www.newson6.com Open in urlscan Pro
2600:9000:273b:1200:1c:8a47:ec00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-e...
Effective URL:
https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-e...
Submission: On September 16 via api (September 16th 2024, 8:14:15 pm UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 22 domains to perform 68 HTTP transactions. The main IP is 2600:9000:273b:1200:1c:8a47:ec00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.newson6.com. The Cisco Umbrella rank of the primary domain is 213721.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 15th 2024. Valid for: a year.

This is the only time www.newson6.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2600:9000:273... 2600:9000:273b:1200:1c:8a47:ec00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
6	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.238.149.65 34.238.149.65	14618 (AMAZON-AES) (AMAZON-AES)
1 3	18.244.18.27 18.244.18.27	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	3.77.46.93 3.77.46.93	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:149a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:196f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.208.75.154 3.208.75.154	14618 (AMAZON-AES) (AMAZON-AES)
1	3.5.29.46 3.5.29.46	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:273... 2600:9000:273b:c600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	44.212.189.233 44.212.189.233	14618 (AMAZON-AES) (AMAZON-AES)
6	104.18.25.111 104.18.25.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.235.191.156 44.235.191.156	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1331	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.81.162.201 35.81.162.201	16509 (AMAZON-02) (AMAZON-02)
68	28

13 2600:9000:273b:1200:1c:8a47:ec00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.newson6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.149.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-149-65.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.18.27 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.77.46.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-46-93.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:149a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

griffin-communications.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:196f (United States)

ASN13335 (CLOUDFLARENET, US)

voraciousgrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.208.75.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-75-154.compute-1.amazonaws.com

baron.kotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.29.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

hot-town-closings.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:273b:c600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.189.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-189-233.compute-1.amazonaws.com

44.212.189.233	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.25.111 (None, )

ASN13335 (CLOUDFLARENET, US)

voraciousgrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.191.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-191-156.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1331 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-162-201.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	newson6.com 1 redirects www.newson6.com — Cisco Umbrella Rank: 213721	404 KB
8	voraciousgrip.com voraciousgrip.com — Cisco Umbrella Rank: 233950	268 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4855 onesignal.com — Cisco Umbrella Rank: 1583 img.onesignal.com	87 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33 region1.google-analytics.com — Cisco Umbrella Rank: 3310	21 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 5047 px.mountain.com — Cisco Umbrella Rank: 5170 gs.mountain.com — Cisco Umbrella Rank: 9611	9 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	182 KB
3	gstatic.com fonts.gstatic.com	64 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	302 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
3	akamaized.net griffin-communications.akamaized.net — Cisco Umbrella Rank: 182091	61 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 194	3 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4054
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	3 KB
2	kotv.com baron.kotv.com — Cisco Umbrella Rank: 292184	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	72 KB
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 25630	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10137	63 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 723	482 B
1	amazonaws.com hot-town-closings.s3.amazonaws.com — Cisco Umbrella Rank: 274614	565 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3276	18 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 777	554 B
1	taboola.com c2.taboola.com — Cisco Umbrella Rank: 8950	18 KB
68	22

	Domain	Requested by
13	www.newson6.com	1 redirects www.newson6.com
8	voraciousgrip.com	www.newson6.com voraciousgrip.com
3	onesignal.com	cdn.onesignal.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	www.newson6.com www.googletagmanager.com
3	fonts.googleapis.com	www.newson6.com
3	griffin-communications.akamaized.net	www.newson6.com
3	sb.scorecardresearch.com	1 redirects www.newson6.com
3	securepubads.g.doubleclick.net	www.newson6.com securepubads.g.doubleclick.net
2	px.mountain.com	dx.mountain.com px.mountain.com
2	region1.analytics.google.com	www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	www.newson6.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	baron.kotv.com	www.newson6.com
2	connect.facebook.net	www.newson6.com connect.facebook.net
2	cdn.onesignal.com	www.newson6.com cdn.onesignal.com
1	img.onesignal.com
1	gs.mountain.com	px.mountain.com
1	images.getadmiral.com
1	www.google.de	www.newson6.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.adsafeprotected.com	www.newson6.com
1	hot-town-closings.s3.amazonaws.com	www.newson6.com
1	stackpath.bootstrapcdn.com	www.newson6.com
1	d.agkn.com	www.newson6.com
1	dx.mountain.com	www.newson6.com
1	c2.taboola.com	www.newson6.com
68	28

This site contains links to these domains. Also see Links.

Domain
www.griffin.news
www.paycomonline.net
www.google.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
griffin-communications.akamaized.net
optout.aboutads.info
publicfiles.fcc.gov
www.news9.com
getadmiral.com

Subject Issuer	Validity	Valid
*.newson6.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.onesignal.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2024-05-23` - `2025-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-26` - `2024-09-24`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
voraciousgrip.com WE1	`2024-07-20` - `2024-10-18`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.kotv.com Amazon RSA 2048 M02	`2024-06-14` - `2025-07-12`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
onesignal.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.google.de WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
44.212.189.233 Sectigo RSA Domain Validation Secure Server CA	`2024-01-26` - `2025-02-15`	a year	crt.sh
images.getadmiral.com WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Frame ID: 9F845635A5C1786366DEB7104D5FFD63
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News On 6

Page URL History Show full URLs

http://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hos... HTTP 307
https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hos... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

97 %
HTTPS

46 %
IPv6

22
Domains

28
Subdomains

28
IPs

4
Countries

1521 kB
Transfer

5298 kB
Size

14
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.griffin.news/videosales
Title: Video Sales

Search URL Search Domain Scan URL

URL: https://www.paycomonline.net/v4/ats/web.php/jobs?clientkey=1AA1DF477FCA3329008D91C281B69764
Title: Job Listings

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/News+On+6+KOTV/@36.160321,-95.9947127,17z/data=!3m1!4b1!4m5!3m4!1s0x87b6eb7fa4d01791:0xd95893ab6017140b!8m2!3d36.160321!4d-95.992524

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NewsOn6/

Search URL Search Domain Scan URL

URL: https://twitter.com/NewsOn6
Title: svg{padding-top:4px;}

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newson6kotv/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheNewsOn6

Search URL Search Domain Scan URL

URL: http://www.griffin.news/
Title: Griffin Media.

