www.newson6.com Open in urlscan Pro
143.204.229.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Submission: On November 01 via api (November 1st 2021, 6:16:29 pm UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 27 domains to perform 132 HTTP transactions. The main IP is 143.204.229.125, located in United States and belongs to AMAZON-02, US. The main domain is www.newson6.com.
TLS certificate: Issued by Amazon on February 28th 2021. Valid for: a year.

This is the only time www.newson6.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	143.204.229.125 143.204.229.125	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2.16.107.105 2.16.107.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	54.231.128.26 54.231.128.26	16509 (AMAZON-02) (AMAZON-02)
9	104.16.57.230 104.16.57.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.114.208 151.101.114.208	54113 (FASTLY) (FASTLY)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
7	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
1	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
8	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	54.76.238.61 54.76.238.61	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
1	52.31.171.27 52.31.171.27	16509 (AMAZON-02) (AMAZON-02)
2 4	13.225.39.78 13.225.39.78	16509 (AMAZON-02) (AMAZON-02)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
3	104.85.1.65 104.85.1.65	16625 (AKAMAI-AS) (AKAMAI-AS)
20	13.225.39.73 13.225.39.73	16509 (AMAZON-02) (AMAZON-02)
1	52.0.221.38 52.0.221.38	14618 (AMAZON-AES) (AMAZON-AES)
3	52.217.193.73 52.217.193.73	16509 (AMAZON-02) (AMAZON-02)
4	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
1	52.30.148.69 52.30.148.69	16509 (AMAZON-02) (AMAZON-02)
1	13.225.39.54 13.225.39.54	16509 (AMAZON-02) (AMAZON-02)
1	104.85.1.154 104.85.1.154	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.215.150.19 3.215.150.19	14618 (AMAZON-AES) (AMAZON-AES)
7	3.217.216.1 3.217.216.1	14618 (AMAZON-AES) (AMAZON-AES)
3	54.144.244.112 54.144.244.112	14618 (AMAZON-AES) (AMAZON-AES)
2	35.227.246.163 35.227.246.163	15169 (GOOGLE) (GOOGLE)
7	3.226.102.122 3.226.102.122	14618 (AMAZON-AES) (AMAZON-AES)
1	50.17.45.48 50.17.45.48	14618 (AMAZON-AES) (AMAZON-AES)
1	35.227.201.248 35.227.201.248	15169 (GOOGLE) (GOOGLE)
1	172.67.193.230 172.67.193.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.16.61.230 104.16.61.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
132	35

14 143.204.229.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-229-125.cdg3.r.cloudfront.net

www.newson6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.107.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-105.deploy.static.akamaitechnologies.com

griffin-communications.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ntvcld-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.231.128.26 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

hot-town-images.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.57.230 (None, )

ASN13335 (CLOUDFLARENET, US)

redirect.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.208 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

images.newson6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.91.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.91.190.35.bc.googleusercontent.com

panickycurtain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.238.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-238-61.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.171.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-171-27.eu-west-1.compute.amazonaws.com

c.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.39.78 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-39-78.cdg3.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.85.1.65 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-1-65.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.225.39.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-39-73.cdg3.r.cloudfront.net

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.221.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-221-38.compute-1.amazonaws.com

baron.kotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.193.73 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

hot-town-closings.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hot-town-images.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.148.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-148-69.eu-west-1.compute.amazonaws.com

s.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.39.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-39-54.cdg3.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.1.154 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-1-154.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.215.150.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-150-19.compute-1.amazonaws.com

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.217.216.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-216-1.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.144.244.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-244-112.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.246.163 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 163.246.227.35.bc.googleusercontent.com

rdc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.226.102.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-102-122.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
interaction.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
notifications.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.45.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-45-48.compute-1.amazonaws.com

interaction.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.201.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.201.227.35.bc.googleusercontent.com

geoloc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.193.230 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.61.230 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	viafoura.net cdn.viafoura.net	290 KB
19	newson6.com www.newson6.com images.newson6.com	457 KB
14	viafoura.co api.viafoura.co livecomments.viafoura.co i.viafoura.co interaction.viafoura.co notifications.viafoura.co	8 KB
14	field59.com redirect.field59.com cdn.field59.com	761 KB
9	amazonaws.com hot-town-images.s3.us-east-1.amazonaws.com hot-town-closings.s3.amazonaws.com hot-town-images.s3.amazonaws.com	406 KB
8	gstatic.com fonts.gstatic.com	168 KB
7	postrelease.com jadserve.postrelease.com	6 KB
7	panickycurtain.com panickycurtain.com	248 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	1 KB
4	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	146 KB
3	m32.media rdc.m32.media geoloc.m32.media	18 KB
3	addthis.com s7.addthis.com m.addthis.com	140 KB
3	ntv.io s.ntv.io	116 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	jsrdn.com c.jsrdn.com s.jsrdn.com	27 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	getadmiral.com images.getadmiral.com	3 KB
1	addthisedge.com v1.addthisedge.com	207 B
1	akamaihd.net ntvcld-a.akamaihd.net	48 KB
1	moatads.com z.moatads.com	1 KB
1	quantcount.com rules.quantcount.com	428 B
1	quantserve.com secure.quantserve.com	10 KB
1	kotv.com baron.kotv.com	1 KB
1	adsafeprotected.com static.adsafeprotected.com	259 B
1	googletagmanager.com www.googletagmanager.com	57 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	18 KB
1	akamaized.net griffin-communications.akamaized.net	886 B
132	27

	Domain	Requested by
20	cdn.viafoura.net	www.newson6.com cdn.viafoura.net
14	www.newson6.com	www.newson6.com
9	redirect.field59.com	www.newson6.com
8	fonts.gstatic.com	fonts.googleapis.com
7	jadserve.postrelease.com	s.ntv.io www.newson6.com
7	panickycurtain.com	www.newson6.com panickycurtain.com
6	livecomments.viafoura.co	cdn.viafoura.net
6	hot-town-images.s3.us-east-1.amazonaws.com	www.newson6.com
5	cdn.field59.com	cdn.viafoura.net
5	images.newson6.com	www.newson6.com
4	sb.scorecardresearch.com	2 redirects www.newson6.com
3	api.viafoura.co	cdn.viafoura.net
3	s.ntv.io	www.newson6.com s.ntv.io
3	fonts.googleapis.com	www.newson6.com client panickycurtain.com
3	securepubads.g.doubleclick.net	www.newson6.com securepubads.g.doubleclick.net
2	hot-town-images.s3.amazonaws.com
2	interaction.viafoura.co	cdn.viafoura.net
2	i.viafoura.co
2	rdc.m32.media	cdn.viafoura.net rdc.m32.media
2	s7.addthis.com	www.newson6.com s7.addthis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	images.getadmiral.com
1	geoloc.m32.media	rdc.m32.media
1	notifications.viafoura.co	cdn.viafoura.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	ntvcld-a.akamaihd.net	www.newson6.com
1	z.moatads.com	s7.addthis.com
1	rules.quantcount.com	secure.quantserve.com
1	s.jsrdn.com	c.jsrdn.com
1	secure.quantserve.com	c.jsrdn.com
1	hot-town-closings.s3.amazonaws.com	www.newson6.com
1	baron.kotv.com	www.newson6.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.jsrdn.com	www.googletagmanager.com
1	static.adsafeprotected.com	www.newson6.com
1	www.googletagmanager.com	www.newson6.com
1	stackpath.bootstrapcdn.com	www.newson6.com
1	griffin-communications.akamaized.net	www.newson6.com
132	39

This site contains links to these domains. Also see Links.

Domain
reviews.newson6.com
workforcenow.adp.com
bullmarketmetals.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.google.com
griffincommunications.net
optout.aboutads.info
publicfiles.fcc.gov
www.news9.com
getadmiral.com

Subject Issuer	Validity	Valid
*.newson6.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.asharq.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
panickycurtain.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.jsrdn.com Amazon	`2020-12-16` - `2022-01-14`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
viafoura.com Amazon	`2021-10-07` - `2022-11-05`	a year	crt.sh
*.kotv.com Amazon	`2021-09-13` - `2022-10-12`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.m32.media Sectigo RSA Domain Validation Secure Server CA	`2020-11-18` - `2021-12-19`	a year	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2021-05-13` - `2022-05-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Frame ID: F4C0E48D42D72BD0D3D423E5001F3084
Requests: 125 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9FB059967D200C068DDBE06F9A30DC84
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F5A9FB5568A0639BEB08EF084265F45F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FBI: Man Dressed As Woman Robs Norman Arvest BankNews On 6 user-signalchecklistsettings-toggle-horizontal

Page Statistics

132
Requests

98 %
HTTPS

0 %
IPv6

27
Domains

39
Subdomains

35
IPs

6
Countries

2956 kB
Transfer

6864 kB
Size

24
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://reviews.newson6.com/
Title: Buying Guides

Search URL Search Domain Scan URL

URL: https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=54733210-d9a2-4046-a182-316ad78bb00a&lang=en_US&selectedMenuKey=CurrentOpenings
Title: Job Listings

Search URL Search Domain Scan URL

URL: https://bullmarketmetals.com/l/new-lithium-mine-in-teslas-backyard/de/?ntv_a=7w4HA32FQAtmEQA&prx_ro=s&ntv_acpl=1073590&ntv_acsc=2&ntv_gsscm=844*12;845*13;&us_privacy=1---&ntv_cr=0&ntv_fr

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NewsOn6/

Search URL Search Domain Scan URL

URL: https://twitter.com/NewsOn6

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newson6kotv/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheNewsOn6

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/News+On+6+KOTV/@36.160321,-95.9947127,17z/data=!3m1!4b1!4m5!3m4!1s0x87b6eb7fa4d01791:0xd95893ab6017140b!8m2!3d36.160321!4d-95.992524

Search URL Search Domain Scan URL

URL: http://griffincommunications.net/
Title: Griffin Communications.

