache-control: private, max-age=28500
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1954879
expires: Wed, 21 Jul 2021 01:00:13 GMT

GET
H3-29 200 _htgYqD-D_hqupanZs0dgoAXJAmF8Earzw--3TVapKE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8863 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_htgYqD-D_hqupanZs0dgoAXJAmF8Earzw--3TVapKE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe1b6062a0fe0ff86aba96a766cd1d828017240985f046abcf0fbedd355aa4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:53:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13252
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:53:56 GMT

GET
H2 204 playback
s.youtube.com/api/stats/ Frame 40E0 0
0 44ms
16ms Image
text/html 2a00:1450:400c:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&el=adunit&cpn=pUOLj6E6EyBo_4Lh&docid=U7w32ZVCeuk&ver=2&cmt=0.222&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fusanewshour.com%2F&len=18.181&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=16&rtn=10
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::64 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9640 156 B
135 B 99ms
99ms XHR
text/xml 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-6968738577620513&slotname=SPM_Adsolut_USAnewshour.com_4&ad_type=video&description_url=http%3A%2F%2FUSAnewshour.com&max_ad_duration=33000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.472.0&video_product_type=0&min_ad_duration=0&sz=456x257&adsafe=high&hl=en&vid_d=106&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=95214715&sdk_apis=2%2C8&url=https%3A%2F%2Fusanewshour.com%2Fexclusive-pamela-jean-noble-opens-up-about-paranormal-activity-on-the-sets-of-resurrection-mary%2F19321%2F&dt=1626829213479&cookie=ID%3D610b01deb4be5812-22c932ed7fc80093%3AT%3D1626829208%3ART%3D1626829208%3AS%3DALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw&correlator=2356410515054752&ad_block=1&ged=ve4_td0_tt0_pd0_la0_er933.1134.1090.1434_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Jul 2021 01:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7A07 42 B
64 B 22ms
18ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CkdCTnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSoAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PbgELpx_a_D-XiTUXnlWr6LWDF3JebrQXUjVawATk-s780wOIBZC68bMtkgUGCAMQAhgBoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCRhodHRwczovL3d3dy5ldG9yby5jb20vZGWxCaww-O8n4kNigAoDyAsB0AsO4AsBogwIKgYKBPmesQK4DAHYEw2IFAHQFQGYFgHiFgIIAYAXAQ&sigh=IUxVNirLZEQ&label=video_ad_loaded&acvw=&sdkv=h.3.472.0&vci=CmgIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ4MDM3MjEwMDc5OTIMNTIxMTQ0ODA5NDE0QOUBUh0QDyUAABBCKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A07 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 04:30:47 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7A07 0
0 43ms
41ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/adview?ai=C80MHnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSlAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PblkKPW3S_seZG_n-OmFfTKYhqk33-7QPwATk-s780wOgBlSAB7iQ7HmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBBCmtxqoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwGiDAgqBgoE-Z6xAsITBhiw75OGA9gTDYgUAdAVAZgWAeIWAggBgBcBshcaChgIABIUcHViLTY5Njg3Mzg1Nzc2MjA1MTM&sigh=aCtjR5Kv4K8&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAE&sdkv=h.3.472.0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

B25828467.302888100;dc_pre=CNyPkov78vECFQDLEQgdMicDMg;dc_trk_aid=495341487;dc_trk_cid=150207816;ord=3683416506;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_e...
ad.doubleclick.net/ddm/trackimp/N1224350.4098416ETOROMARKETS/ Frame 7A07
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1224350.4098416ETOROMARKETS/B25828467.302888100;dc_trk_aid=495341487;dc_trk_cid=150207816;ord=3683416506;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
https://ad.doubleclick.net/ddm/trackimp/N1224350.4098416ETOROMARKETS/B25828467.302888100;dc_pre=CNyPkov78vECFQDLEQgdMicDMg;dc_trk_aid=495341487;dc_trk_cid=150207816;ord=3683416506;dc_lat=;dc_rdid=;...