Search URL Search Domain Scan URL

URL: https://griffin-communications.akamaized.net/legal/ko-kq-eeo.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/#!/
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KOTV-DT
Title: KOTV Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KQCW-DT
Title: KQCW Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/am-profile/KOTV
Title: KOTV-AM Public Inspection File

Search URL Search Domain Scan URL

URL: https://www.news9.com/story/5f9af35232b26d4683a616e5/griffin-communications-fcc-license-application-posting
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.newson6.com&utm_medium=pb&session=5-05da202747fda76dc9f59220acb531ac-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event HTTP 307
https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://sb.scorecardresearch.com/cs/35895192/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 33

https://www.newson6.com/views/utilityBelt?v=1726517649463 HTTP 302
https://www.newson6.com/login

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request -event Show response
www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/
Redirect Chain

http://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

379 KB
71 KB

289ms
243ms

Document
text/html

2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a2321f7dff2850c092b8f7352cf7a71b05ee56ab0fdbe78b85ae89037ba4a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cache-control: public, max-age=6000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 16 Sep 2024 20:14:09 GMT
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-id: FztqxVZMrXgeb6NLbudI9usF8CWCeXweTzuCeQ7j9aZrkyoxw-xN7g==
x-amz-cf-pop: ZRH55-P2
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bundle-kotv-production.js Show response
www.newson6.com/js/ 366 KB
113 KB 218ms
218ms Script
application/javascript 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/bundle-kotv-production.js?v=1726513659567

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aeba694b57aaf915e325b81523fc3a2623e62fdfe4092e3a1f854adc9e2cfca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 16 Sep 2024 19:08:02 GMT
server: nginx
etag: W/"5b8ea-191fc3c1650"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1726513990681
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: g2trHjkUnsShVmhlprJx5Aw-dKPgEmAoz1m1Cy4AstliK25ZBXkQIA==

GET
H2 200 below-the-fold-bundle-kotv.css
www.newson6.com/css/ 100 KB
18 KB 213ms
213ms Stylesheet
text/css 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/css/below-the-fold-bundle-kotv.css?v=1726513659567

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

be6d37a7913385c4e09a232868c5a1f0640784332e51470450c9d6a26007a4ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 16 Sep 2024 19:08:02 GMT
server: nginx
etag: W/"19155-191fc3c1650"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1726513990680
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: CqoaMMXO-U1Tm7IEAL5CCB5KCS0TyByTxUB9B6CmCc3hgq3obReEmQ==

GET
H2 200 above-the-fold-bundle-kotv.css
www.newson6.com/css/ 219 KB
41 KB 213ms
212ms Stylesheet
text/css 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/css/above-the-fold-bundle-kotv.css?v=1726513659567

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

22fa14bdf4a3b6b14e9374c4a185ad44ea98012ed51bfd92f24bdefd52410255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 16 Sep 2024 19:08:02 GMT
server: nginx
etag: W/"36dea-191fc3c1650"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1726513990695
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: jKDL3Sgx0QOgmbgMgPC9Y9IfdxJWgGKr8Z97aA2QtSvE-nvOoFxKZw==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
32 KB 38ms
22ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e1a317fe45fe94f6d901f79f33f9a0b2e7eeb82b6eb22f8a2e387ce82be1431c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32468
x-xss-protection: 0
server: cafe
etag: 583 / 19982 / 31087005 / config-hash: 6470298895078174615
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/griffin-newson6/ 72 KB
18 KB 220ms
201ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/griffin-newson6/newsroom.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11a92f958776c4c95db04e3dcdea3eaad69cb1bd45841f84dc9b328fe78ba280

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Mon, 16 Sep 2024 20:14:09 GMT
x-amz-request-id: TGVGKTBTMKD7JBTB
age: 0
x-cache: HIT
content-length: 17938
x-amz-id-2: 8BA+xNdRDdONrOWhPr7X25BT8hf284ansE3YbqMuBVl4prOigPlxbTZ8SxA57z2WMOp9AdPxjlk=
x-served-by: cache-fra-etou8220024-FRA
last-modified: Mon, 17 Jan 2022 05:43:35 GMT
server: AmazonS3
x-timer: S1726517649.357710,VS0,VE194
etag: "05b5292ef5997b2454e6d68c4cd59dd3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 42ms
30ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1517
etag: W/"09282956186c8515ef0d208902803581"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8c43856c7cbd3604-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Sep 2024 20:14:09 GMT

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 19 KB
5 KB 388ms
98ms Script
application/javascript 34.238.149.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=38151&tdr=&plh=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&cb=88394548296244060term=value
Requested by: Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-149-65.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 1b48e398899a8426cc5a9279583ecc2eeea25d481709ce5dcb804dfb1a46cfee

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 3
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/35895192/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

13ms
6ms

Script
application/javascript

18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Protocol: H2
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 02:25:02 GMT
content-encoding: gzip
via: 1.1 b2d59a81483e9c35443be57826cea9fa.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 64148
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: JPl66ma7eXm_tCVm7AWEuvtU6WE4fh7Okusvdx0NFyTcj_mbdAaTHA==

Redirect headers

date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 b2d59a81483e9c35443be57826cea9fa.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: 7F8i6NIXJgajlToCydBSXMEjzhg1CUJbZKZ77cZV51JeuKnAYTVdcQ==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 23ms
10ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 16 Sep 2024 20:14:09 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4415, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: FKHlE/8M7YDn69Hk01I2ltHU0+tvoYN9FbbGp6zwZl4nboYW0YZHoWujPTj0sVGch40HPY33yhCDc9A/2Ojuug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 /
d.agkn.com/pixel/15839/ 43 B
554 B 55ms
9ms Image
image/gif 3.77.46.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/15839/?che=1726517649083
Requested by: Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.77.46.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-46-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2024 20:14:08 GMT
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK station-logo.png
griffin-communications.akamaized.net/Marketing/ott/wx-vault/ 3 KB
3 KB 102ms
15ms Image
image/png 2a02:26f0:3500:16::215:149a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/Marketing/ott/wx-vault/station-logo.png
Requested by: Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0586ae8844d448a4b3fa723848f412629898d3656c0201e7e6f0e83352d5cdab

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 16 Sep 2024 20:14:09 GMT
Last-Modified: Tue, 31 Aug 2021 16:18:40 GMT
Server: AkamaiNetStorage
ETag: "235e039be0fb688637089112378b71bf:1630426720.253858"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 3028

GET
H2 200 css
fonts.googleapis.com/ 5 KB
767 B 58ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 19:55:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 62ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 20:00:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1012 B 57ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:ital,wght@0,200..800;1,200..800&display=swap