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/#!/
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kotv-dt
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://www.news9.com/story/5f9af35232b26d4683a616e5/griffin-communications-fcc-license-application-posting
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.newson6.com&utm_medium=pb&session=4-83115546-adc10d1364ee5b23fdb62e922fe6a044-6763652d6575726f70652d7765737431-61802ef7-0
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://sb.scorecardresearch.com/b?c1=2&c2=15283051&ns__t=1635790582027&ns_c=UTF-8&c8=FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1635790582027&ns_c=UTF-8&c8=FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank&c9=

Request Chain 75

https://sb.scorecardresearch.com/c2/15283051/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fbi:-man-dressed-as-woman-robs-norman-arvest-bank Show response
www.newson6.com/story/5e35a7e283eff40362be764f/ 407 KB
70 KB 457ms
375ms Document
text/html 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

7f452962b4ac9584e280a517c945377609c6ef0a43a8087020bf62865db0a10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cache-control: public, max-age=200 no-cache="set-cookie"
content-encoding: gzip
date: Mon, 01 Nov 2021 18:16:21 GMT
etag: RXH8uZ4BD3694J6hxYrhsRw6ilM=
referrer-policy: same-origin
server: nginx/1.18.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C1
x-amz-cf-id: oRlH04D10X3THS8YhqQz8Eu8n5vZbXfD6DFSJ-i_sjmWTOATKPSq2Q==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 50ms
26ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

9e98de602014c431f28dec4b9230ba2b2242e9a36fa9b34b00f2569707121cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1031 / 355 of 1000 / last-modified: 1635789135"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27197
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 18:16:21 GMT

GET
H2 200 above-the-fold-bundle-kotv.css
www.newson6.com/css/ 209 KB
39 KB 233ms
232ms Stylesheet
text/css 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/css/above-the-fold-bundle-kotv.css?v=1635362535793

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

b7b3d5b795834653294afb1d987f3c690fec3dd2dd61ddc1e9368035b7e5b916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"345f9-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-timestamp: 1635790581623
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: TYV1tmKzTh-5uSumUcxangktQf9g2dwrR4haJlgKIoeKhLB5-GYbPA==

GET
H2 200 n6logo.svg
www.newson6.com/img/ 1 KB
2 KB 224ms
224ms Image
image/svg+xml 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newson6.com/img/n6logo.svg

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

5e7cb9da834946a345c5f9d60d0c406a6789fcd29b80ea3207fbdd8fcaae4e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"5b1-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-timestamp: 1635790581624
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: 0bFScaKFJE0baqnfDySMppka22Xi3KHATS8raTDAHreH_8B_tlLBiw==

GET
H2 200 n6logoLarge.svg
www.newson6.com/img/ 6 KB
3 KB 231ms
230ms Image
image/svg+xml 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newson6.com/img/n6logoLarge.svg

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

948d657f668ce87cd8b0ef38cb49191b377254366735a5cf23a1db9f614830aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 2078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"1626-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-timestamp: 1635790581632
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: L7zdGzc4dQtVOOgHxzYVXm6P3VfMaaqrQuej7Gz0zJQskwsGNSDI5w==

GET
H2 200 notStreaming.svg
www.newson6.com/img/ 363 B
1 KB 263ms
262ms Image
image/svg+xml 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newson6.com/img/notStreaming.svg

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

5e554a79c82d7292297617179cb1ce618b5fc41cb6440da1818d4e521337a186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 363
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"16b-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1635790581664
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: rDP_TZoUmZLDJYr9JQ7DkVN7VzVV3CQywTuH1HKY_kzBXOIMCqUMVw==

GET
H2 200 streaming.svg
www.newson6.com/img/ 419 B
1 KB 133ms
133ms Image
image/svg+xml 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newson6.com/img/streaming.svg

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

7afd1220823e11508d3f03c32dc889df0202be78768e5f19071f003276d54faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 419
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"1a3-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1635790581536
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: in1fArZU7AjetglqT7n7v7otl2iBQZO9JuyFa6oXvh-iaBOzM9apfw==

GET
H/1.1 200
OK cloudy.svg
griffin-communications.akamaized.net/baronIcons/day/ 534 B
886 B 498ms
432ms Image
image/svg+xml 2.16.107.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/baronIcons/day/cloudy.svg
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-105.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b991c1ea66dc32cad7cd6a7204502bb2f250bd6f572de06a875decfaf7abab90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:21 GMT
Last-Modified: Wed, 26 Jun 2019 16:04:35 GMT
Server: AkamaiNetStorage
ETag: "41d19645e397941aaea24db0fecae932:1580959042.855185"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 534

GET
H/1.1 200
OK fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-0.jpeg
hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/ 16 KB
17 KB 436ms
140ms Image
image/jpeg 54.231.128.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-0.jpeg?w=1050&h=590.617&fit=crop
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.128.26 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13dbe75b0ef0dae24d542596f865e3b397eacc51bfe170cf8b516c3e75e2da68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Last-Modified: Mon, 04 Oct 2021 18:52:04 GMT
Server: AmazonS3
x-amz-request-id: F52WM59Z0P1QBDTQ
ETag: "1e6f1aa87428b6502047f034bb8eb470"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 16643
x-amz-id-2: fK+FybA9KLijApru/KZkGMDQpOUBfeCxbQC9sVKdbHhPieACxS+tPWMI2MVCo7wpCjEQj3/PfYU=

GET
H/1.1 200
OK fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-1.jpeg
hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/ 19 KB
20 KB 417ms
121ms Image
image/jpeg 54.231.128.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-1.jpeg?w=1050&h=590.617&fit=crop
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.128.26 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fb10638a9c68030195c983f7275a19f7e1eda641be0125923372218f255a9c06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Last-Modified: Mon, 04 Oct 2021 18:52:04 GMT
Server: AmazonS3
x-amz-request-id: F52PKGJ0W2S7687T
ETag: "81ec25c6f5e8c2d41b63568e0be3aa3a"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 19925
x-amz-id-2: qo7MGerDsz0PmakXpCuqH8/jP7LvvWj2RThwfdYy+g0uIzn94dbE9ZztyVYNgxAZHv86ZJd7Pzk=

GET
H/1.1 200
OK fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-2.jpeg
hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/ 22 KB
23 KB 454ms
148ms Image
image/jpeg 54.231.128.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-2.jpeg?w=1050&h=590.617&fit=crop
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.128.26 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0b4e71e32c4757d57ec588bb8cdcf00d5be26f70ac15a8c4d5f5fe63f3adf88e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Last-Modified: Mon, 04 Oct 2021 18:52:04 GMT
Server: AmazonS3
x-amz-request-id: F52Q209Z0MQ51X0M
ETag: "f0dc47820a749a1d3352404bfb67417d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 22976
x-amz-id-2: T9BuQxXKaiH7nlL2YWY151IRhv8taNNOGxMMvtCC9B93dQwuAZQp2qrV9k1vh+RaK8VvPUwphoY=

GET
H/1.1 200
OK fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-3.jpeg
hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/ 39 KB
39 KB 463ms
154ms Image
image/jpeg 54.231.128.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-3.jpeg?w=1050&h=590.617&fit=crop
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.128.26 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8c097baab686fb069942a367234cfa9223cd0249c134137e50042a6eedee9615

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Last-Modified: Mon, 04 Oct 2021 18:52:04 GMT
Server: AmazonS3
x-amz-request-id: F52RHXJ91J5TD8AX
ETag: "977ecc53372e93e9e3a10f72f8164bac"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 40023
x-amz-id-2: NZVo7Ugw7iOl4zmHuof17lq85IYNNcFNoQ0jDlnSYmLf2Xo3eohW8NyvNveNfw0DJWsNexSLjvw=

GET
H/1.1 200
OK fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-4.jpeg
hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/ 41 KB
41 KB 491ms
160ms Image
image/jpeg 54.231.128.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-4.jpeg?w=1050&h=590.617&fit=crop
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.128.26 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0ec902adf3a487d332ada945bcb9edc28da7fcee152b2e25641a18ec512acfa5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Last-Modified: Mon, 04 Oct 2021 18:52:04 GMT
Server: AmazonS3
x-amz-request-id: F52SQHWBSP74K4ZH
ETag: "729040108a666afb310197eedde2876f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 41551
x-amz-id-2: hF7oqjZw3RWxV3h8wJXXEAIb3XJccM+gZoumiLzIFY55OnbmiRw2Pj/lPnQBLu+vDdmLVhFIfFM=