42 B
63 B

122ms
67ms

Image
image/gif

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1224350.4098416ETOROMARKETS/B25828467.302888100;dc_pre=CNyPkov78vECFQDLEQgdMicDMg;dc_trk_aid=495341487;dc_trk_cid=150207816;ord=3683416506;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=6014856069703793843;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1224350.4098416ETOROMARKETS/B25828467.302888100;dc_pre=CNyPkov78vECFQDLEQgdMicDMg;dc_trk_aid=495341487;dc_trk_cid=150207816;ord=3683416506;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_exteid=6014856069703793843;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7A07 42 B
64 B 18ms
16ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwSRnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSlAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PblkKPW3S_seZG_n-OmFfTKYhqk33-7QPwATk-s780wOIBZC68bMtoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwGiDAgqBgoE-Z6xAtgTDYgUAdAVAZgWAeIWAggBgBcB&sigh=xLVL8a69qwI&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAE&label=vast_creativeview&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626829213536%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1626829213370&sdkv=h.3.472.0&vci=CmsIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ4MDM3MjEwMDc5OTIMNTIxMTQ0ODA5NDE0QOUBUiAQDyUAABBCKAE6B3Vua25vd25CB3Vua25vd25IyAFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7A07 42 B
64 B 18ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu03zvou8yG0cl7o5uRAApfqNTWblJiDh9_SycYmKutK9mzNiCyDZdJ76TsYWdie9qL44P7u8ed0wd8vG8Kzfewj06jrZ8KTp48t_GBSaBwpuj0TkYk11sYkj4AQcWG0SDVeFGNPtH9o6P3M9VlESZl&sai=AMfl-YQK0sAjdlPgJ1eTlVyM8X7dq-6Thun-yNiU-6nIwuwOkRcg5API7aJLSbpsiZwbA_G4ZsaChexziibzivyVbDP0BavZzIKpPXLdxy0iUuJ6oKxKP-em7kGQ90g&sig=Cg0ArKJSzPxhsVqM7awREAE&cid=CAASF-Ro6kBZLZhwjKHDYFmAHNIgLOBNBLfL&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626829213538%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1626829213370&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview_ext
pagead2.googlesyndication.com/ Frame 7A07 42 B
64 B 16ms
14ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=6014856069703793843&acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626829213538%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1626829213370?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7A07 42 B
107 B 186ms
83ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626829213538%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1626829213370?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7A07 42 B
64 B 18ms
16ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwSRnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSlAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PblkKPW3S_seZG_n-OmFfTKYhqk33-7QPwATk-s780wOIBZC68bMtoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwGiDAgqBgoE-Z6xAtgTDYgUAdAVAZgWAeIWAggBgBcB&sigh=xLVL8a69qwI&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAE&label=part2viewed&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626829213542%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1626829213370&sdkv=h.3.472.0&vci=CmsIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ4MDM3MjEwMDc5OTIMNTIxMTQ0ODA5NDE0QOUBUiAQDyUAABBCKAE6B3Vua25vd25CB3Vua25vd25IyAFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7A07 42 B
515 B 185ms
83ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626829213542%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1626829213370?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A07 0
20 B 16ms
14ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.472.0&e=44731467%2C44737473&id=ima_html5&c=3571769664248488&domain=usanewshour.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7A07 42 B
64 B 19ms
17ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwSRnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSlAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PblkKPW3S_seZG_n-OmFfTKYhqk33-7QPwATk-s780wOIBZC68bMtoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwGiDAgqBgoE-Z6xAtgTDYgUAdAVAZgWAeIWAggBgBcB&sigh=xLVL8a69qwI&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAE&label=admute&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D22,0,0,0,0%26mtos%3D22,22,22,22,22%26amtos%3D0,0,0,0,0%26mcvt%3D22%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D22%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D22%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D22%26dfvs%3D22%26dvpt%3D22%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626829213554%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,22&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1626829213370&sdkv=h.3.472.0&vci=CmsIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ4MDM3MjEwMDc5OTIMNTIxMTQ0ODA5NDE0QOUBUiAQDyUAABBCKAE6B3Vua25vd25CB3Vua25vd25IyAFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D22,0,0,0,0%26mtos%3D22,22,22,22,22%26amtos%...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7A07 42 B
107 B 185ms
83ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D22,0,0,0,0%26mtos%3D22,22,22,22,22%26amtos%3D0,0,0,0,0%26mcvt%3D22%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D22%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D22%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D22%26dfvs%3D22%26dvpt%3D22%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626829213554%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,22;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1626829213370?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 121ms
121ms XHR
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 01:00:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
122ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?nasid=60d5aef44d161618f3127b89&ncid=60d9b948753fc26ab279a5c9&nid=5e7b9048180bd02ded4b0937&copid=&coasid=&ppid=60d9b376ef552b1df4426895&pasid=60d9b9eec44b3024965e3384&pcid=60d9bef0f380430341376627&d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&cd1=Chrome&cd2=Google&cd3=Desktop&e=AV_M10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 121ms
121ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257&asid=60d9b9eec44b3024965e3384%7C60d5aef44d161618f3127b89&pid=60d9b376ef552b1df4426895%7C5e7b9048180bd02ded4b0937&cid=60d9bef0f380430341376627%7C60d9b948753fc26ab279a5c9&h=f4af0578f9fd4ac081eb3e12c253684c91406906&d9=1000&ad=36&vi=100&ofpr=0.5&imid=78d43a26c578332b38103528865bc946_1723159211_19308114&e=impression&cb=1626829210254&ad=36&vi=100&d1=vpaid&fv=1&cb=1626829210278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257&asid=60d9b9eec44b3024965e3384%7C60d5aef44d161618f3127b89&pid=60d9b376ef552b1df4426895%7C5e7b9048180bd02ded4b0937&cid=60d9bef0f380430341376627%7C60d9b948753fc26ab279a5c9&h=f4af0578f9fd4ac081eb3e12c253684c91406906&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=0.5&imid=78d43a26c578332b38103528865bc946_1723159211_19308114&e=start&d1=vpaid&fv=1&cb=1626829210278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame CFBD 23 KB
9 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/hhrtBw21.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Tue, 20 Jul 2021 01:12:54 GMT
expires: Wed, 20 Jul 2022 01:12:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 85639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame CFBD 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 15:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 15:24:02 GMT

GET
H3-29 204 playback
s.youtube.com/api/stats/ Frame 7A07 0
0 47ms
20ms Image
text/html 2a00:1450:400c:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44731467%2C44737473&el=adunit&cpn=ZwNaPQ2R1qsd2EeN&docid=dnSuZ48TLek&ver=2&cmt=0.189&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fusanewshour.com%2F&len=30.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::64 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8863 0
20 B 19ms
17ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.472.0&bgai=B32ahm3H3YPmXOdKmgAeW2auIBAAAAAA4AboFEwih76SK-_LxAhUZGeAKHR0ECZM&bg=!QUKlQgbNAAZjFomlYxY7ACkAdvg8Wg6DvwAnCB3Srhm-DBbeSux-iLjUSiWYAe6FnK_NZdYHQe28KgIAAAEWUgAAACdoAQcKASG4HjsceDsPs5ymTrgT8vqBmCzo8q9WG6R1xhg8WYdK6yQJ-qC98BZ3oh9MFVF9X_QXvQvF0pDi69ycY_pFbQfFgaXqFkoWxgtlwl_0BI0pYEbn4xwcfLiJGgj1PDZR2YMIRi9I-BukcgKY85_vbYspux9WZcs0dkphBhl8WTFPo8dzaNlivQJP2xXOmxqWENpuHlHFsyd01vvS4MnnoPdPYqWpfUEqiYpLVGq-tSx1CWYcNmLpTZ9TT12wGZloXDfio8s4BJ0TgSqWu8L7XGO794DTeoZGSzmO6v2e-ywSeYAWtmBSPxScgrVjGYBhCKpYGOdoqjjUGcGUfCeqeBB86EPmFq1LoMHPtDaWDaQrJu_UyOMcFI7kQJAk0-L8Ub50mQI0VKUP8WxHV6gJsvGEjHcALsFxgTamFnkuhtSwOWDUTDmZottcm9GAOkohgtkuddyt-JEZ5eseB2r7OfU9-yB6GJlCBjyKI0eYwwBqHGzjv797KI8byb2gfxWJxO1m330wlTBD6avkYbUQLClJ22VPMZqJWB8cjhMtv-LqmtWln4N6LDNesn6O3RJG0nwHIBMcNbux07CARkK0mTTVl3mBm5hKrrLZSoagwPeOi7HHpYUjV_Eza0wRzRIYIXpsiOKbF8OqfujWUqqr-vpJkssPqVjIao2Ifu_s6KJY5zTJfyTEOMgM-hm_9TT8QL95Q5yHLjuQQYcUwB0m3ZPzxVjOabNtN7mROsw92-WV5m8m6yLei81e2Jm6fGNviozmYOMdoDRNS5oTm3sOdpNA4rjk3pi39K6mQISP9lspXKddyFnuS0tAqMN_fpOOitJwgx80Tyz0b9aorodYR8CPDbXVJxjUjGjGqQmvubWJaTQe_ZRjNmxMZuOPpYHIsRi4bPLGJkRcUyEbY9qp04es24NHVHOJjMVg7elVfBmDk4H6X0eMpDo8dtElMXP66KfTvA7UOZszY7HRbutvY7T8ZyOZKSIBzoCyrBmekNtId0nqTNgUkLiGm6XsUqM4oX5M6_jxwaVpP_Pek7jevEvRXQjv9Z3fU0oLGYT-ZAC0iCY8FdkCH3DcwsVk1cy60cKMkT0WAlASRAnwpmQWEU_PcahPREEFCcmzDwfUTidqBD0Lpe27blKF