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93d7a44bbf8dc50ecfb59f05c8c5d3f035440eccf224151e3267b39bf116c486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 18:50:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H2 200 jquery.min.js Show response
www.newson6.com/js/ 85 KB
30 KB 32ms
31ms Script
application/javascript 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/jquery.min.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 20:10:36 GMT
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
age: 213
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 16 Sep 2024 19:08:02 GMT
server: nginx
etag: W/"15283-191fc3c1650"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1726515534727
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: ikkPoy3YVXftJBNe2A57RKgf242CablwDbNk7T4ndm_UWM_Aqfxz8A==

GET
H2 200 bootstrap.min.js Show response
www.newson6.com/js/ 36 KB
10 KB 48ms
47ms Script
application/javascript 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/bootstrap.min.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 20:05:37 GMT
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
age: 512
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 16 Sep 2024 19:08:02 GMT
server: nginx
etag: W/"90b5-191fc3c1650"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1726515321651
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: HzUvMbYZFGDuny0fE3Gj6wj1NW2hPJAwTW9YJSwwdGBnfnYvK575xw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
95 KB 65ms
33ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-NXTXTZN

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6743f8c3fbcf15c12e02fe9bdee33c1cc85840833f0e71dbd9735f5c213ef1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97023
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H/1.1 200
OK kotv_map.png
griffin-communications.akamaized.net/NEXGEN_Images/ 56 KB
56 KB 95ms
23ms Image
image/png 2a02:26f0:3500:16::215:149a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/NEXGEN_Images/kotv_map.png
Requested by: Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 622cb32834d8b4001a0bec1c65a17615a31d1d450b4cc28cad86b86300b77bbc

Request headers

Referer: https://www.newson6.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 16 Sep 2024 20:14:09 GMT
Last-Modified: Fri, 31 Aug 2018 15:28:33 GMT
Server: AkamaiNetStorage
ETag: "ee06c06c536932f80e51d2f610e3d393:1580943201.275522"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 57248

GET
H3 200 glyphicons-halflings-regular.woff2
stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 51ms
29ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newson6.com/
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1049
age: 16164540
cdn-cachedat: 10/31/2023 18:59:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18028
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "448c34a56d699c29117adc64c43affeb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bafc79242c59e2f7bce24ef35efd579e
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8c43856caabcd2f6-FRA
cdn-requestpullsuccess: True

GET
H2 200 fa-brands-400.woff2
www.newson6.com/webfonts/ 74 KB
75 KB 34ms
33ms Font
font/woff2 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/webfonts/fa-brands-400.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 16 Sep 2024 19:54:03 GMT
x-content-type-options: nosniff
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
age: 1206
x-cache: Hit from cloudfront
content-length: 75936
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 16 Sep 2024 19:08:02 GMT
server: nginx
etag: W/"128a0-191fc3c1650"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1726514621470
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: JXTY-K1rWunvT26szlUrMasov8p41gbpuCMTxhN5zbJK2m0xv2T1ag==

GET
H2 200 fa-regular-400.woff2
www.newson6.com/webfonts/ 13 KB
14 KB 32ms
30ms Font
font/woff2 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/webfonts/fa-regular-400.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 16 Sep 2024 19:54:03 GMT
x-content-type-options: nosniff
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
age: 1206
x-cache: Hit from cloudfront
content-length: 13576
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 16 Sep 2024 19:08:02 GMT
server: nginx
etag: W/"3508-191fc3c1650"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1726514621466
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: _ipDBJl01HnnuXE5OqALJIcAsYiIrW1SwUgxxWBnqN_HoQUn-bXt_g==

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 55ms
54ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 54
etag: W/"7e91359b46e1da637080a03b759164fa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8c43856cad093604-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Sep 2024 20:14:09 GMT

GET
H2 200 v2caaB_FSFDw-EqaKuPZFAAP6PCv8ZYFQOxz0fiWaXgyB0WxnVJw0WvM Show response
voraciousgrip.com/ 203 KB
49 KB 147ms
63ms Script
text/javascript 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2caaB_FSFDw-EqaKuPZFAAP6PCv8ZYFQOxz0fiWaXgyB0WxnVJw0WvM

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b73de0a8fa02f78e0c85a4a93ae3c080719872da19835631bf69a59cfc57adf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1433990761
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"90239e37be4673f39f4101ed8703f5bd307fcb59ffe4300c7ddc0c355c9ffb78"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-tpfq
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
cf-ray: 8c43856d4f53d2e7-FRA

GET
H2 200 v2ipmXA6MeGJxAAF3s5eyJmTZGMEujYj0Nf1YtoIFT23v_kJUBDmbTPD_BqWx7Wq0UpGei-zE Show response
voraciousgrip.com/ 9 KB
4 KB 129ms
58ms Script
text/javascript 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2ipmXA6MeGJxAAF3s5eyJmTZGMEujYj0Nf1YtoIFT23v_kJUBDmbTPD_BqWx7Wq0UpGei-zE

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d31ff2c9d27ecacb1ebb22d236141c9a4fb9fb0a5acd0d2a718181f4bf5c286

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1433990761
alt-svc: h3=":443"; ma=86400
content-length: 3877
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"9473aa90e9d4cb13889385e0914a7408d6dd62c6c55c6faa42083339a53f21eb"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-tpfq
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c43856d4f4fd2e7-FRA

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409100101/ 480 KB
150 KB 10ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409100101/pubads_impl.js?cb=31087005

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8f13473639eff12ad78ae3effa785c4cee8d8d71283c64f8cc03254ec2a0506b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36774
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153238
x-xss-protection: 0
server: cafe
etag: 6571333366724888219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 16 Sep 2025 10:01:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
575 B 33ms
17ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newson6.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8d8248ff8ce378e9ab41660ad8402cc6426429d48f359d9acc551ed235d0319a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 550
x-xss-protection: 0
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H3 200 1077383675996983 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 77ms
76ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1077383675996983?v=2.9.167&r=stable&domain=www.newson6.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c234606ba5dd14df75dc68dfb8681c16a3116c1227197265e9b32853c44ce8f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 16 Sep 2024 20:14:09 GMT
document-policy: force-load-at-top
x-fb-server-load: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=65, mss=1232, tbw=68642, tp=66, tpl=0, uplat=68, ullat=1
pragma: public
x-fb-debug: EsMJgKvbtDY0SqnOnbf9+brtAub3JWLg9vb+MwvJCC2t3hNEep+3NGxbB0dBLKo9Zzq+cIv9+PFv/719gHU/yw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 9ms
8ms Image
text/plain 18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=35895192&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1726517649447&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&c8=News%20On%206&c9=
Requested by: Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 b2d59a81483e9c35443be57826cea9fa.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: Y0DBeQn16kh2s9OELIunIUthasBhrJfBWK2bf27Sbc_jIXlrXK6qnQ==
x-cache: Miss from cloudfront