GET
H/1.1 200
OK fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-0.jpeg
hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/ 16 KB
17 KB 470ms
135ms Image
image/jpeg 54.231.128.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.us-east-1.amazonaws.com/kwtv/production/2013/September/27/fbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-0.jpeg
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.128.26 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13dbe75b0ef0dae24d542596f865e3b397eacc51bfe170cf8b516c3e75e2da68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Last-Modified: Mon, 04 Oct 2021 18:52:04 GMT
Server: AmazonS3
x-amz-request-id: F52TQ394KY2TP247
ETag: "1e6f1aa87428b6502047f034bb8eb470"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 16643
x-amz-id-2: cUPMHk+eXlPbK9aRru/zAPG11moZR/XtF3QRac5YjHAGmG2v4vfYfp9HxNC2EBPxi9MCJt+McNU=

GET
H2 200 h34
redirect.field59.com/video/thumb/1a97ad4cddaacc8b8c6200e14c76d40c5550630d/w60/ 1 KB
1 KB 247ms
186ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/1a97ad4cddaacc8b8c6200e14c76d40c5550630d/w60/h34
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80055b2b7f3dce2faba4e117e55c3b4a26a54771f81d24a6d16f9c1a6359d064

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-image-transform-time: 77.802ms
cf-cache-status: HIT
content-length: 1107
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.246ms
last-modified: Sun, 31 Oct 2021 22:14:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 07 Nov 2021 22:14:19 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6a771d1eacc527a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/1d92da75d508c8792d70b89493830a854a49065e/w60/ 967 B
1 KB 234ms
174ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/1d92da75d508c8792d70b89493830a854a49065e/w60/h34
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa4c8bd2d455b3556c4a1fd9bcc36dc69addd6956ec77885c67b808710357b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-image-transform-time: 32.768ms
cf-cache-status: HIT
content-length: 967
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 16.861ms
last-modified: Mon, 01 Nov 2021 02:18:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 08 Nov 2021 02:18:40 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6a771d1eacc727a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/cf16a14c9d5ecd4a951953fc52478b4e5d9b500a/w60/ 1 KB
1 KB 243ms
184ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/cf16a14c9d5ecd4a951953fc52478b4e5d9b500a/w60/h34
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37c50c5ce115e40bddf2a0469751eeaf52e131b7660094fab3794441835080c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-image-transform-time: 44.896ms
cf-cache-status: HIT
content-length: 1148
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.949ms
last-modified: Mon, 01 Nov 2021 11:53:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 08 Nov 2021 11:53:58 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6a771d1eacc627a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/0d0c18a8080186dd4b359745142e5d92022e78c6/w60/ 1 KB
2 KB 24ms
23ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/0d0c18a8080186dd4b359745142e5d92022e78c6/w60/h34
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87916883d2187d2ce227cbe2a46ecbe06e32f27f15337c9a0577d178e6ed0e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-image-transform-time: 68.653ms
cf-cache-status: HIT
age: 74436
content-length: 1123
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 11.963ms
last-modified: Sat, 30 Oct 2021 23:34:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 23:34:55 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6a771d1edd2c27a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/18991ad6e469e9d39ab750e92e8373ce1af0cd9c/w60/ 973 B
1 KB 147ms
146ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/18991ad6e469e9d39ab750e92e8373ce1af0cd9c/w60/h34
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddbcb199af70ab9d382a16df9fe4a2c1b3e02ca83e3609001d252074bcbbb6e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-image-transform-time: 89.237ms
cf-cache-status: HIT
content-length: 973
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.431ms
last-modified: Mon, 01 Nov 2021 10:53:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 08 Nov 2021 10:53:52 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6a771d1edd2e27a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/c2b90107f5d54df89341a9d07e80df06afc5e4d5/w60/ 965 B
1 KB 164ms
163ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/c2b90107f5d54df89341a9d07e80df06afc5e4d5/w60/h34
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a78773e715a6874a2470a2b3fcb6a26219b86cd7d81c988aea8e0d4e2d879285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-image-transform-time: 93.094ms
cf-cache-status: HIT
content-length: 965
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.112ms
last-modified: Mon, 01 Nov 2021 18:01:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 08 Nov 2021 18:01:43 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6a771d1edd3327a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H2 200 julius-jones-.1632160199752.jpeg
images.newson6.com/kwtv/production/2021/September/20/ 788 B
914 B 107ms
8ms Image
image/jpeg 151.101.114.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newson6.com/kwtv/production/2021/September/20/julius-jones-.1632160199752.jpeg?width=60&height=34&blur=2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cef97d8106c3f0eab840aa24eaf1f96be510cf96d258a30d2ceb89b0d96b1f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Nov 2021 17:35:29 GMT
server: imgix
age: 2442
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 3f3f1d8973bdf4af4c2221bcae99b983b819e870
accept-ranges: bytes
content-length: 788
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10049-SJC, cache-hhn4047-HHN

GET
H2 200 stephenie-pereff.1635788488438.jpeg
images.newson6.com/kotv/production/2021/November/1/ 1 KB
1 KB 108ms
9ms Image
image/jpeg 151.101.114.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newson6.com/kotv/production/2021/November/1/stephenie-pereff.1635788488438.jpeg?width=60&height=34&blur=2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d65ea213ded3bd6f4608d4f677fe4bf0dbd82f2bb049d1694d1d946171503ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Nov 2021 17:41:36 GMT
server: imgix
age: 2070
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: fffa2fa59080fe8dd5bfbf5009c95710e7e962fc
accept-ranges: bytes
content-length: 1319
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10063-SJC, cache-hhn4047-HHN

GET
H2 200 fa-solid-900.woff2
www.newson6.com/webfonts/ 74 KB
75 KB 252ms
252ms Font
font/woff2 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/webfonts/fa-solid-900.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
content-length: 76084
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"12934-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1635790581677
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: MMYMfA6dmYi_tCxkOEAJo4RPMazYaEu1U8vX5taXOToDmLZGBji9mQ==

GET
H2 200 glyphicons-halflings-regular.woff2
stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 80ms
45ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newson6.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 7302308
cdn-cachedat: 2021-07-24 16:51:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2f2fdf772c621fbba204c6b0db0b6ee8
accept-ranges: bytes
cf-ray: 6a771d1e8f0e4119-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 us-supreme-court.1594046323111.jpeg
images.newson6.com/kotv/production/2020/July/6/ 1 KB
1 KB 151ms
7ms Image
image/jpeg 151.101.114.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newson6.com/kotv/production/2020/July/6/us-supreme-court.1594046323111.jpeg?width=60&height=34&blur=2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e679b64f976d44338579dad28fbdcd68f6d9ee9890e25d3f9bf92f3d63056c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Nov 2021 08:10:18 GMT
server: imgix
age: 36355
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 360bd508578c0a72c12144a190fae5d95fe8364e
accept-ranges: bytes
content-length: 1076
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10039-SJC, cache-hhn4047-HHN

GET
H2 200 human-remains-found-tulsa-co-sheriffs-office-oct-31-2021.1635699319647.jpeg
images.newson6.com/kotv/production/2021/October/31/ 1008 B
1 KB 152ms
9ms Image
image/jpeg 151.101.114.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newson6.com/kotv/production/2021/October/31/human-remains-found-tulsa-co-sheriffs-office-oct-31-2021.1635699319647.jpeg?width=60&height=34&blur=2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

335f03defb127880765128bcb89271f934c713f5dc42267a4194942abec0de71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Oct 2021 16:55:43 GMT
server: imgix
age: 91234
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: fbfd5b2a6e5d4afbafa5ea441ed76f81909ea929
accept-ranges: bytes
content-length: 1008
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10082-SJC, cache-hhn4047-HHN

GET
H2 200 1794-total-coronavirus-cases-in-oklahoma-88-virusrelated-deaths-reported-osdh-says.1585577464000-0.jpeg
images.newson6.com/kotv/production/2020/March/30/ 1 KB
1 KB 151ms
8ms Image
image/jpeg 151.101.114.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newson6.com/kotv/production/2020/March/30/1794-total-coronavirus-cases-in-oklahoma-88-virusrelated-deaths-reported-osdh-says.1585577464000-0.jpeg?width=60&height=34&blur=2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9ed29d813147d3161c57ef5efd2c9de699f896864a277af778b45622b36192bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 16:47:31 GMT
server: imgix
age: 610130
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: ecacda1fbde5d65f76aee113c9c1d1778ed40be0
accept-ranges: bytes
content-length: 1178
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10055-SJC, cache-hhn4047-HHN

GET
H2 200 below-the-fold-bundle-kotv.css
www.newson6.com/css/ 90 KB
16 KB 226ms
226ms Stylesheet
text/css 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/css/below-the-fold-bundle-kotv.css?v=1635362535793