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 7A07 0
17 B 36ms
35ms Ping
image/gif 2a00:1450:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~krcs3yq5&c=8394392213606&slotId=4197196106803&qqid=CK6I5Ir78vECFYv6dwodOtoJ9w&gqid=nHH3YOeXOd6U7_UP9Law0Ag&fb=ima_html5-lima&sdkv=h.3.472.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.krcs3yq6~vss_tr.vl~vss_pp.18b
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CFBD 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.472.0&bgai=BTyXrnHH3YK7KOYv13wO6tKe4DwAAAAA4AboFEwjn1eOK-_LxAhVeyrsIHXQbDIo&bg=!4eKl4qbNAAZjFomlYxY7ACkAdvg8WlX8u-OlWAHh9I1EcvLKI6hqRXkGs2Kf4JMcUuFSTsnPgl_ErwIAAADEUgAAABVoAQcKAMibymhJTWEbkAC1di7PXdY0pKLHWX7W0jcO3CFFXQe6rNYfeUaTQBq3B72ZPwshmUCuADid8VK-9dnilF9TXGKew8XNcofDvRM_5pCkG-wXncqOrXYvw4qqHg-dhfcmFKEBY7xD5CaIhm5J07nEczvC8NnP5768X1bDD0ujKOjdyNa3UlJ5g3DakRtroKQ-yPcy88oyCcjJVbJ2zz7rdQ1lXckYlIeR1SQLsAp8y7SDNpqL2lWqNBPzXAQFAWfl-6oAIIl7tC1GCJkCKeMSMxe5vFIZcjpL7rkZuT-XTkTdM0Rx7nC_VwmRVHwEfaeMyu0HYXYFTIqNBBRI0pOX9idMTcss5-i6d9qRhIvcVB5Lr6gzpRi0ltah8C0O0SH5DrTVWp9GDBmDcARHXBZth4TwGV3rzarAQ7HjUNvJGHMVYby0nGj4dAHvGpBpJLXquLMJDBTiF4i6xtFi3xoXQD_lKzWoWBn98uC47ZhyK8gH86GkG3tynQKxISKJTNLuCXKoZWKdYIdxlvFnelWHsX8ZswYnRtI3sn4HFLyhKur5N2uTg1uOIf5IVU-DVmHAV5k2Jv3IvNzl8AnZbAFIg9rTowxbYxRgw-xIZqsq5aXgdPHOKKvTieEZLEksJtcJ0kHNyiOUFBFD-TJabOqGYycBMxHJiXwkwral0LsH9Lt_Hn-dVAZUS78kK5urWf5-GE_EjnTc-aj1iEhzjfcKJNivMEy9SbXAeZpAmmtUTR4YtkQsQ9TXThR1qPiffCUrBMHtjZ3yRy_VqhVJmPY0togKdDrx8rsMyFw0_Cxay78_7IGnoJE51QO92uNMlOQmUh79ruQvqO56VB6OTOPmatQYAut7U5kUSQV9ThD7jjWZORffLlHSb-I_MBh7CrZplr0gYkU7uwov9JmswqEOx4Mo_ixTM84sutRB7e0AatyCwC66BmzhxxRZb_vHrYIjAq5yMhcXYEvVzRC9AqT7ZbG8M6SXmCmVB159_3SxmSYwQOuf-i0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7A07 42 B
108 B 56ms
56ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu03zvou8yG0cl7o5uRAApfqNTWblJiDh9_SycYmKutK9mzNiCyDZdJ76TsYWdie9qL44P7u8ed0wd8vG8Kzfewj06jrZ8KTp48t_GBSaBwpuj0TkYk11sYkj4AQcWG0SDVeFGNPtH9o6P3M9VlESZl&sai=AMfl-YQK0sAjdlPgJ1eTlVyM8X7dq-6Thun-yNiU-6nIwuwOkRcg5API7aJLSbpsiZwbA_G4ZsaChexziibzivyVbDP0BavZzIKpPXLdxy0iUuJ6oKxKP-em7kGQ90g&sig=Cg0ArKJSzPxhsVqM7awREAE&cid=CAASF-Ro6kBZLZhwjKHDYFmAHNIgLOBNBLfL&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D2045,0,0,0,0%26mtos%3D2045,2045,2045,2045,2045%26amtos%3D0,0,0,0,0%26mcvt%3D2045%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2045%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D451%26pst%3D441%26dur%3D30000%26vmtime%3D1931%26dtos%3D2045%26dtoss%3D1%26dvs%3D2023%26dfvs%3D2023%26dvpt%3D2023%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626829215577%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2045&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1626829213370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview_ext
pagead2.googlesyndication.com/ Frame 7A07 42 B
176 B 14ms
13ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=6014856069703793843&acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D2045,0,0,0,0%26mtos%3D2045,2045,2045,2045,2045%26amtos%3D0,0,0,0,0%26mcvt%3D2045%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2045%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D451%26pst%3D441%26dur%3D30000%26vmtime%3D1931%26dtos%3D2045%26dtoss%3D1%26dvs%3D2023%26dfvs%3D2023%26dvpt%3D2023%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626829215577%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2045&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1626829213370?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D2045,0,0,0,0%26mtos%3D2045,2045,2045,204...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7A07 42 B
107 B 83ms
82ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D2045,0,0,0,0%26mtos%3D2045,2045,2045,2045,2045%26amtos%3D0,0,0,0,0%26mcvt%3D2045%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2045%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D451%26pst%3D441%26dur%3D30000%26vmtime%3D1931%26dtos%3D2045%26dtoss%3D1%26dvs%3D2023%26dfvs%3D2023%26dvpt%3D2023%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626829215577%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2045;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1626829213370?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257&asid=60d9b9eec44b3024965e3384%7C60d5aef44d161618f3127b89&pid=60d9b376ef552b1df4426895%7C5e7b9048180bd02ded4b0937&cid=60d9bef0f380430341376627%7C60d9b948753fc26ab279a5c9&h=f4af0578f9fd4ac081eb3e12c253684c91406906&d9=1000&ad=36&vi=100&ofpr=0.5&imid=78d43a26c578332b38103528865bc946_1723159211_19308114&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=1&cb=1626829210278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:15 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 123ms
122ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257&asid=60d9b9eec44b3024965e3384%7C60d5aef44d161618f3127b89&pid=60d9b376ef552b1df4426895%7C5e7b9048180bd02ded4b0937&cid=60d9bef0f380430341376627%7C60d9b948753fc26ab279a5c9&h=f4af0578f9fd4ac081eb3e12c253684c91406906&d9=1000&ad=36&vi=100&ofpr=0.5&imid=78d43a26c578332b38103528865bc946_1723159211_19308114&e=sec3&vi=100&d1=vpaid&fv=1&cb=1626829210278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 perf Show response
il-trc-events.taboola.com/v2technosys-usanewshour/log/3/ 0
246 B 95ms
95ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/v2technosys-usanewshour/log/3/perf?tvi2=4948&route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://usanewshour.com
pragma: no-cache
date: Wed, 21 Jul 2021 01:00:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0E3C 42 B
278 B 18ms
18ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVE95m3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1AJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7PaWFYHYqOivP2vXVTZMPHj6ogbkNrTnwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwHYEwKIFAHQFQGAFwE&sigh=CagzDe0RO0s&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAI&label=videoplaytime25&ad_mt=4699&acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26tos%3D0,0,0,0,4732%26mtos%3D0,0,0,0,4732%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4732%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1041%26pst%3D452%26dur%3D18181%26vmtime%3D4698%26dvs%3D0%26dfvs%3D0%26dvpt%3D4700%26is%3D274%26i0%3D274%26i1%3D274%26ic%3D0%26cs%3D4370%26c%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,4732%26qnc%3D0.13%26qmv%3D0%26qnv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D0,0,0,0,26%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147483617%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829217906%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4732&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626829212613&sdkv=h.3.472.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IkwZQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0E3C 42 B
66 B 17ms
17ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVE95m3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1AJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7PaWFYHYqOivP2vXVTZMPHj6ogbkNrTnwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwHYEwKIFAHQFQGAFwE&sigh=CagzDe0RO0s&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAI&label=video_skip_shown&ad_mt=5198&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26p0%3D1137,275,1617,915%26p1%3D1137,275,1617,915%26tos%3D0,0,0,0,5232%26mtos%3D0,0,0,0,5232%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,4732%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5232%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1242%26pst%3D452%26dur%3D18181%26vmtime%3D5198%26is%3D274%26i0%3D274%26i1%3D274%26cs%3D4370%26c%3D0.13%26c0%3D0.13%26c1%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,500%26qnc%3D0.13%26qmv%3D0%26qnv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D0,0,0,0,28%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829218405%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5232%26ss0%3D0.02%26ss1%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1626829212613&sdkv=h.3.472.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IkwZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 120ms
120ms XHR
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60d9b376ef552b1df4426895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 01:00:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7A07 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwSRnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSlAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PblkKPW3S_seZG_n-OmFfTKYhqk33-7QPwATk-s780wOIBZC68bMtoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwGiDAgqBgoE-Z6xAtgTDYgUAdAVAZgWAeIWAggBgBcB&sigh=xLVL8a69qwI&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAE&label=video_skip_shown&ad_mt=5181&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26p0%3D933,1134,1190,1590%26tos%3D5244,0,0,0,0%26mtos%3D5244,5244,5244,5244,5244%26amtos%3D0,0,0,0,0%26mcvt%3D5244%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5244%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1053%26pst%3D441%26dur%3D30000%26vmtime%3D5181%26is%3D275%26i0%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5244,5244,5244,5244,5244%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D27,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D1626829218775%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5244%26ss0%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1626829213370&sdkv=h.3.472.0&vci=CmsIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ4MDM3MjEwMDc5OTIMNTIxMTQ0ODA5NDE0QOUBUiAQDyUAABBCKAE6B3Vua25vd25CB3Vua25vd25IyAFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7A07 42 B
210 B 18ms
17ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwSRnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSlAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PblkKPW3S_seZG_n-OmFfTKYhqk33-7QPwATk-s780wOIBZC68bMtoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwGiDAgqBgoE-Z6xAtgTDYgUAdAVAZgWAeIWAggBgBcB&sigh=xLVL8a69qwI&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAE&label=videoplaytime25&ad_mt=7681&acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D7744,0,0,0,0%26mtos%3D7744,7744,7744,7744,7744%26amtos%3D0,0,0,0,0%26mcvt%3D7744%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7744%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1655%26pst%3D441%26dur%3D30000%26vmtime%3D7681%26dtos%3D5699%26dtoss%3D2%26dvs%3D5699%26dfvs%3D5699%26dvpt%3D5699%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D7744,7744,7744,7744,7744%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D40,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D1626829221275%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7744&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1626829213370&sdkv=h.3.472.0&vci=CmsIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ4MDM3MjEwMDc5OTIMNTIxMTQ0ODA5NDE0QOUBUiAQDyUAABBCKAE6B3Vua25vd25CB3Vua25vd25IyAFQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D7744,0,0,0,0%26mtos%3D7744,7744,7744,774...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7A07 42 B
107 B 83ms
82ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6014856069703793843;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26tos%3D7744,0,0,0,0%26mtos%3D7744,7744,7744,7744,7744%26amtos%3D0,0,0,0,0%26mcvt%3D7744%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7744%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1655%26pst%3D441%26dur%3D30000%26vmtime%3D7681%26dtos%3D5699%26dtoss%3D2%26dvs%3D5699%26dfvs%3D5699%26dvpt%3D5699%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D7744,7744,7744,7744,7744%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D40,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D1626829221275%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7744;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1626829213370?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257&asid=60d9b9eec44b3024965e3384%7C60d5aef44d161618f3127b89&pid=60d9b376ef552b1df4426895%7C5e7b9048180bd02ded4b0937&cid=60d9bef0f380430341376627%7C60d9b948753fc26ab279a5c9&h=f4af0578f9fd4ac081eb3e12c253684c91406906&d9=1000&ad=36&vi=100&ofpr=0.5&imid=78d43a26c578332b38103528865bc946_1723159211_19308114&e=firstQuartile&ad=36&vi=100&d1=vpaid&fv=1&cb=1626829210278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0E3C 42 B
66 B 17ms
16ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVE95m3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1AJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7PaWFYHYqOivP2vXVTZMPHj6ogbkNrTnwASKv6v20gPgBAGgBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGACgPICwHYEwKIFAHQFQGAFwE&sigh=CagzDe0RO0s&cmd=Ch1jYS12aWRlby1wdWItNjk2ODczODU3NzYyMDUxMxAAGAI&label=videoplaytime50&ad_mt=9198&acvw=sv%3D900%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26tos%3D0,0,0,0,9232%26mtos%3D0,0,0,0,9232%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9232%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2053%26pst%3D452%26dur%3D18181%26vmtime%3D9198%26dvs%3D0%26dfvs%3D0%26dvpt%3D4500%26is%3D274%26i0%3D274%26i1%3D274%26i2%3D274%26ic%3D512%26cs%3D4882%26c%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,4500%26qnc%3D0.13%26qmv%3D0%26qnv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D49%26emuc%3D0%26emb%3D0,0,0,0,48%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147482625%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829222405%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,9232&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626829212613&sdkv=h.3.472.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzUwMjAyOTQ5NDIMNTI5NTUwOTczMzU3QOcDUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IkwZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