GET
H2 200 ppid Show response
www.newson6.com/ads/ 44 B
690 B 266ms
265ms XHR
text/plain 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/ads/ppid

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1726513659567

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ab972a81e19f97d90737865ad92632a6376d8ea63549ef6bf13a2cdaf6bceee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
x-cache: Miss from cloudfront
content-length: 44
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: Qoxv6d42RvcZu9Xyhd0ojJClJOYPtckfk2PnYlfe4Ncf400FjTvdog==

GET
H2 200 ppid Show response
www.newson6.com/ads/ 44 B
0 267ms
267ms XHR
text/plain 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/ads/ppid

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1726513659567

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ab972a81e19f97d90737865ad92632a6376d8ea63549ef6bf13a2cdaf6bceee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: ZRH55-P2
x-cache: Miss from cloudfront
content-length: 44
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: Qoxv6d42RvcZu9Xyhd0ojJClJOYPtckfk2PnYlfe4Ncf400FjTvdog==

GET
H2 200 74120 Show response
baron.kotv.com/reports/metar/zip/ 1 KB
1 KB 407ms
95ms XHR
application/json 3.208.75.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baron.kotv.com/reports/metar/zip/74120
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1726513659567
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.75.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-75-154.compute-1.amazonaws.com
Software: nginx/1.22.0 / Express
Resource Hash: d78cfd287306fa87bea13e81af7461ba54ed4e6f08f134e7fed037ffcade8c66

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
server: nginx/1.22.0
x-powered-by: Express
etag: W/"443-WCAG6bzZBUkzBbp1ascqyqXhi+g"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 1091

GET
H2 200 oklahoma Show response
baron.kotv.com/nws/alerts/ 59 B
316 B 406ms
93ms XHR
application/json 3.208.75.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baron.kotv.com/nws/alerts/oklahoma
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1726513659567
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.75.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-75-154.compute-1.amazonaws.com
Software: nginx/1.22.0 / Express
Resource Hash: b959a75c57e26a848e5d7393fa67f91e2eb73339c21ccc5a4c2c89ac52d4c9ff

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
server: nginx/1.22.0
x-powered-by: Express
etag: W/"3b-aJJiU60d/38iNbSqjoJ2kZm0J8o"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 59

GET
H/1.1 200
OK kotv-production.js Show response
hot-town-closings.s3.amazonaws.com/ 2 B
565 B 319ms
117ms XHR
application/json 3.5.29.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hot-town-closings.s3.amazonaws.com/kotv-production.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1726513659567
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.29.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 16 Sep 2024 20:14:10 GMT
Last-Modified: Mon, 16 Sep 2024 20:13:34 GMT
Server: AmazonS3
x-amz-request-id: F1Z9FBZ360SFPJSC
ETag: "d751713988987e9331980363e24189ce"
x-amz-server-side-encryption: AES256
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 2
x-amz-id-2: nX+eUADtM/9oQgzhqIMNTNVPSaDyC/2zDmPKV1DNzBOkhBHpMLI0OaTXcSV5WAnQWUx6jUR5nmfBhfQM15nT67+TZsgTzx65

GET
H2

200

https://www.newson6.com/views/utilityBelt?v=1726517649463
https://www.newson6.com/login

161 KB
31 KB

203ms
202ms

XHR
text/html

2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/login

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Server

2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ed113fceff057ace065ccb06b2770c5a6513a475ea3a569ebf32111c76df9723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: M_b_6BsymVCW60h2sSzEDxp_nC3xpvRd2DNljzrFlgzQ7yzrsfcLfg==

Redirect headers

date: Mon, 16 Sep 2024 20:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
x-cache: Miss from cloudfront
content-length: 28
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /login
cache-control: no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: Pi7qiCWHAMoPjVC4yWxXjnpB8-EYZmkplgYHjN46XftOE5mo0hh6GA==

GET
H2 200 LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
fonts.gstatic.com/s/plusjakartasans/v8/ 27 KB
27 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:ital,wght@0,200..800;1,200..800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:36:56 GMT
x-content-type-options: nosniff
age: 178633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27444
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 14:14:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Sep 2025 18:36:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
105 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-026M3Q2X8P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bcbba2022272dcbec9282d713b9075bbbc12dc2fb0efd3bd3f7771daf01c852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
8ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 20:02:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 725
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 16 Sep 2024 22:02:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
103 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YK2KCC8TFW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d1194f451a35d5336f1b1d60e348d603398cf270e3f1cfbe909b2c34a4ca075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/8ecab6d8-22aa-4675-af6d-17a7c9248f02/ 5 KB
2 KB 39ms
25ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8ecab6d8-22aa-4675-af6d-17a7c9248f02/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a4567d11a22ec4163591eec56bb782f2e3156dbec59150613a9c2600a73e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2805
cf-polished: origSize=4946
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9ccd3183-cc3f-4216-9ab4-e54694677cd9
x-runtime: 0.040280
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"34516654f9ca7fdce137be6db3e0b47c"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8c43856db81dd36c-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 16 Sep 2024 21:14:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 25ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1077383675996983&ev=PageView&dl=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&rl=&if=false&ts=1726517649597&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726517649595.916890530234251698&cs_est=true&ler=empty&cdl=API_unavailable&it=1726517649444&coo=false&rqm=GET

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 16 Sep 2024 20:14:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 173ms
157ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1077383675996983&ev=PageView&dl=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&rl=&if=false&ts=1726517649597&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726517649595.916890530234251698&cs_est=true&ler=empty&cdl=API_unavailable&it=1726517649444&coo=false&rqm=FGET