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

fd9f7ecd27ea85e0bc386502ef788a970d923c8f698f9608ca672213efdd396d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"16644-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-timestamp: 1635790581688
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: SqvWjbgTjQERMalZBp-nmy88hdlg-FmoaIEz3LUNPW2u6H0Oykcs5g==

GET
H2 200 bundle-kotv-production.js Show response
www.newson6.com/js/ 381 KB
113 KB 366ms
366ms Script
application/javascript 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/bundle-kotv-production.js?v=1635362535793

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

e58f25313ee7f6f12f012d487020babbe6b21c8feddc747ea090070ea3a4f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"5f3c3-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-timestamp: 1635790581826
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: unZ-Q-m37cV3vYBGPKwugwgNydJEG3ZpyqiMuzK9u4Q47hMwhlAM6Q==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 39ms
16ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 17:29:35 GMT
server: ESF
date: Mon, 01 Nov 2021 18:16:21 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 01 Nov 2021 18:16:21 GMT

GET
H2 200 jquery.min.js Show response
www.newson6.com/js/ 85 KB
30 KB 216ms
216ms Script
application/javascript 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/jquery.min.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"15283-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-timestamp: 1635790581680
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: T9l1tYiY6xz6vTRd5HfRQVCNVBFAOq8yl8tGNWa9RJjRaJ1J6nOJ9A==

GET
H2 200 bootstrap.min.js Show response
www.newson6.com/js/ 36 KB
10 KB 222ms
221ms Script
application/javascript 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/bootstrap.min.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"90b5-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-timestamp: 1635790581684
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: bXqBNiB0aGG89SQaw5i_UNnT2ms4Q8J50sdbQ-ac52wufAVBGcfIZw==

GET
H2 200 fa-brands-400.woff2
www.newson6.com/webfonts/ 74 KB
75 KB 223ms
222ms Font
font/woff2 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/webfonts/fa-brands-400.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
content-length: 75936
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"128a0-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1635790581705
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: daj62O5GZ-AbEupvhOyUQIN8fa5ej6H4cRetmhB_TZGpv5ehIdITGA==

GET
H2 200 fa-regular-400.woff2
www.newson6.com/webfonts/ 13 KB
14 KB 212ms
212ms Font
font/woff2 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/webfonts/fa-regular-400.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
content-length: 13576
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"3508-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1635790581696
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: vDXq0Q0cD5RFYSYRxu827_TMC8XCls8OcSP-xgdJ5gMW92E22pO3dQ==

GET
H2 200 v2lrx_fzyb9STCK81av0tjrSM9YSI6-goDAUVamxHtNhfMSSK9HoqirXy-5Ugl6Gv Show response
panickycurtain.com/ 642 KB
115 KB 70ms
35ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://panickycurtain.com/v2lrx_fzyb9STCK81av0tjrSM9YSI6-goDAUVamxHtNhfMSSK9HoqirXy-5Ugl6Gv

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

3fe37bc63d36548f367d1c90ec8b013da6e53fdb7881b27b98a8539901ba880b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "4b69bd034fbf92be6a6f019e98275d26f3d8a3ca25ea35a7cec5f9821764356b"
vary: Accept-Encoding, Accept-Language
x-hostname: c984a0b3
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 01 Nov 2021 18:16:21 GMT
timing-allow-origin: *

GET
H2 200 v2wycghrGKK1VkfXJ19y_pDej_-NUjkLTLQBfJNOwD6dsFoSiuObUlqa783zlV9WUFSyQ0rRCPJR5LT2h0A Show response
panickycurtain.com/ 16 KB
6 KB 20ms
17ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://panickycurtain.com/v2wycghrGKK1VkfXJ19y_pDej_-NUjkLTLQBfJNOwD6dsFoSiuObUlqa783zlV9WUFSyQ0rRCPJR5LT2h0A

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

e67299a8b7bcba813bd1cffc1f2b3798113fd9df57783f433fa077ab64196db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "313b6b767dace28d5eb0c58b2e450ccd092241857466111b4ca6265fa74e8dcd"
vary: Accept-Encoding, Accept-Language
x-hostname: c984a0b3
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 01 Nov 2021 18:16:21 GMT
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
57 KB 51ms
28ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

bd76d7e259facc62e024dc96a67ff7433e3310d94afb7b1a2ef9c40e50061841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57818
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Nov 2021 18:16:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 33ms
7ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 2924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 17:27:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 34ms
11ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 348004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 17:36:17 GMT

GET
H2 200 pubads_impl_2021102801.js Show response
securepubads.g.doubleclick.net/gpt/ 350 KB
118 KB 16ms
14ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120786
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 18:16:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 179 B
143 B 30ms
16ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newson6.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

855e749fea9b063b42a2061c3bb0296f34fa9eedb24dedc1af9f84af4638e0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 18:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118
x-xss-protection: 0
expires: Mon, 01 Nov 2021 18:16:21 GMT

GET
H2 200 acv.json Show response
panickycurtain.com/ 210 KB
46 KB 46ms
20ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://panickycurtain.com/acv.json

Requested by

Host: panickycurtain.com
URL: https://panickycurtain.com/v2lrx_fzyb9STCK81av0tjrSM9YSI6-goDAUVamxHtNhfMSSK9HoqirXy-5Ugl6Gv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
last-modified: Wed, 25 Aug 2021 16:19:36 GMT
x-datacenter: gce-europe-west1
date: Mon, 01 Nov 2021 18:16:22 GMT
vary: Accept-Encoding, Origin
x-hostname: c984a0b3
content-type: application/json
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
259 B 114ms
33ms Image
image/gif 54.76.238.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.238.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-238-61.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 22614222
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 51ms
14ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 916
date: Mon, 01 Nov 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 01 Nov 2021 20:01:06 GMT

GET
H/1.1 200
OK cs.js Show response
c.jsrdn.com/s/ 82 KB
27 KB 155ms
59ms Script
text/javascript 52.31.171.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jsrdn.com/s/cs.js?p=22999
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.171.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-171-27.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 8d59f2c7986bc73bf37e3da9d7d9a0cbf7686dede1cb5a1649c43569848bde6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Sep 2021 07:57:24 GMT
Server: Apache
ETag: "40b88-146b6-5cb12a657a349"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 27163

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15283051&ns__t=1635790582027&ns_c=UTF-8&c8=FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1635790582027&ns_c=UTF-8&c8=FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2...

64 B
330 B

28ms
27ms

Image
image/gif

13.225.39.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1635790582027&ns_c=UTF-8&c8=FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank&c9=
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Server: 13.225.39.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-78.cdg3.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
via: 1.1 7ed8bfca040de3b276333e3442676bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: gxjvXnkRJ5BJKlBD_2jX06jyrQwdXYkB3r7ZNg96Mmg3ppP0DAr6WA==

Redirect headers

date: Mon, 01 Nov 2021 18:16:22 GMT
via: 1.1 7ed8bfca040de3b276333e3442676bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1635790582027&ns_c=UTF-8&c8=FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank&c9=
content-length: 302
x-amz-cf-id: hHoFzZA4yj2FTeVtRwsPCYaYXsdpHwJ_BLy6N-Xjls6-DIMm6Wa1yA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 42ms
20ms XHR
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=68252538&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newson6.com%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank&ul=en-us&de=UTF-8&dt=FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1522867960&gjid=279326109&cid=348739384.1635790582&tid=UA-572554-5&_gid=738432294.1635790582&_r=1&gtm=2wgar0NXTXTZN&z=219597765

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 66ms
22ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-572554-5&cid=348739384.1635790582&jid=1522867960&gjid=279326109&_gid=738432294.1635790582&_u=YEBAAEAAAAAAAC~&z=1568986671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 01 Nov 2021 18:16:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 387 KB
113 KB 76ms
31ms Script
application/x-javascript 104.85.1.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1635362535793
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.65 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-65.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Content-Encoding: gzip
x-amz-request-id: 895YGEHZ0XX5X9XB
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: OdrLrhSNCc3tSvivPKKV5TRYXMY5gVIhDF1MSmw/wCAvGKcjZYf1xuCh6l3hZMcVEGrZ+AlA8ek=
Last-Modified: Fri, 08 Oct 2021 20:59:32 GMT
Server: AmazonS3
ETag: "5cac4cabadee93ec669a5ded971f5756"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 646 KB
152 KB 64ms
19ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1635362535793
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d33c2cf7ab89a1bc3b63208592daddf131c95fed75758ae5b21d3987df46296

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: S51DRynjGkKO3Zreo7z9PUrNW.JUdQ9s
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:37 GMT
server: AmazonS3
age: 268
etag: W/"79e6a135c15546c8c3b71a596a98567e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 01 Nov 2021 18:11:55 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: KS0PheqJGM5ex6v8y1VqVw8IklcHQRKD24FarHFQiSmwCkhZ96QdAA==

GET
H2 200 zipInput.ejs Show response
www.newson6.com/views/partials/ 648 B
1 KB 214ms
213ms XHR
application/octet-stream 143.204.229.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/views/partials/zipInput.ejs

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1635362535793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.229.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-229-125.cdg3.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