aclk
www.googleadservices.com/pagead/ Frame 0E3C
Redirect Chain

https://googleads.g.doubleclick.net/aclk?sa=l&ai=CEqFbm3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1wJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9u...
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CO3cum3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1wJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1...

0
0

121ms
44ms

Image
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleadservices.com/pagead/aclk?sa=L&ai=CO3cum3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1wJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7K6Xr5XQinahrfNqhUXk7Dsie0M8x_j_qM8PwASKv6v20gPgBAHABW6gBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCUVodHRwczovL3d3dy5kaWFiZXRlc3doYXRzbmV4dC5jb20vZGsvZGEvcGVubmUtb2ctbmFhbGUvc21hcnRwZW5zLmh0bWyxCU678I3vAjwAgAoDmAsByAsB0AsPuAwB2BMCiBQB0BUBgBcB&num=1&client=ca-pub-3452022011371122&ctype=110&label=video_10s_engaged_view&ad_mt=10198&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26p0%3D1137,275,1617,915%26p1%3D1137,275,1617,915%26p2%3D1137,275,1617,915%26tos%3D0,0,0,0,10232%26mtos%3D0,0,0,0,10232%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,4732%26mtos2%3D0,0,4500%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10232%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2253%26pst%3D452%26dur%3D18181%26vmtime%3D10198%26is%3D274%26i0%3D274%26i1%3D274%26i2%3D274%26cs%3D4882%26c%3D0.13%26c0%3D0.13%26c1%3D0.13%26c2%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,1000%26qnc%3D0.13%26qmv%3D0%26qnv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D0,0,0,0,53%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829223405%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10232%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1626829212613&cid=CAQSKQCNIrLM4lG4mKrus43VB0NNLqQsjYpN6x86tiErJBQ3dC7C56ncSmPF&dblrd=1&val=ChAyMjRiMzI1MzgwYzgwMGYyEKfj3YcGGggcbOKFCmwkwyABKAE&sig=AOD64_1_gyGnK6sJC9MeGzd5iT8OXm25nA&adurl=https://www.diabeteswhatsnext.com/dk/da/penne-og-naale/smartpens.html%3Fcid%3Dpse-ga-vd-full-novopen-allevideoer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:23 GMT
x-content-type-options: nosniff
server: adclick_server
p3p: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.googleadservices.com/pagead/aclk?sa=L&ai=CO3cum3H3YPmXOdKmgAeW2auIBIiH0MVjtv3a6vINtKrmss4TEAEgiP2xbGDRgbmC0AegAc6U1eYByAEFqQK_Bie0LUKFPuACAKgDAZgEAKoE1wJP0AP8vzfWbfq0agEW7vhYVi-OqSaakW1ZT9uzl_NAlwubbHLDRtZ4ABoixj6FVlLCxma_pFZMYWwsyGIjbKBP8JllSnPz1RBjhpuhc6z4NLh0lxKF7a0_saUtuTEIgyluWoG-KrrMrMggAXKfXQG0gDQSCpXi-gb1Gw0APDeCvkjCxO3Ms-V6uZ6aAfaG0n_W_Jy8Fsmzl8Z9smXi7gSIAS9Ijc1_Z3uI_Hx3Xy01GtcfGt5daPXc8cWRVBWzg9tarFaUlNt3bccEsCE39qoJt6XJFQBxBRivSZWqHKw5AG0DBlMCKt9BZjCpC4z6b-YsZYsVlk0lQm6RYR1bMdrTfDfX6PKZIXL7Pi6kl6tA0CpJeqhd9kzUK12RUVpQ-koRBxr8eGD35qhQTSYAU67KPqp9bmRcbyapQZhu7K6Xr5XQinahrfNqhUXk7Dsie0M8x_j_qM8PwASKv6v20gPgBAHABW6gBlSAB5rrqpkCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCUVodHRwczovL3d3dy5kaWFiZXRlc3doYXRzbmV4dC5jb20vZGsvZGEvcGVubmUtb2ctbmFhbGUvc21hcnRwZW5zLmh0bWyxCU678I3vAjwAgAoDmAsByAsB0AsPuAwB2BMCiBQB0BUBgBcB&num=1&client=ca-pub-3452022011371122&ctype=110&label=video_10s_engaged_view&ad_mt=10198&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1137,275,1617,915%26p0%3D1137,275,1617,915%26p1%3D1137,275,1617,915%26p2%3D1137,275,1617,915%26tos%3D0,0,0,0,10232%26mtos%3D0,0,0,0,10232%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,4732%26mtos2%3D0,0,4500%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10232%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2253%26pst%3D452%26dur%3D18181%26vmtime%3D10198%26is%3D274%26i0%3D274%26i1%3D274%26i2%3D274%26cs%3D4882%26c%3D0.13%26c0%3D0.13%26c1%3D0.13%26c2%3D0.13%26mc%3D0.13%26nc%3D0.13%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,1000%26qnc%3D0.13%26qmv%3D0%26qnv%3D0%26lte%3D0.13%26ces%26femt%3D996%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D0,0,0,0,53%26avms%3Dexc%26qi%3D665035801%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626829223405%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10232%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1626829212613&cid=CAQSKQCNIrLM4lG4mKrus43VB0NNLqQsjYpN6x86tiErJBQ3dC7C56ncSmPF&dblrd=1&val=ChAyMjRiMzI1MzgwYzgwMGYyEKfj3YcGGggcbOKFCmwkwyABKAE&sig=AOD64_1_gyGnK6sJC9MeGzd5iT8OXm25nA&adurl=https://www.diabeteswhatsnext.com/dk/da/penne-og-naale/smartpens.html%3Fcid%3Dpse-ga-vd-full-novopen-allevideoer
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 watchtime
s.youtube.com/api/stats/ Frame A722 0
0 17ms
17ms Image
text/html 2a00:1450:400c:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.198&rtn=18.181&ns=yt&el=adunit&cpn=pUOLj6E6EyBo_4Lh&docid=U7w32ZVCeuk&ver=2&cmt=10.198&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fusanewshour.com%2F&len=18.181&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::64 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 35.169.188.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=usanewshour.com&rs=usanewshour.com&sid=94744&t=1626829209&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=456&he=257&app=&AV_PUBLISHERID=60d9b376ef552b1df4426895&test=&aafaid=&proto=https&uid=1626829209634-911533354762-008656-012-003808&cha=0.7&stagid=60d9c15e69f9692eee1b39a9&stplid=60d9c0213e8b2e52081657bb&cb=57660365595&d9=1000&AV_WIDTH=456&AV_HEIGHT=257&asid=60d9b9eec44b3024965e3384%7C60d5aef44d161618f3127b89&pid=60d9b376ef552b1df4426895%7C5e7b9048180bd02ded4b0937&cid=60d9bef0f380430341376627%7C60d9b948753fc26ab279a5c9&h=f4af0578f9fd4ac081eb3e12c253684c91406906&d9=1000&ad=36&vi=100&ofpr=0.5&imid=78d43a26c578332b38103528865bc946_1723159211_19308114&e=sec10&vi=100&d1=vpaid&fv=1&cb=1626829210278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-188-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usanewshour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 01:00:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29