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 16 Sep 2024 20:14:09 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415336839462980589", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1297, tbw=3090, tp=-1, tpl=-1, uplat=148, ullat=0
pragma: no-cache
x-fb-debug: 7o3OmlXkwXfh+VvxaYuur2ASDp6eMEyUk0r3C4Dsu0KMOpJOk1+i9dPX++1/A1UwTASe8wLyA4pfEPs3H2lshA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415336839462980589"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 38ms
12ms Image
image/gif 2600:9000:273b:c600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adspot_id=wboqnn_728x90_
Requested by: Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:273b:c600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 15:04:38 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 96a0de993ee2fd445cf370379abafd8e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P2
age: 18572
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Y3NqMHKebg4Qd5eyDDCnyD7TLSwVAxjNFevCXrnZdVCm5d2MpSVf2g==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 38ms
16ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YK2KCC8TFW&gtm=45je4990v9127116086za200zb77863514&_p=1726517649424&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1821899099.1726517650&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726517649&sct=1&seg=0&dl=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&dt=News%20On%206&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=798
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YK2KCC8TFW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 20:14:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 17ms
16ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1884077208&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&ul=de-de&de=UTF-8&dt=News%20On%206&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACAAI~&jid=354745962&gjid=1244108382&cid=1821899099.1726517650&tid=UA-572554-5&_gid=1586769897.1726517650&_r=1&_slc=1&gtm=45Xe4990n81NXTXTZNv77863514za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&npa=1&z=2058756649

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 20:14:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 38ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-026M3Q2X8P&gtm=45je4990v9103750854z877863514za200zb77863514&_p=1726517649424&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1821899099.1726517650&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726517649&sct=1&seg=0&dl=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&dt=News%20On%206&en=page_view&_fv=1&_ss=1&tfd=814
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-026M3Q2X8P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 20:14:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 62ms
22ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-026M3Q2X8P&cid=1821899099.1726517650&gtm=45je4990v9103750854z877863514za200zb77863514&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-026M3Q2X8P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 20:14:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 59ms
42ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-026M3Q2X8P&cid=1821899099.1726517650&gtm=45je4990v9103750854z877863514za200zb77863514&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1593898496

Requested by

Host: www.newson6.com
URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 20:14:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK is Show response
44.212.189.233/ 32 B
437 B 395ms
96ms Fetch
text/plain 44.212.189.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://44.212.189.233/is?cb=1726517649725
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=38151&tdr=&plh=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&cb=88394548296244060term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.212.189.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-189-233.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: d3e5763823363821ee2c7c6a6abadcc70e258f6eb02dbec29b84d02ce41b4764

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2 200 favicon.ico
www.newson6.com/ 1 KB
889 B 121ms
119ms Other
image/x-icon 2600:9000:273b:1200:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newson6.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:273b:1200:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1459039fa78fcee558ab332714ac77bd557beb609d86c97746dcf0471f43a87f

Request headers

Referer: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:09 GMT
content-encoding: gzip
via: 1.1 7b1453554724e38e8ddaa890cda58f10.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ZRH55-P2
etag: "47e-0vgWn+HAKBtNCS4IzvwtAOx/1Xg"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/x-icon
cache-control: public, max-age=31536000
x-amz-cf-id: 1gN9Aeexeo-HWIH1BjIzfynkjfwryspMo9BtX0yI8Dytyj1z-dQVUg==

GET
H/1.1 200
OK clear.svg
griffin-communications.akamaized.net/baronIcons/day/ 1019 B
1 KB 16ms
16ms Image
image/svg+xml 2a02:26f0:3500:16::215:149a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/baronIcons/day/clear.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c8d1072717e9023d06d9ce88406e71b930a0075cd9d0cba724e5c52e2a39dfeb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 16 Sep 2024 20:14:09 GMT
Last-Modified: Sat, 14 Sep 2024 23:59:37 GMT
Server: AkamaiNetStorage
ETag: "bb20d469233a181f55e03fef4de611cf:1726358377.584991"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1019

POST
H3 200 93636e7a1f0d45ddbe56a2726bc30e31bfa81 Show response
voraciousgrip.com/a85e7cc2b47ede9/ 303 B
719 B 108ms
77ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/a85e7cc2b47ede9/93636e7a1f0d45ddbe56a2726bc30e31bfa81

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2caaB_FSFDw-EqaKuPZFAAP6PCv8ZYFQOxz0fiWaXgyB0WxnVJw0WvM

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae389c5661e57546f9fc8cf48420f530c4e6f6108b038b0224225281038c673a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1433990761
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
x-hostname: fen-hoothoot-europe-west1-spot-dz4r
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8c4385703ea01cc7-FRA
expires: Mon, 16 Sep 2024 20:14:08 GMT

POST
H3 200 93636e7a1f0d45ddbe56a2726bc30e31bfa81 Show response
voraciousgrip.com/a95e7cc2b47ede9/ 2 KB
1 KB 332ms
331ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/a95e7cc2b47ede9/93636e7a1f0d45ddbe56a2726bc30e31bfa81

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2caaB_FSFDw-EqaKuPZFAAP6PCv8ZYFQOxz0fiWaXgyB0WxnVJw0WvM

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8ae6cc90f20043de022e2e35b8ed22eafbe6c24bda9b423768ff90d65e1f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: DYNAMIC
x-buildnumber: 1433990761
alt-svc: h3=":443"; ma=86400
content-length: 793
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
x-hostname: fen-hoothoot-europe-west1-spot-dz4r
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8c438570cf871cc7-FRA
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 736ms
184ms Script
application/javascript 44.235.191.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-026M3Q2X8P%3BG-YK2KCC8TFW&ga_client_id=1821899099.1726517650&shpt=News%20On%206&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-026M3Q2X8P%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22G-YK2KCC8TFW%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22UA-572554-5%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-026M3Q2X8P%3BG-YK2KCC8TFW%22%2C%22ga_tracking_id%22%3A%22G-026M3Q2X8P%3BG-YK2KCC8TFW%22%2C%22ga_client_id%22%3A%221821899099.1726517650%22%2C%22shpt%22%3A%22News%20On%206%22%2C%22dcm_cid%22%3A%22%22%2C%22dcm_gid%22%3A%221586769897.1726517650%22%2C%22mntnis%22%3A%22LsavUDv3kdGn0ll6OzQDfMGpdPANdfjR%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=&dcm_gid=1586769897.1726517650&available_ga=%5B%7B%22id%22%3A%22G-026M3Q2X8P%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22G-YK2KCC8TFW%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22UA-572554-5%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-026M3Q2X8P%3BG-YK2KCC8TFW&dxver=4.0.0&shaid=38151&plh=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&cb=88394548296244060term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=38151&tdr=&plh=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&cb=88394548296244060term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-191-156.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 4d3f8f15f838b9645eb4f5051f581508c0aefdd177db23724f159fb93ceab1cf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