320e48973b75574afce198236b2ee06ff1a93843f870334dba25cd7f837af6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
via: 1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
content-length: 648
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 27 Oct 2021 21:32:55 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"288-17cc3ab9758"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: dWhNGqRyB2iKvAXtyiFx_2BO2cbqshVEQoF82mdopFnuGH4CgtnkBQ==

GET
H/1.1 200
OK 74120 Show response
baron.kotv.com/reports/metar/zip/ 1 KB
1 KB 443ms
107ms XHR
application/json 52.0.221.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baron.kotv.com/reports/metar/zip/74120
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1635362535793
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.221.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-221-38.compute-1.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: 891d3cdd44a23dcd3a8f7a73c31e516030f08b5edd47be58d61bd3e9c73ca2c7

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Content-Encoding: gzip
ETag: W/"4d4-jn4eIHMAYvhmb/aXkXTevWZUTHY"
Server: nginx/1.12.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=60
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 694

GET
H/1.1 200
OK kotv-production.js Show response
hot-town-closings.s3.amazonaws.com/ 2 B
507 B 416ms
108ms XHR
application/json 52.217.193.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hot-town-closings.s3.amazonaws.com/kotv-production.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1635362535793
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.193.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:23 GMT
Last-Modified: Mon, 01 Nov 2021 18:13:46 GMT
Server: AmazonS3
x-amz-request-id: 99K23J7V1MCT8C64
ETag: "d751713988987e9331980363e24189ce"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 2
x-amz-id-2: ygACDqsKfmuNLQqqmNUq6Ljd5hr7VCQybbxPXNVg1TLc3TCrfKCDVyVYGWMG1cr9/U3lFtvbVkI=

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 58ms
12ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1635362535793

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 01 Nov 2021 18:16:22 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 h180
redirect.field59.com/video/thumb/1a97ad4cddaacc8b8c6200e14c76d40c5550630d/w320/ 13 KB
13 KB 148ms
147ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/1a97ad4cddaacc8b8c6200e14c76d40c5550630d/w320/h180
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa896bf56a07c9b912d90d39ace3a810eadf603cecfbc6d732664e65ea23e2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
x-image-transform-time: 65.677ms
cf-cache-status: HIT
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 13.396ms
last-modified: Sun, 31 Oct 2021 22:19:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 07 Nov 2021 22:19:59 GMT
cache-control: max-age=604800, public, s-maxage=604800
cf-ray: 6a771d22de3c27a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H2 200 h180
redirect.field59.com/video/thumb/1d92da75d508c8792d70b89493830a854a49065e/w320/ 11 KB
11 KB 138ms
138ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/1d92da75d508c8792d70b89493830a854a49065e/w320/h180
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b91a383c9c098ccfec9a73928a6b7dabd9f98d900cac447d40e689fac93fe5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
x-image-transform-time: 42.458ms
cf-cache-status: HIT
content-length: 11383
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.352ms
last-modified: Mon, 01 Nov 2021 13:18:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 08 Nov 2021 13:18:31 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6a771d22de3e27a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 42ms
14ms Script
application/javascript 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22999
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
content-encoding: gzip
etag: "f5gpBRZmwYYTVm3LkZ0l2w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 08 Nov 2021 18:16:22 GMT

GET
H/1.1 200
OK 1.js Show response
s.jsrdn.com/s/ 0
563 B 179ms
76ms Script
text/javascript 52.30.148.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.jsrdn.com/s/1.js?p=22999&r=r34l&k=dmMJMjAyMTAxMjUJdQkyNmEzN2ZlNS1hMzE2LTRkNzAtOWE3OC05MWRkY2Q1ODhlMGIJdW4JMQl2CTI2N2Y0NGQyLTAxNmMtNGMyNi05OTMwLTAyNjExYjNkOTIyNwl0Zwljcy5qcwlidAkyMDIxLTExLTAxVDE4OjE2OjIyKzAwOjAwCWRjCXV0Zi04CWJsCWVuLXVzCWJmCTMJZHcJMTYwMAlkaAkxMjAwCWJjCTEJYnAJMQliZAkyNAlidwkxNjAwCWJoCTEyMDAJZglodHRwczovL3d3dy5uZXdzb242LmNvbS9zdG9yeS81ZTM1YTdlMjgzZWZmNDAzNjJiZTc2NGYvZmJpOi1tYW4tZHJlc3NlZC1hcy13b21hbi1yb2JzLW5vcm1hbi1hcnZlc3QtYmFuawl1ZAkJcGIJMAlwdgkwCXBxCTAJY3cJCWFjcgl1bmRlZmluZWQJZHIJCWt3CWZiaSBtYW4gZHJlc3NlZCB3b21hbiByb2JzIG5vcm1hbiBhcnZlc3QgYmFuawlwcmYJdW5kZWZpbmVk
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22999
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.148.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-148-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 18:16:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 20
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rules-p-w9vzu-sGKCA0U.js Show response
rules.quantcount.com/ 3 B
428 B 61ms
15ms Script
application/javascript 13.225.39.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-w9vzu-sGKCA0U.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-54.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 03:10:41 GMT
via: 1.1 f46632dd252c85fed57bcf18d61d8545.cloudfront.net (CloudFront)
age: 54342
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:22:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
x-amz-cf-id: FygkEDSl7ZdtNLk__fLmpqWjEzAb13xbb8K796bEf6CpU_iNlh59Fg==

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 56ms
13ms Script
application/x-javascript 104.85.1.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.154 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: C837A48B2C34EE56
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=36292
accept-ranges: bytes
content-length: 948
x-amz-id-2: Dl95LInGfb+/e1pJjUIJZHBdqqnQR5kAoOKx/bgx79sAoLcQhhni+BFzg0LbdHAlPM1lV3GPvgg=

OPTIONS
H2 204 v2
api.viafoura.co/v2/www.newson6.com/bootstrap/ Frame 0
0 417ms
100ms Preflight 3.215.150.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.newson6.com/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.150.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-150-19.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
server: nginx/1.18.0 (Ubuntu)
expires: Mon, 01 Nov 2021 18:16:22 GMT
cache-control: max-age=0
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-max-age: 1728000

POST
H2 200 v2 Show response
api.viafoura.co/v2/www.newson6.com/bootstrap/ 6 KB
3 KB 303ms
108ms XHR
application/json 3.215.150.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.newson6.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.150.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-150-19.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a7f099835f738032de22a0c3d0653de9cde89d7012ded2f9875f98f936ec109

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-01cb0608b02fde073
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newson6.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Mon, 01 Nov 2021 18:16:23 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 18 KB
4 KB 540ms
236ms Script
text/javascript 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newson6.com%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 293711855cf5e1c16d5c205d296740c1bf59067ce8ca316e4d473fe06ac993cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:22 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 3594
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 h180
redirect.field59.com/video/thumb/cf16a14c9d5ecd4a951953fc52478b4e5d9b500a/w320/ 16 KB
16 KB 144ms
143ms Image
image/jpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/cf16a14c9d5ecd4a951953fc52478b4e5d9b500a/w320/h180
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcbff4a2b57d380d43151e9ee217a44f435a0e022cd54b1041a2460381a72915

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:22 GMT
x-image-transform-time: 51.251ms
cf-cache-status: HIT
content-length: 16163
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 11.98ms
last-modified: Mon, 01 Nov 2021 10:08:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 08 Nov 2021 10:08:11 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6a771d24088d27a0-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: h2pri