204

aclk
www.googleadservices.com/pagead/ Frame 7A07
Redirect Chain

https://googleads.g.doubleclick.net/aclk?sa=l&ai=CkdCTnHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSoAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaF...
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5QrknHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSoAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TT...

0
0

88ms
45ms

Image
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5QrknHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSoAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PbgELpx_a_D-XiTUXnlWr6LWDF3JebrQXUjVawATk-s780wOIBZC68bMtkgUGCAMQAhgBwAVuoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCRhodHRwczovL3d3dy5ldG9yby5jb20vZGWxCaww-O8n4kNigAoDyAsB0AsO4AsBogwIKgYKBPmesQK4DAHYEw2IFAHQFQGYFgHiFgIIAYAXAQ&num=1&client=ca-video-pub-6968738577620513&ctype=110&label=video_10s_engaged_view&ad_mt=10181&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26p0%3D933,1134,1190,1590%26p1%3D933,1134,1190,1590%26tos%3D10244,0,0,0,0%26mtos%3D10244,10244,10244,10244,10244%26amtos%3D0,0,0,0,0%26mtos1%3D7744,0,0%26mcvt%3D10244%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10244%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2256%26pst%3D441%26dur%3D30000%26vmtime%3D10181%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2500,2500,2500,2500,2500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D52,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1626829223775%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10244%26ss0%3D0.06%26ss1%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1626829213370&cid=CAQSKQCNIrLMswdWrRxzVgAsUDFTupqd0dZNcg34SCqn5VwhFHwr4xvLCOjn&dblrd=1&val=ChAyMjRiMzI1MzgwYzgwMGYyEKfj3YcGGggcbOKFCmwkwyABKAE&sig=AOD64_1tYJgQbz2u9w1zNL2dtxrPt2M_Ag&adurl=https://www.etoro.com/aw.aspx%3FA%3D58091%26SubAffiliateID%3DDE_YT_TradeLikeSteve_Broad-25-34_DE_58091%7CAG_125620698468%7CKW_%7CMT_%26Task%3DClick%26TargetURL%3Dhttps://www.etoro.com/de
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 21 Jul 2021 01:00:23 GMT
x-content-type-options: nosniff
server: adclick_server
p3p: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5QrknHH3YK7KOYv13wO6tKe4D_2RkfJhv52iw_0NjZCNgIEQEAEgiP2xbGCViriCyAegAbDvk4YDyAEFqAMBmAQAqgSoAk_QewvACog5dHg7ZQEymGe1TiNtaPzbuJW-VUTpL5kahPm31TTnLaFuZaAgQv6-mTMeV2t01xuiagb-2EiKFfkR0YuTMQsTW615J48jXVObswqk7ZEPaP0DYJAyKwgVl0da3LyvPv5DWYneA9RaV2nZ_GCX6nJOdw35u3Dgf11N-DSqCt7ChqmUxVNGXe64-MYqkC1yEKp1QJ0fFVKEmd6MlHDzdO6GEmOC7He2NmM-G1WCJVHKPKAJr3IXhzODrMwBvvLP2g15BoPZ2Mbf8G3zORi-HwITI4o-TEiyrmDnWZgjJ53wvwnUB8rSrBe9_M3ymtMySXgCBCVRiUALi1o-Pv9XnzSC5JBlxj3PbgELpx_a_D-XiTUXnlWr6LWDF3JebrQXUjVawATk-s780wOIBZC68bMtkgUGCAMQAhgBwAVuoAZUgAe4kOx5qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTM3MTc0MDYyOTcwOTI3NjGaCRhodHRwczovL3d3dy5ldG9yby5jb20vZGWxCaww-O8n4kNigAoDyAsB0AsO4AsBogwIKgYKBPmesQK4DAHYEw2IFAHQFQGYFgHiFgIIAYAXAQ&num=1&client=ca-video-pub-6968738577620513&ctype=110&label=video_10s_engaged_view&ad_mt=10181&acvw=sv%3D900%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D933,1134,1190,1590%26p0%3D933,1134,1190,1590%26p1%3D933,1134,1190,1590%26tos%3D10244,0,0,0,0%26mtos%3D10244,10244,10244,10244,10244%26amtos%3D0,0,0,0,0%26mtos1%3D7744,0,0%26mcvt%3D10244%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10244%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2256%26pst%3D441%26dur%3D30000%26vmtime%3D10181%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2500,2500,2500,2500,2500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D562%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D52,0,0,0,0%26avms%3Dexc%26qi%3D188636449%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1626829223775%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10244%26ss0%3D0.06%26ss1%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1626829213370&cid=CAQSKQCNIrLMswdWrRxzVgAsUDFTupqd0dZNcg34SCqn5VwhFHwr4xvLCOjn&dblrd=1&val=ChAyMjRiMzI1MzgwYzgwMGYyEKfj3YcGGggcbOKFCmwkwyABKAE&sig=AOD64_1tYJgQbz2u9w1zNL2dtxrPt2M_Ag&adurl=https://www.etoro.com/aw.aspx%3FA%3D58091%26SubAffiliateID%3DDE_YT_TradeLikeSteve_Broad-25-34_DE_58091%7CAG_125620698468%7CKW_%7CMT_%26Task%3DClick%26TargetURL%3Dhttps://www.etoro.com/de
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 watchtime
s.youtube.com/api/stats/ Frame 7A07 0
0 18ms
18ms Image
text/html 2a00:1450:400c:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.181&rtn=20.000&ns=yt&fexp=44731467%2C44737473&el=adunit&cpn=ZwNaPQ2R1qsd2EeN&docid=dnSuZ48TLek&ver=2&cmt=10.181&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fusanewshour.com%2F&len=30.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::64 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:15:25	Name: IDE Value: AHWqTUmkaCersyyUYR_0EPIOBnnkxwOM1boDGbzOgnfcVMu3n2mKe4jGXhK2nJEIF2A
.usanewshour.com/	1970-01-19 19:53:49	Name: _gat_gtag_UA_175803653_1 Value: 1
.usanewshour.com/	1970-01-19 19:55:15	Name: _gid Value: GA1.2.243777263.1626829209
.usanewshour.com/	1970-01-20 13:25:01	Name: _ga Value: GA1.2.63848667.1626829208
usanewshour.com/	1970-01-20 04:39:25	Name: trc_cookie_storage Value: v2technosys-usanewshour%253Asession-data%3Dv2_41f1438850f6e4e29531bf1fb59a1807_245d0b02-c187-4b7a-be27-a7a5fc668a9f-tuct7f0f718_1626829208_1626829208_CNawjgYQobtUGLL1zrSsLyABKAEwOjj5twhAn4oQSNuB2QNQwNkMWABgAGixr-m1yv33zq0BcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522v2technosys-usanewshour%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3D245d0b02-c187-4b7a-be27-a7a5fc668a9f-tuct7f0f718
.usanewshour.com/	1970-01-20 05:15:25	Name: __gads Value: ID=610b01deb4be5812-22c932ed7fc80093:T=1626829208:RT=1626829208:S=ALNI_MZIMW6nZcG0DvaqVSERvACgJQ_maw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://usanewshour.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210720-4-RELEASE.js(Line 3) Message: TRC.TranslationsManager - language key: hi not recognized for feature userx.
console-api	log	URL: https://app.playstream.media/js/instream/instream.js(Line 2) Message: %cPlayStream - %cInitializing PlayStream color:red; color:red
console-api	log	URL: https://app.playstream.media/js/instream/instream.js(Line 2) Message: %cPlayStream - %cScroll Event Started color:red; color:red