GET
H3 200 ConsentManager,Sticky2 Show response
voraciousgrip.com/ab5e7cc2b47ede9/93636e7a1f0d45ddbe57e276081/ 379 KB
108 KB 61ms
61ms Script
text/javascript 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/ab5e7cc2b47ede9/93636e7a1f0d45ddbe57e276081/ConsentManager,Sticky2

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2caaB_FSFDw-EqaKuPZFAAP6PCv8ZYFQOxz0fiWaXgyB0WxnVJw0WvM

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe7da4826166c3f0b98756f7645d058a02832bcecd947cb67543f7c589e9200

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1433990761
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"23480d22e3f0495f908e3ff4e678c950276e4f05c29b56673d2be9f7b98316ad"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.newson6.com
x-hostname: fen-hoothoot-europe-west1-spot-dz4r
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8c438572eaf61cc7-FRA

GET
H3 200 acv.json Show response
voraciousgrip.com/ 81 KB
18 KB 36ms
36ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/acv.json

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2caaB_FSFDw-EqaKuPZFAAP6PCv8ZYFQOxz0fiWaXgyB0WxnVJw0WvM

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: REVALIDATED
x-buildnumber: 1433990761
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Sep 2024 21:01:20 GMT
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.newson6.com
x-hostname: fen-hoothoot-europe-west1-spot-dz4r
cache-control: public, max-age=3600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8c4385738c0e1cc7-FRA
expires: Mon, 16 Sep 2024 21:14:10 GMT

GET
H3 200 93636e7a1f0d45ddbe57a2773a123a608f8277fb7debf81.min.js Show response
voraciousgrip.com/ab5e7cc2b47ede9/ 674 KB
87 KB 63ms
62ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/ab5e7cc2b47ede9/93636e7a1f0d45ddbe57a2773a123a608f8277fb7debf81.min.js

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2caaB_FSFDw-EqaKuPZFAAP6PCv8ZYFQOxz0fiWaXgyB0WxnVJw0WvM

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd54d74cbf62a7358e8ad6d7cfc287a5165080352258b188f5597db1d2753fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1433990761
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"bfe731ca2e024428cfe320a8bfa52baa9130be02e4dd1bb6c516d73b8b2b9ced"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
x-hostname: fen-hoothoot-europe-west1-spot-dz4r
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8c4385738c0f1cc7-FRA

GET
H2 200 MiwwY2M3MWM5Zjc1M2I
images.getadmiral.com/ 3 KB
3 KB 94ms
58ms Image
image/png 2606:4700::6812:1331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MiwwY2M3MWM5Zjc1M2I

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1331 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6179974393162583edabf194073462712000fc96c82d4b9eccedf7aa9617b548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
strict-transport-security: max-age=15552000; preload
via: 1.1 google
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-buildnumber: 1366914779
content-length: 2568
server: cloudflare
x-datacenter: gce-europe-west1
etag: "c7c2d87d"
x-buildname: dank
vary: Accept-Encoding
x-hostname: backend-europe-west1-spot-9sjn
content-type: image/png
cache-control: private, must-revalidate, max-age=3600
cf-ray: 8c438573c9548eb7-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:51:05 GMT
x-content-type-options: nosniff
age: 548585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:51:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:51:39 GMT
x-content-type-options: nosniff
age: 548551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:51:39 GMT

POST
H3 200 93636e7a1f0d45ddbe56a2726bc30e31bfa81 Show response
voraciousgrip.com/a85e7cc2b47ede9/ 290 B
674 B 66ms
65ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/a85e7cc2b47ede9/93636e7a1f0d45ddbe56a2726bc30e31bfa81

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2caaB_FSFDw-EqaKuPZFAAP6PCv8ZYFQOxz0fiWaXgyB0WxnVJw0WvM

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37f1b1d88a15ae12a472191ce44942c704f125830b745debc4806ca2b4e4badd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 16 Sep 2024 20:14:10 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1433990761
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
x-hostname: fen-hoothoot-europe-west1-spot-dz4r
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8c4385752e5a1cc7-FRA
expires: Mon, 16 Sep 2024 20:14:09 GMT

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 735ms
186ms Script
application/javascript 35.81.162.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-026M3Q2X8P%3BG-YK2KCC8TFW&ga_client_id=1821899099.1726517650&shpt=News%20On%206&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-026M3Q2X8P%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22G-YK2KCC8TFW%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22UA-572554-5%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-026M3Q2X8P%3BG-YK2KCC8TFW%22%2C%22ga_tracking_id%22%3A%22G-026M3Q2X8P%3BG-YK2KCC8TFW%22%2C%22ga_client_id%22%3A%221821899099.1726517650%22%2C%22shpt%22%3A%22News%20On%206%22%2C%22dcm_cid%22%3A%22%22%2C%22dcm_gid%22%3A%221586769897.1726517650%22%2C%22mntnis%22%3A%22LsavUDv3kdGn0ll6OzQDfMGpdPANdfjR%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=&dcm_gid=1586769897.1726517650&available_ga=%5B%7B%22id%22%3A%22G-026M3Q2X8P%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22G-YK2KCC8TFW%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22UA-572554-5%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-026M3Q2X8P%3BG-YK2KCC8TFW&dxver=4.0.0&shaid=38151&plh=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&cb=88394548296244060term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: ea1606c6f03d456d2def969c5a70b53498a988239a4ccb56eab9671489fa9e2a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:11 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 574ms
211ms Script
application/javascript 44.235.191.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-026M3Q2X8P%3BG-YK2KCC8TFW&ga_client_id=1821899099.1726517650&shpt=News%20On%206&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-026M3Q2X8P%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22G-YK2KCC8TFW%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22UA-572554-5%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-026M3Q2X8P%3BG-YK2KCC8TFW%22%2C%22ga_tracking_id%22%3A%22G-026M3Q2X8P%3BG-YK2KCC8TFW%22%2C%22ga_client_id%22%3A%221821899099.1726517650%22%2C%22shpt%22%3A%22News%20On%206%22%2C%22dcm_cid%22%3A%22%22%2C%22dcm_gid%22%3A%221586769897.1726517650%22%2C%22mntnis%22%3A%22LsavUDv3kdGn0ll6OzQDfMGpdPANdfjR%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=&dcm_gid=1586769897.1726517650&available_ga=%5B%7B%22id%22%3A%22G-026M3Q2X8P%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22G-YK2KCC8TFW%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22UA-572554-5%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-026M3Q2X8P%3BG-YK2KCC8TFW&dxver=4.0.0&shaid=38151&plh=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1726517650779590&shguid=24183f99-f07e-3e4f-815e-0cb5064014e4&shgts=1726517651515
Requested by: Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-026M3Q2X8P%3BG-YK2KCC8TFW&ga_client_id=1821899099.1726517650&shpt=News%20On%206&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-026M3Q2X8P%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22G-YK2KCC8TFW%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22UA-572554-5%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-026M3Q2X8P%3BG-YK2KCC8TFW%22%2C%22ga_tracking_id%22%3A%22G-026M3Q2X8P%3BG-YK2KCC8TFW%22%2C%22ga_client_id%22%3A%221821899099.1726517650%22%2C%22shpt%22%3A%22News%20On%206%22%2C%22dcm_cid%22%3A%22%22%2C%22dcm_gid%22%3A%221586769897.1726517650%22%2C%22mntnis%22%3A%22LsavUDv3kdGn0ll6OzQDfMGpdPANdfjR%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=&dcm_gid=1586769897.1726517650&available_ga=%5B%7B%22id%22%3A%22G-026M3Q2X8P%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22G-YK2KCC8TFW%22%2C%22sess_id%22%3A%221726517649%22%7D%2C%7B%22id%22%3A%22UA-572554-5%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-026M3Q2X8P%3BG-YK2KCC8TFW&dxver=4.0.0&shaid=38151&plh=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&cb=88394548296244060term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-191-156.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:12 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 24
connection: close