GET
H/1.1 200
OK click-out-icon.css
s.ntv.io/css/ 618 B
1 KB 13ms
13ms Stylesheet
text/css 104.85.1.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/css/click-out-icon.css
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.65 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-65.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Last-Modified: Wed, 13 Sep 2017 22:37:26 GMT
Server: AmazonS3
x-amz-request-id: BW4WCP8H6P9Y4KDG
ETag: "43c31858c9aac81661d142577cb1fc68"
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 618
x-amz-id-2: do5q7upM44pQ7SvRhh+fnZkUGDrS1S/2NT5mIaSqSXgQyLZr8bDjE00fXJr0HeMpW8VYhazenNM=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 99ms
98ms Image
image/gif 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=9216545&ntv_pl=1073590
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:22 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK EA5AFA08D98640F5BEBA7E2B9D4E8FAC.png
ntvcld-a.akamaihd.net/image/upload/w_600,h_338,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/ 47 KB
48 KB 64ms
9ms Image
image/webp 2.16.107.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvcld-a.akamaihd.net/image/upload/w_600,h_338,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/EA5AFA08D98640F5BEBA7E2B9D4E8FAC.png
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-105.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 26cf9cb3feb5dbbb0f12d3f70eeaf04b59097cea94417b78fb659d59c955b8fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
X-Check-Cacheable: YES
X-Serial: 452
ETag: "cba7b8272c275481e860ce9332539b14"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=972586
Last-Modified: Thu, 14 Oct 2021 00:26:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 48450
Server: Akamai Image Manager
Expires: Sat, 13 Nov 2021 00:26:08 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 101ms
100ms Image
image/gif 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=869233a9-d4bd-4835-84de-acbddd397cad&ntv_a=7w4HA32FQAtmEQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWY6-iIEK_9c8Ht7aKVfqS6zWbclSbW_MS0ptUCQx8s8mCUrdPFGfgcJqAv68ZXZDd9onyb46MiHuYZ5MzM4xjFV4C0gZkL-hElZS6quncFuUSj82ikmotzSQ0WdI5-pJuqEx0TuRc5Z2p_krjtTVEUqIWgUPAtW5B_lWkOYTNMy4SN7IEa9ZMAwRt2HV58y9dM4SfyplLGpar_wIT3cWodb8-XOGC4ZY2zG3trH4QSDAcWkN-ZMIJJHLENm6cGFopr7GH8APNrh9eJQS_TYiRsMyAw1dQGI2-jeNm0L3u3c7&ord=-1696497556&ntv_ht=9i6AYQA&ntv_tad=16&ntv_it
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:22 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 99ms
99ms Image
image/gif 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=c76ae45f-b866-45df-acb0-7cf5cff50547&ntv_fl=CF4se3gYGjAPzQcMJoAeWS8Qjt_fdw3Y51WnkKFJB14qcITlIyN3NF2lX-GDrpfYwRYb75-fok-hg818H7N5w3kuVDZByj0sIxJrf3dsi6CahHjG-aQ0hPzs8Er-YaRfPfhxUOMDsK_fE5jWWYeEXoffYsSJx1tSbNzBl9Zgooa5H5F80YHQLmrn2t7Tec9Q3N1H9hnJO-pLzgZm7QbO7fZG4dlZfP5lgkeqoZyjlwycV4SxJ3ACaum9baXSBHcj4LQUyxlDLZYPAM5FOG0MMGtNKedPmAUw4S-TW124ZQSvHkqGwDrXNP70aRgA_RDs&ntv_ht=9i6AYQA&ntv_at=303&ntv_a=AAAAAAAAAA5h0RA&ord=1635790582925&ntv_dpl=1028,1029,1034,1003,1006,1007,1041,1009,1011,1016,1050,1019,101951&ntv_it
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:22 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 99ms
98ms Image
image/gif 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1121767&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:22 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK click-out-icon.ttf
s.ntv.io/font/ 1 KB
2 KB 39ms
13ms Font
application/octet-stream 104.85.1.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/font/click-out-icon.ttf?sjshwd
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/css/click-out-icon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.65 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-65.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d

Request headers

Referer: https://s.ntv.io/css/click-out-icon.css
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:22 GMT
Last-Modified: Tue, 04 Oct 2016 00:20:40 GMT
Server: AmazonS3
x-amz-request-id: 8D9FBE93A9B6FB1B
ETag: "f587575d5d6dc5e7dc296da77fb11396"
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1092
x-amz-id-2: ICUtmwyDSe4Lp3mPfRcwomdSJAo+VDA42P0Fmnl+j5j+/qWXx0gpEgiYa2iVNFudbDY9Gf407RI=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/a-5829bef557ca5f49/ 27 B
207 B 130ms
129ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/a-5829bef557ca5f49/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
content-disposition: attachment; filename=1.txt
cache-control: public, max-age=26, s-maxage=86400
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 168ms
151ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61802ef60e43d2d5&bkl=0&bl=1&pdt=1380&sid=61802ef60e43d2d5&pub=a-5829bef557ca5f49&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newson6.com&fp=story%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1635790583040&jsl=4097&uvs=61802ef62f19f708000&skipb=1&callback=addthis.cbs.jsonp__74789452738940090
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929c27d636b5dcaf59021416c87657514e619cf5a5515812fa81f8404845c2fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:23 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9FB0 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame F5A9 71 KB
26 KB 32ms
32ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 01 Nov 2021 18:16:23 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

POST
H2 200 v2xraijNQlrTTwx1oc0n5DH_7RQWogMIHwQHRiJcm8_JIMUOwxzLv120iTVPxM_FUwoAkQxoBJZK1FBzBGg Show response
panickycurtain.com/ 216 B
347 B 17ms
17ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://panickycurtain.com/v2xraijNQlrTTwx1oc0n5DH_7RQWogMIHwQHRiJcm8_JIMUOwxzLv120iTVPxM_FUwoAkQxoBJZK1FBzBGg

Requested by

Host: panickycurtain.com
URL: https://panickycurtain.com/v2lrx_fzyb9STCK81av0tjrSM9YSI6-goDAUVamxHtNhfMSSK9HoqirXy-5Ugl6Gv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

59ee8eeb8e7ecb8d481595be4d84cc18177a625e9dc3ba61e2bd501d3eaf3b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 01 Nov 2021 18:16:23 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: c984a0b3
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Mon, 01 Nov 2021 18:16:22 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/15283051/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

15ms
15ms

Script
application/javascript

13.225.39.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.225.39.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-78.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:09:51 GMT
via: 1.1 7ed8bfca040de3b276333e3442676bf5.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: HcS_EaD6vm3Rmbyf2bFlYQfY8svE9ijnEMGoG6HvjqWxuY2yVdLaxg==

Redirect headers

date: Mon, 01 Nov 2021 18:16:23 GMT
via: 1.1 7ed8bfca040de3b276333e3442676bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: 6NZ5_FJhDp1knQBTDEwBFLMKCrlPOnfBPSE3PypBUuaaYhNBM3Ew1A==

POST
H2 200 v2daf-NaBg1FeYcYJNieHRMs6AUSKOWpMTbvOU6FKrlJeMUcjf53MDtiGG90Ux7kTe-mGp7P2tOFBaUtfgQ Show response
panickycurtain.com/ 2 KB
805 B 358ms
357ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://panickycurtain.com/v2daf-NaBg1FeYcYJNieHRMs6AUSKOWpMTbvOU6FKrlJeMUcjf53MDtiGG90Ux7kTe-mGp7P2tOFBaUtfgQ

Requested by

Host: panickycurtain.com
URL: https://panickycurtain.com/v2lrx_fzyb9STCK81av0tjrSM9YSI6-goDAUVamxHtNhfMSSK9HoqirXy-5Ugl6Gv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

31f59519907f7aeb3a203fe5fbfe53678b10c800aa2e94d5f362d8fb9bc7e25d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
date: Mon, 01 Nov 2021 18:16:23 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
x-hostname: c984a0b3
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 765

GET
H2 200 thirdpartycookie Show response
api.viafoura.co/v2/www.newson6.com/ 45 B
648 B 103ms
102ms XHR
application/json 3.215.150.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.newson6.com/thirdpartycookie?section=
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.150.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-150-19.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-0ecffe934bdc58d77
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newson6.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Mon, 01 Nov 2021 18:16:23 GMT

GET
H2 200 intl-messageformat.241b3ddcbf4c398d552d.js Show response
cdn.viafoura.net/chunks/vendors~languages/ 17 KB
5 KB 16ms
16ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.241b3ddcbf4c398d552d.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8ea3e73c00e6e4899c0108c5312a5a3106df1207f33b5eb9c0c28fae1bcb227

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:12 GMT
server: AmazonS3
age: 866617
etag: W/"c9bee626f49ba33f17f4a1e77a411779"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: jm1WG7U9TuBfEXX4kc8YFeXurdjl4poM
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ku753b-sDFJgb0UwrOajP0gqglV4u0jvTNiPapaAQsqUpN2UcVVjOQ==

GET
H2 200 intl-messageformat.7531e34eb21a56cb8857.js Show response
cdn.viafoura.net/chunks/languages/ 134 B
560 B 16ms
16ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/intl-messageformat.7531e34eb21a56cb8857.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9cc6dc91e403e1e3074b4be21de296a1b6c9aaac1a10442750292f9ba93c0b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
last-modified: Fri, 22 Oct 2021 17:32:22 GMT
server: AmazonS3
age: 866617
etag: "7e0fbb4a5341b96962d412e9950be6fa"
x-cache: Hit from cloudfront
x-amz-version-id: gLyJuZCSrGOsDB671zR_At9YtwF8ukuM
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 134
x-amz-cf-id: Qn25as2S7Z0SyjrhWO67r1I2dS5hpmwY2Rsc8w7Ii4IvlcNc-OcQng==

GET
H2 200 en-us-base-json.8e3f09499a6a1a45d1d1.js Show response
cdn.viafoura.net/chunks/languages/ 19 KB
5 KB 37ms
37ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-base-json.8e3f09499a6a1a45d1d1.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e10d3681e147d112ef1c20c0cdafb283ca74c0d9f0cf9a2e11e768d5d1b4c835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:12 GMT
server: AmazonS3
age: 866617
etag: W/"22725bb5750955cf2fc8aee36b3b407b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: U_vbqXB2BNzY2hw3P18O.5USLK2cxes6
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: oyuJdpSnHwmpirSKdb7PKjbNG_sDG4yPM4kfNyIOXVKs2zhCHoGW-w==