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
acdn.flickstree.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
app.playstream.media
cdn.playstream.media
cdn.taboola.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
i.ytimg.com
il-trc-events.taboola.com
images.taboola.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.instagram.com
player.aniview.com
player.avplayer.com
pubads.g.doubleclick.net
r1---sn-4g5ednls.googlevideo.com
r4---sn-4g5ednss.googlevideo.com
r4---sn-5hnedn7s.googlevideo.com
r4---sn-uqj-j2id.googlevideo.com
s.youtube.com
s0.2mdn.net
sb.scorecardresearch.com
tg1.playstream.media
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
usanewshour.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
13.226.145.101
142.250.185.66
151.101.13.44
172.217.16.130
172.217.18.98
18.208.241.4
185.106.33.48
2001:6c8:170:6::f
216.58.212.166
2600:9000:2182:5c00:8:3ed5:e880:93a1
2606:4700:3032::ac43:9871
2a00:1450:4001:5b::7
2a00:1450:4001:6b::9
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200e
2a00:1450:4001:827::2016
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4006:804::2003
2a00:1450:400c:c07::64
2a00:1450:401c:16::a
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00::210:bb21
2a02:26f0:6c00::210:bb90
2a03:2880:f22d:1c2:face:b00c:0:43fe
2a03:2880:f22d:1e6:face:b00c:0:4420
35.169.188.209
88.99.215.229
94.130.218.84
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04c6c7ad23891ddbc2ca04df203e9552c4493307e1291b7a1b69112fd0f39ad9
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
05c8453ef5c4db83686dde6d5efd93af9751a56d94e761c8f849989e67065e02
07525f756d352d01f20083bc6156929b65ba6b6a4917f7a89d5570a5b534ea4e
092fdebe9f307e967429648b19de6244fd57f38b3b0c0d751a42669f41f2ded8
0b55a42eb5c74c7c4ba963480bbf5d72ad2955041fcd60716e951b7654bcff07
0c10e2c1872393cc8807864f67dc235ef6b77358c1d9173a859ec49185c30d15
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
117c186fa011ae9e0e06c03928d60852a1969e5979b337d29574b31f101fd181
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
1465806941428e917e4b8ba5860b7b4a36f7d57e5cd11e79e012dd219018a25e
14ed3f459d855379c289e664d5512c1a801ab700073da27ede502fa8038e92b8
1583f28a50c73c0f65790ed46f422295ae9c61397fba7acd291e4d6487636909
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1bef3bd25610a6248487cd4d522d464f88ebf345505d2d6ff190810a2810bbb6
1e1f86eda71257c82be452535249e64972691db17bbe924bcdc5b70048cfc0cf
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
1f422dad84bdd9f085fb7590475bf24f8c222d14872614d9db20df3445153f29
1f4c9402c18a9ed4379c6e4db828518f9a1956f5a28bf85129396fd4aac42b7b
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
251eeb606918edcd0a39186ad31d1c8b28811aa00ee7ed5adb93afc2b8628471
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b74dcca6a3255958e6bf340ce814b6b873745e2906ecff91b0cd3aa15116c93
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
330bbad493076bbcc4ae7af2bcf94791e8f85b882a60638c08947172da18d04e
365a607bc597a72cbb8b1134378bb96bfd290faaf3185191d2bb4d576d83873a
3971718699b4540076a5147a7c789947f3d35f821d76df8b6026c9c0e8988855
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b45f4378d29efc48961dd9bb89af3ed695562bbafdf78a8b3586315ed1c0a93
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
466e9981b770e7f0332292f6fc2876f5d4c1f2e6aa71510e8ba3e8fcb9419ac9
4a5acb3305f5beef7a26544a0036762c1c586fc213633e6dc47fae8504fe138d
4a5af61ac2a1cec35006725b335457b7f261d713694ce97b1049b3e24bc3b867
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51cabd2d725aea533cf3989c0b98dc1cc63c988e4d4d012afceeaeca84b509dd
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
58ee36480aa68e791322f58872f412e74002d6ed20de2bb8ea2b69d95487b903
59b509e570b16015d0c91d8f647d039d71865f409b3825779163208103290e76
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c79b80ec32a532b360605538ac97c5b2b4fc85f57825582eff5318be177cca2
5c8159452b16d035dd9bbc679ca1b96ce2aec9baf9502c389a9fefe294d4141b
5e1ec145df4e72f13fe27c2c946ae4305f9e9fa17ed3cfc22ae39b84d28b7d66
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2
6775ae3a750e03d17aef17361eb2ff327abc112796226aafc0dba8f3d7845d0d
69509c6b99aba6a57c7eb9f3908e72e3755baf5e01458565e8a40251cb89a298
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dcf5513db2216b938acffe6e78d51addb42160ad58c5d06206578a6fc251fa5
6f72197efe9b8796e643755698e3a888880b381ba02aebbdf6367506a7e37686
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7483ee9e3c4ec7bd1c8fa809ab8afe68713783473ebeb7b7a62b2fa0f7f2a017