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 17ms
16ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-026M3Q2X8P&gtm=45je4990v9103750854za200zb77863514&_p=1726517649424&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1821899099.1726517650&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1726517649&sct=1&seg=0&dl=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&dt=News%20On%206&en=scroll&epn.percent_scrolled=90&_et=13&tfd=5829
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-026M3Q2X8P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 20:14:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 15ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YK2KCC8TFW&gtm=45je4990v9127116086za200zb77863514&_p=1726517649424&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1821899099.1726517650&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1726517649&sct=1&seg=0&dl=https%3A%2F%2Fwww.newson6.com%2F%2Fstory%2F%2F634de268be36ef071e022daf%2F%2Ftulsa%2F-donut%2F-shop%2F-vandalized%2F-after%2F-hosting%2F-drag%2F-queen%2F-event&dt=News%20On%206&en=scroll&epn.percent_scrolled=90&_et=33&tfd=5832
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YK2KCC8TFW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 20:14:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 24ms
23ms Stylesheet
text/css 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:14 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2544
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8c43858dedabd36c-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Oct 2024 20:14:14 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8ecab6d8-22aa-4675-af6d-17a7c9248f02/ 184 B
759 B 78ms
68ms Fetch
application/json 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8ecab6d8-22aa-4675-af6d-17a7c9248f02/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

117b13905ae7b91788d5716a4d482171c0b40989f1ad8d4929bdb6dbe40c227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 20:14:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7c66581d-c755-4254-8fae-5312a71ec619
x-runtime: 0.012978
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"117b13905ae7b91788d5716a4d482171"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 8c43858e2ecb3644-FRA
access-control-allow-headers: SDK-Version

GET
H3 200 3e09be99-6c43-429f-b95f-abf9052d3b25
img.onesignal.com/permanent/ 3 KB
4 KB 36ms
24ms Image
application/octet-stream 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/permanent/3e09be99-6c43-429f-b95f-abf9052d3b25

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48906fd1b72fa402a11d6dc17f59e573a74c304a5e860c699c9891894726924