GET
H2 200 vf-css.61dffeb0e9108adedd67.js Show response
cdn.viafoura.net/chunks/ 119 KB
17 KB 32ms
32ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vf-css.61dffeb0e9108adedd67.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c104d2168e37a46310e8694024cd18a844f802c467d9979d0718ef38004cc964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:26 GMT
server: AmazonS3
age: 866617
etag: W/"a03bbaf5852ba3a7d6a716ab7167db27"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 7mS_ugHf7DUS9nh_dYVHMz3jeP1OMfD9
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: AxHwRtB5BYD3gGFxgulds9A6L4raujcFcFmXgHP6k5Dkr-qxoM5hhQ==

OPTIONS
H2 200 id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/contentcontainer/ Frame 0
0 291ms
95ms Preflight 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/contentcontainer/id?container_id=story-5e35a7e283eff40362be764f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.newson6.com
access-control-allow-methods: POST,PUT,GET,DELETE,PATCH
access-control-allow-headers: content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age: 43200

GET
H3 200 css
fonts.googleapis.com/ 16 KB
953 B 31ms
16ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 17:36:14 GMT
server: ESF
date: Mon, 01 Nov 2021 18:16:23 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 01 Nov 2021 18:16:23 GMT

GET
H2 200 0.14315e14057ef1169f50.css
cdn.viafoura.net/ 85 KB
10 KB 19ms
19ms Stylesheet
text/css 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/0.14315e14057ef1169f50.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ec855206935e32d9ad48b5919e4c66b5f4366e04ab07fdade79bab9ff58033c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:37 GMT
server: AmazonS3
age: 866617
etag: W/"e49f659039883c906a18c5cf42510824"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: kQ1mIIpcdjKa3XhwrrZGqN5v9e31POst
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: CDG3-C2
content-type: text/css; charset=utf-8
x-amz-cf-id: 0rw5ICgd1fuhiTu_g1qw0XUqwE9ZXJKH-5kxMMvDo_2JYdPvfJceuQ==

GET
H2 200 da.8b6a506980d2b3cafacc.js Show response
cdn.viafoura.net/chunks/ 143 KB
34 KB 20ms
20ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/da.8b6a506980d2b3cafacc.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0652199d4e4d43ee8bc746aa071aa2b1685749bc3d310a031a96c81f697b2fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:30 GMT
server: AmazonS3
age: 866617
etag: W/"c1917a7e4cae8be08868a47b60162b99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 1uvlRI.09sYoK1ZjFjMElT067fqdhFCe
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: H7JiPSvPMavpvaMYZAgSn0fop7otZ2bc_hes0U5nZcRZ7fLn8RKGWA==

GET
H2 200 126.8b79879f3451251f1383.css
cdn.viafoura.net/ 1 KB
944 B 23ms
22ms Stylesheet
text/css 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/126.8b79879f3451251f1383.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c638073454208adbe1da6e4fef4f9c8f62649c9187efacfff8ab0b22fee841b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:48 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 17:32:35 GMT
server: AmazonS3
age: 866616
etag: W/"dbeeba943d960435ccf6b567c769c6b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: qn1a8nUfuDVUi56Dlx6mQy1dbL5m8voZ
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: CDG3-C2
content-type: text/css; charset=utf-8
x-amz-cf-id: w8L4Mezi5XwUByTe2W-sdiTXCetaWtS2eWM65meyDcSfyplavpNBpw==

GET
H2 200 tray-trigger.2a1c1c4a8c5b080fb3c7.js Show response
cdn.viafoura.net/chunks/ 4 KB
2 KB 23ms
22ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/tray-trigger.2a1c1c4a8c5b080fb3c7.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d21efbe7478e84b77c648ed784ae85f58054ce3995a0a004ab103923ad8f020b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:27 GMT
server: AmazonS3
age: 866617
etag: W/"197d56bf136ca1fb6c3cf0d54e96bcca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: NF9XQynPuO2ONeK0TunKQMOM8YpUaOkF
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: LI7Oj9Wh31JtO-XLxGD8yWRE25fqD72UNIamF1jrO_IdqeX7pt7eXw==

GET
H2 200 en-us-trending_articles-json.851db9e273a94581a765.js Show response
cdn.viafoura.net/chunks/languages/ 1 KB
961 B 19ms
19ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-trending_articles-json.851db9e273a94581a765.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ae1d8063d5c8029c5e488d2fabdaee0b17a07a1a8da4e7c245aade69aaa9e8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:52 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:19 GMT
server: AmazonS3
age: 866612
etag: W/"ee8aafc17bf12e67116246e804c13108"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 3pVmRSqabuLVhGbtic_N8Nyfur8k6dWF
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: iBZ8pYxv_EghQbCKMcQLq0TNY1LprvDiKjHwSWzvVZS-69yeUsSi9Q==

GET
H2 200 madops.min.js Show response
rdc.m32.media/ 60 KB
17 KB 138ms
115ms Script
application/javascript 35.227.246.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdc.m32.media/madops.min.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.246.163 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.246.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 /
Resource Hash: c94936e132cc58acf1366ff60ef2b9f2344e6c5a87919dc027b242199c21f1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:59:29 GMT
server: nginx/1.10.3
etag: W/"61798571-f05d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
alt-svc: clear
via: 1.1 google
expires: Mon, 01 Nov 2021 18:31:23 GMT

GET
H2 200 en-us-conversations-json.be2e50d6bdcc909d1817.js Show response
cdn.viafoura.net/chunks/languages/ 13 KB
3 KB 17ms
16ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.be2e50d6bdcc909d1817.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee0b5ecabd4b8856fe060ed33a7416cf185f40bc2a181032ede6f0be14ce4b19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:15 GMT
server: AmazonS3
age: 866617
etag: W/"400d157c91e11fdb35dd6df1944ca8a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: p7l0MUuqW0EhWNVRbxMBgZhZ3hqMBdTT
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: -MQV5az2un1Der_fvookW8ppvThwpCY7WJhjvwWbcjSdgWb4z4NPBA==

GET
H2 200 content_container-module-js.d385905e7cd38b2bc31e.js Show response
cdn.viafoura.net/chunks/vuex_store/ 2 KB
1 KB 26ms
26ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.d385905e7cd38b2bc31e.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2690d7d1d67717aae618600987f9cc8af88ab10a92b81c77086aa3663f330445

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:48 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:23 GMT
server: AmazonS3
age: 866616
etag: W/"7e08c4f7a210a69d2a57fedadb66dcc7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 4dXp9F.4gm9b5qzc9KUwYfQdVUwDKkCj
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: GKrxUdno3_4Lmj8vPKQBcDfvdRCOiDVQihw-4zRP33Thu1RRhN6h_Q==

GET
H2 200 id Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/contentcontainer/ 762 B
462 B 114ms
111ms XHR
application/json 3.226.102.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/contentcontainer/id?container_id=story-5e35a7e283eff40362be764f
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-102-122.compute-1.amazonaws.com
Software: /
Resource Hash: c3943f52d20bc7d03843c2d5b31de54c38ecfff7b1c4d75ba9c763e036806eda

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.newson6.com
date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 308
content-type: application/json

GET
H2 200 ingest
i.viafoura.co/v3/www.newson6.com/ 67 B
323 B 309ms
99ms Image
image/png 3.226.102.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.newson6.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1635790583%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1635790583%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%221954d01c-f792-4c2e-95ad-5d6afca0e0f9%22%2C%22firstVisit%22%3A1635790583%2C%22previousVisit%22%3A1635790583%2C%22currentVisit%22%3A1635790583%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22section%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageImage%22%3A%22https%3A%2F%2Fhot-town-images.s3.us-east-1.amazonaws.com%2Fkwtv%2Fproduction%2F2013%2FSeptember%2F27%2Ffbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-0.jpeg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.newson6.com%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank%22%2C%22path%22%3A%22%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank%22%2C%22title%22%3A%22FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22FBI%20agents%20and%20Norman%20police%20are%20searching%20for%20a%20man%20dressed%20as%20a%20woman%20who%20robbed%20a%20bank%20in%20Norman%2C%20Friday%20afternoon.%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%22f72f3fb447cb567f7b9243955d8b512bdcc9a804%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%2249968571-3698-44be-82d0-fec8b3746980%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-content-recirculation%22%2C%22vf-conversations%22%2C%22vf-trending-articles%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-102-122.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 127.12a6f1c6e642186dd14a.css
cdn.viafoura.net/ 5 KB
2 KB 19ms
19ms Stylesheet
text/css 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/127.12a6f1c6e642186dd14a.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ac6f90f5370b445ff0599ac29bb288bcdfce4243243fc61a74ab8c9309fd921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:36 GMT
server: AmazonS3
age: 866617
etag: W/"59c6b7746f843a9b9522d203eab09a7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 99o80WA_noSN9t8WFkyHfCWx9SLfOO3E
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: CDG3-C2
content-type: text/css; charset=utf-8
x-amz-cf-id: qb_-SlhzCktavHOkmeFtPegKoNx2RDDNuthHmorWrBkyYUWCJVBHMA==