790360d989c15d53b57b84faba6f93ab45f9b579d402abb7c8fa27eccb47437d
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
82296f13888cc55dd6d7157a5ad218ce6e651206464055461406a5256c47d3d5
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83222854a0726f7e1abeddc9036aa00f97e1d3f92afed8e5bb81a47112a0e8b3
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
87a2d468f26b863378c319b42c7a5ca7284efd10bbbb93c3f7b0b3e13bb7b75b
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
88450c55b72b16d159e529768f3f7414162deb61d982f4a7a7e53c8a50a3ec75
88a0d872e203e1bf37b0803dbecb31c24aa40da6cbb02ca4fe50268baefc6dbc
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8c739a5eba13b38defdc30afea1f7598eb5385d698f326f7e3b24a33aafac04e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
962299548f48d5eaf5b383dcee2d5ebcd846b99e1f5f6bc4a6109254aa5a3570
9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842
9bd10b48e7bb1c1c6c28c359ebebedeb73360ff8827074eb3470fd56345e6d5c
9d3fa014ea85bbe4a9eaa7fdda426bc5905c44c02c8be9fbb127bd7af372b7ed
9ee06bf337d496c3801d1d889978c058839cdea2f2e466b1b7b2c5fe11c4c796
9f3e59541e68fe6c1f040edc9ff79e9ed170cdcfa1d4fba1212f194e23c4f684
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2084e373a9091ddf7ca22a0ed52e04be90ce4f4c2c49f85e844e89e1b74ddbc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a3ba769358e898d9c7e3dd39ba0f852cd87a8c81e190522cfc1c00035ddd2075
a45d4286c79864158a9c7f5d543c21ebd53726ea5fa1fd984622db2f74a91798
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a628979bbae350718233d3a7bca320732305a1b56187a2d61ef43510de5c4825
a6804e057a916411f2ede2d88df7c916e5dd8d01293ca7692ee5a617806b43f9
a8ad16c76e27370b6b095f7348b39c4e30d82d2c8116da80fad6f8b1e275721a
aa9b078eec4788435ce5ccd507a968274013f8ee9e8ca3ddb05237656ee5dd9d
abc61b3a869a4446e3faea5cd5196599fd9d84334bfa485c38eb3cab1adfb1ee
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b494852663d6ade78142cc7238bb41dbb29cd5719512f7ade8aeed5da0e8f947
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bfdd9ed5d6c2c4271509ba206137e81d5855478058c4b87e6ecb0b5e4a8e2e17
c5455905afcea4293f1d3f1d63064d749c86e7ab5b40c2a20835263dace639e3
c549186f6445b396411112536f2a4d38ff0b67ce7e5c28b4349892ef56700e7d
c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ce8756eb2f65f4df8ff86f514cf4c0756d35e9ea54a5ec23c6777d406f554a87
d0bb5bc05daa2d25715af74acf2c91817b3b55e0e28f0161029db6b8db02b686
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d6e68991e534ac55d80a69df4d51057ad66a080257fdc44e0553c40530ddaab8
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
da299c73034620ffd3957b27abb53bd6e6c44bb47f66aa7cc3a774c58b51c670
daa6207e0296ae54fef23a81ccd4f6408170b30ac34b83196608b844c25cc425
deb34ecc1aec96ff1dd0b58501bce5e95edcbe1b22d1bd287631771bcd5f4136
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e23832eb4235730dde0c5eb0d8cad94b81485cbf5adacef2099ed214ad33c246
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e635a151ae79f1f8a17aec79f96bddb164b751445fb93f80d0357390560e65b6
e687b1e7848cc065c48f1625e4912847e84f01377245e76c4d1935a2d65e3fdd
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eaa4b3213eda65cdf9fe142297ecdacb3d377b321a079acdd586b6f638621faf
ed09e939fdfe0e6aeb1a27a6de975577b8856af406d240d38e7c0fd08d408ee9
ed2d77ad6f19808e45fa19719a3818fa3f7c9f8f2e1accceefe0026d8376eab2
eda77ad54ff37b74ad189f35a5d88e473e426d98ca93d58be272a72c91f5a97f
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f11d54dddc73d809715f0b2e3bc6cbb0b6ad52fdcd784b54708821e0e62b31a9
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f88421b49ffa6c5b3add2257c75572a47ae8c5ffe3a8ea63bbcc8a2e5e463e44
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fe1b6062a0fe0ff86aba96a766cd1d828017240985f046abcf0fbedd355aa4a1
fe6a6b7e9dd9d0a6783bbebbfdaec4453c855fda039073afc7bde990fa72725a
feb91b734e9a65531d51d8567992477fa7885f4a2babf9e2b9bfee8d6db03f43

usanewshour.com Open in urlscan Pro 2606:4700:3032::ac43:9871 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

261 Requests

99 %HTTPS

71 %IPv6

22 Domains

42 Subdomains

36 IPs

6 Countries

9420 kBTransfer

20633 kBSize

6 Cookies

18 Outgoing links

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

usanewshour.com Open in urlscan Pro
2606:4700:3032::ac43:9871 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

99 %
HTTPS

71 %
IPv6

22
Domains

42
Subdomains

36
IPs

6
Countries

9420 kB
Transfer

20633 kB
Size

6
Cookies

261 HTTP transactions
20 data transactions