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date: Mon, 16 Sep 2024 20:14:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 2796
x-guploader-uploadid: ACJd0NrXXLlSwPIB7HA_E_XuKSWP_khmGty2KYHCPPfLU2I5zb3UJTYfzVhmXeRH5ax0MY7aMZ8BjmD8mQ
x-goog-meta-x-goog-source-etag: "6ada8a54058986f53e8b395cbc4d185b"
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3025
pragma: no-cache
last-modified: Tue, 14 Feb 2023 03:15:43 GMT
server: cloudflare
etag: "-CKjvp4iGlP0CEAE="
vary: Origin, Accept-Encoding
x-goog-generation: 1676344543541160
content-type: application/octet-stream
x-goog-hash: crc32c=0aUTQQ==, md5=atqKVAWJhvU+izlcvE0YWw==
cache-control: public, max-age=2678400
x-goog-meta-cache-control: public, maxage=604800
x-goog-stored-content-length: 3025
accept-ranges: bytes
cf-ray: 8c43858ebdc73604-FRA
expires: Thu, 17 Oct 2024 20:14:14 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 23:35:19	Name: __cf_bm Value: VrO9ybk1CK6hRAyLgIdWMWpan9ww87_gh907mcZpDTM-1726517649-1.0.1.1-SCs3dRX8GKocU12i.yrDLvZ8FU40Tej8faZng7JYOd5u9Ne7qFeoxOQ865aGquQkWui3sp9w.AKX.JRNwlNUYA
.agkn.com/	1970-01-21 08:20:53	Name: ab Value: 0001%3AbXtYXxFqK1yUCr9ZYbLsbyikkoGXBblR
.agkn.com/	1970-01-21 08:20:53	Name: u Value: C\|0AAAue04RLntOEQAAAAAA
.newson6.com/	1970-01-21 01:44:53	Name: _fbp Value: fb.1.1726517649595.916890530234251698
.newson6.com/	1970-01-21 09:04:05	Name: usprivacy Value: 1---
.newson6.com/	1970-01-20 23:36:44	Name: _gid Value: GA1.2.1586769897.1726517650
.newson6.com/	1970-01-20 23:35:17	Name: _gat_UA-572554-5 Value: 1
.newson6.com/	1970-01-21 09:11:17	Name: _ga Value: GA1.1.1821899099.1726517650
.newson6.com/	1970-01-21 09:11:17	Name: _ga_026M3Q2X8P Value: GS1.1.1726517649.1.0.1726517649.60.0.0
.newson6.com/	1970-01-21 09:11:17	Name: _ga_YK2KCC8TFW Value: GS1.1.1726517649.1.0.1726517649.0.0.0
www.newson6.com/	1970-01-20 23:38:10	Name: connect.sid Value: s%3AyhPNxX0zhXX6RhcEl6csLFEqzUIg7CfU.san1T2Dc7IJTcWn1IqaSLMFzLsahWZfNN8lhBxkXamY
.newson6.com/	1970-01-21 09:04:05	Name: _awl Value: 2.1726517650.5-05da202747fda76dc9f59220acb531ac-6763652d6575726f70652d7765737431-0
.mountain.com/	1970-01-21 08:20:53	Name: guid Value: 3c3c72d1-7468-11ef-b590-4bc82a9903d5
.px.mountain.com/	1970-01-21 08:20:53	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event Message: Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
other	warning	URL: https://www.newson6.com//story//634de268be36ef071e022daf//tulsa/-donut/-shop/-vandalized/-after/-hosting/-drag/-queen/-event Message: The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baron.kotv.com
c2.taboola.com
cdn.onesignal.com
connect.facebook.net
d.agkn.com
dx.mountain.com
fonts.googleapis.com
fonts.gstatic.com
griffin-communications.akamaized.net
gs.mountain.com
hot-town-closings.s3.amazonaws.com
images.getadmiral.com
img.onesignal.com
onesignal.com
px.mountain.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.adsafeprotected.com
stats.g.doubleclick.net
voraciousgrip.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.newson6.com
104.17.111.223
104.18.11.207
104.18.25.111
142.250.185.226
142.250.186.163
151.101.1.44
157.240.0.6
18.244.18.27
2001:4860:4802:32::36
2001:4860:4802:34::36
2001:4860:4802:38::178
2600:9000:273b:1200:1c:8a47:ec00:93a1
2600:9000:273b:c600:8:48e:53c0:93a1
2606:4700::6812:1331
2606:4700::6812:196f
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:149a
2a03:2880:f177:83:face:b00c:0:25de
3.208.75.154
3.5.29.46
3.77.46.93
34.238.149.65
35.81.162.201
44.212.189.233
44.235.191.156
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0586ae8844d448a4b3fa723848f412629898d3656c0201e7e6f0e83352d5cdab
117b13905ae7b91788d5716a4d482171c0b40989f1ad8d4929bdb6dbe40c227a
11a92f958776c4c95db04e3dcdea3eaad69cb1bd45841f84dc9b328fe78ba280
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
1459039fa78fcee558ab332714ac77bd557beb609d86c97746dcf0471f43a87f
1a2321f7dff2850c092b8f7352cf7a71b05ee56ab0fdbe78b85ae89037ba4a97
1b48e398899a8426cc5a9279583ecc2eeea25d481709ce5dcb804dfb1a46cfee
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22fa14bdf4a3b6b14e9374c4a185ad44ea98012ed51bfd92f24bdefd52410255
2bcbba2022272dcbec9282d713b9075bbbc12dc2fb0efd3bd3f7771daf01c852
37f1b1d88a15ae12a472191ce44942c704f125830b745debc4806ca2b4e4badd
3d1194f451a35d5336f1b1d60e348d603398cf270e3f1cfbe909b2c34a4ca075
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4d31ff2c9d27ecacb1ebb22d236141c9a4fb9fb0a5acd0d2a718181f4bf5c286
4d3f8f15f838b9645eb4f5051f581508c0aefdd177db23724f159fb93ceab1cf
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6179974393162583edabf194073462712000fc96c82d4b9eccedf7aa9617b548
622cb32834d8b4001a0bec1c65a17615a31d1d450b4cc28cad86b86300b77bbc
6743f8c3fbcf15c12e02fe9bdee33c1cc85840833f0e71dbd9735f5c213ef1db
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
7c8ae6cc90f20043de022e2e35b8ed22eafbe6c24bda9b423768ff90d65e1f3f
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8d8248ff8ce378e9ab41660ad8402cc6426429d48f359d9acc551ed235d0319a
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
8f13473639eff12ad78ae3effa785c4cee8d8d71283c64f8cc03254ec2a0506b
8fe7da4826166c3f0b98756f7645d058a02832bcecd947cb67543f7c589e9200
92a4567d11a22ec4163591eec56bb782f2e3156dbec59150613a9c2600a73e64
93d7a44bbf8dc50ecfb59f05c8c5d3f035440eccf224151e3267b39bf116c486
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab972a81e19f97d90737865ad92632a6376d8ea63549ef6bf13a2cdaf6bceee8
ae389c5661e57546f9fc8cf48420f530c4e6f6108b038b0224225281038c673a
aeba694b57aaf915e325b81523fc3a2623e62fdfe4092e3a1f854adc9e2cfca4
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
b73de0a8fa02f78e0c85a4a93ae3c080719872da19835631bf69a59cfc57adf1
b959a75c57e26a848e5d7393fa67f91e2eb73339c21ccc5a4c2c89ac52d4c9ff
be6d37a7913385c4e09a232868c5a1f0640784332e51470450c9d6a26007a4ed
c234606ba5dd14df75dc68dfb8681c16a3116c1227197265e9b32853c44ce8f9
c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b
c8d1072717e9023d06d9ce88406e71b930a0075cd9d0cba724e5c52e2a39dfeb
cd54d74cbf62a7358e8ad6d7cfc287a5165080352258b188f5597db1d2753fd8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3e5763823363821ee2c7c6a6abadcc70e258f6eb02dbec29b84d02ce41b4764
d78cfd287306fa87bea13e81af7461ba54ed4e6f08f134e7fed037ffcade8c66
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a317fe45fe94f6d901f79f33f9a0b2e7eeb82b6eb22f8a2e387ce82be1431c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1606c6f03d456d2def969c5a70b53498a988239a4ccb56eab9671489fa9e2a
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ed113fceff057ace065ccb06b2770c5a6513a475ea3a569ebf32111c76df9723
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48906fd1b72fa402a11d6dc17f59e573a74c304a5e860c699c9891894726924
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.newson6.com Open in urlscan Pro 2600:9000:273b:1200:1c:8a47:ec00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

97 %HTTPS

46 %IPv6

22 Domains

28 Subdomains

28 IPs

4 Countries

1521 kBTransfer

5298 kBSize

14 Cookies

15 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newson6.com Open in urlscan Pro
2600:9000:273b:1200:1c:8a47:ec00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

97 %
HTTPS

46 %
IPv6

22
Domains

28
Subdomains

28
IPs

4
Countries

1521 kB
Transfer

5298 kB
Size

14
Cookies

68 HTTP transactions
0 data transactions