GET
H2 200 trending_articles_js.ce855c0adf36d24bed51.js Show response
cdn.viafoura.net/chunks/ 17 KB
6 KB 20ms
19ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/trending_articles_js.ce855c0adf36d24bed51.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f63cf5f554f4f318ed462d01422349e5876f99f523a706a8c1dbed545748fdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:30 GMT
server: AmazonS3
age: 866616
etag: W/"49a1f3df9ac6b712f964f27dcd49c839"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: VcdCxQonTczHOO3Asa1mUiV3j.L77Cgr
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: RThHdiIMGpaaBUFdiZUqKQejxPmyuBQavVRJoa8WmsEHs5Wwml2zww==

GET
H2 200 trending_articles-module-js.af78be5a2e2876d26bb4.js Show response
cdn.viafoura.net/chunks/vuex_store/ 3 KB
1 KB 20ms
20ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/trending_articles-module-js.af78be5a2e2876d26bb4.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb3a39a2eb2438d868fa56be040bc74e96a138f7fc940e1c78559245bd6b9289

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:24 GMT
server: AmazonS3
age: 866616
etag: W/"98619164731e1811b39b33f077316e5a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: JZ83jR0cC24o9s0gMYDlhYQWuh5d0LYo
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yoQt2Fiq4A5KrvHEu1ocblSZErrohMAVNviGikEiC06WLBMAs-4GVA==

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 28ms
11ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:58:25 GMT
x-content-type-options: nosniff
age: 292678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 08:58:25 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 219ms
207ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 18:16:23 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 21ms
9ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:37:36 GMT
x-content-type-options: nosniff
age: 437927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17004
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 16:37:36 GMT

POST
H2 202 loaded Show response
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-d8ecaca547bb/indicator/ 0
132 B 100ms
99ms XHR
application/json 3.226.102.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-d8ecaca547bb/indicator/loaded
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-102-122.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newson6.com
date: Mon, 01 Nov 2021 18:16:23 GMT
access-control-allow-credentials: true
content-length: 0
content-type: application/json; charset=utf-8

OPTIONS
H2 200 loaded
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-d8ecaca547bb/indicator/ Frame 0
0 320ms
103ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-d8ecaca547bb/indicator/loaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.newson6.com
access-control-allow-methods: GET,PATCH,PUT,DELETE,POST
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type
access-control-max-age: 43200

GET
H2 200 content-module-js.fa43e397ef0e6e968a03.js Show response
cdn.viafoura.net/chunks/vuex_store/ 11 KB
3 KB 16ms
15ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/content-module-js.fa43e397ef0e6e968a03.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d8e92d55ad376d1dc9d5003b609edee4ee9c31fffb6f6439ddb4177776e6d1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:32:47 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 17:32:23 GMT
server: AmazonS3
age: 866616
etag: W/"156ad0625c8a8400681bb8dbbeac5bc6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Q_RFfxnVTgCE9410wIhF_JJ9qvF5sLV4
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: npBgyoOIWeKnGjNEuKIcam66ns9CJiOERoGkKdKiJS_DUpuhJx_vwg==

OPTIONS
H2 200 trending
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/ Frame 0
0 210ms
95ms Preflight 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/trending?limit=3&content_container_window_days=7&content_window_hours=48&sorted_by=total_visible_contents
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.newson6.com
access-control-allow-methods: POST,PUT,GET,DELETE,PATCH
access-control-allow-headers: content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age: 43200

GET
H2 200 trending Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/ 2 KB
1 KB 186ms
183ms XHR
application/json 3.226.102.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/trending?limit=3&content_container_window_days=7&content_window_hours=48&sorted_by=total_visible_contents
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-102-122.compute-1.amazonaws.com
Software: /
Resource Hash: ee7ece0a319d7c7d1e6dfed95d913528f53861fd587a7950b006ad9890baef10

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.newson6.com
date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 952
content-type: application/json

GET
H2 200 trending Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/ 5 KB
2 KB 104ms
99ms XHR
application/json 3.226.102.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/trending?limit=6&content_container_window_days=7&content_window_hours=1&sorted_by=total_visible_contents
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-102-122.compute-1.amazonaws.com
Software: /
Resource Hash: 78df27ebb26fffe08a8bda5a8660dd1a64f2bcde3c79393d70c729e956fec633

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.newson6.com
date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 1767
content-type: application/json

OPTIONS
H2 200 trending
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/ Frame 0
0 208ms
94ms Preflight 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/trending?limit=6&content_container_window_days=7&content_window_hours=1&sorted_by=total_visible_contents
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.newson6.com
access-control-allow-methods: POST,PUT,GET,DELETE,PATCH
access-control-allow-headers: content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age: 43200

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 8ms
8ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 22:46:25 GMT
x-content-type-options: nosniff
age: 329398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 22:46:25 GMT

GET
H2 200 ingest
i.viafoura.co/v3/www.newson6.com/ 67 B
324 B 201ms
99ms Image
image/png 3.226.102.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.newson6.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1635790583%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1635790583%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%221954d01c-f792-4c2e-95ad-5d6afca0e0f9%22%2C%22firstVisit%22%3A1635790583%2C%22previousVisit%22%3A1635790583%2C%22currentVisit%22%3A1635790583%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22section%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageImage%22%3A%22https%3A%2F%2Fhot-town-images.s3.us-east-1.amazonaws.com%2Fkwtv%2Fproduction%2F2013%2FSeptember%2F27%2Ffbi-man-dressed-as-woman-robs-norman-arvest-bank.1380309057000-0.jpeg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.newson6.com%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank%22%2C%22path%22%3A%22%2Fstory%2F5e35a7e283eff40362be764f%2Ffbi%3A-man-dressed-as-woman-robs-norman-arvest-bank%22%2C%22title%22%3A%22FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22FBI%20agents%20and%20Norman%20police%20are%20searching%20for%20a%20man%20dressed%20as%20a%20woman%20who%20robbed%20a%20bank%20in%20Norman%2C%20Friday%20afternoon.%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%22f72f3fb447cb567f7b9243955d8b512bdcc9a804%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22FBI%3A%20Man%20Dressed%20As%20Woman%20Robs%20Norman%20Arvest%20Bank%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%2249968571-3698-44be-82d0-fec8b3746980%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-content-recirculation%22%2C%22vf-conversations%22%2C%22vf-trending-articles%22%2C%22vf-tray%22%5D%2C%22widget%22%3A%22vf-content-recirculation%22%2C%22adData%22%3A%7B%22index%22%3A0%2C%22container_id%22%3A%22story-5e35a7e283eff40362be764f%22%7D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.trackAd%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-102-122.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all Show response
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-d8ecaca547bb/ 36 B
224 B 328ms
107ms XHR
application/json 3.226.102.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-d8ecaca547bb/all
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-102-122.compute-1.amazonaws.com
Software: /
Resource Hash: b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.newson6.com
date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 59
content-type: application/json; charset=utf-8

GET
H2 200 custom.json Show response
rdc.m32.media/adops/custom_files/newson6.com/ 2 KB
1 KB 147ms
120ms XHR
application/json 35.227.246.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdc.m32.media/adops/custom_files/newson6.com/custom.json
Requested by: Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.246.163 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.246.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 /
Resource Hash: ad076a8c4e48e5a49a04e44699b05a1e90be20f949f351649514d3aebac1f562

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 10:35:53 GMT
server: nginx/1.10.3
etag: W/"617fc309-97f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900
alt-svc: clear
via: 1.1 google
expires: Mon, 01 Nov 2021 18:31:23 GMT

GET
H2 200 ConsentManager,Sticky2 Show response
panickycurtain.com/v2vuxOJsNKz3Xg-zsd4Ve7BYiup77tNhZNKfM7CR3Mn-QHoc21btNzbHhvirnQ4S9YVTqwArViNZDEJQL/ 274 KB
80 KB 217ms
216ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://panickycurtain.com/v2vuxOJsNKz3Xg-zsd4Ve7BYiup77tNhZNKfM7CR3Mn-QHoc21btNzbHhvirnQ4S9YVTqwArViNZDEJQL/ConsentManager,Sticky2

Requested by

Host: panickycurtain.com
URL: https://panickycurtain.com/v2lrx_fzyb9STCK81av0tjrSM9YSI6-goDAUVamxHtNhfMSSK9HoqirXy-5Ugl6Gv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

3ae1d14522c7133a5d23013dcdf683ecbd8aab48fcb92d2de935fd628471b68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "e7e351576c7a94deab59ce475215e392ef644f5f9c4bc5eaf3efa849b1c8e9ed"
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.newson6.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
x-hostname: c984a0b3
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Mon, 01 Nov 2021 18:16:23 GMT

GET
H2 200 / Show response
geoloc.m32.media/json/ 243 B
418 B 120ms
97ms XHR
application/json 35.227.201.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geoloc.m32.media/json/

Requested by

Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.201.248 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

248.201.227.35.bc.googleusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a693e64120b8d8eccd70fb4feec8eaa41056e429a6c3bc6995b6c6c1a7df36b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
content-encoding: gzip
x-database-date: Mon, 01 Nov 2021 02:00:14 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubdomains;
alt-svc: clear
via: 1.1 google

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 98ms
98ms Image
image/gif 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=1559&ntv_r2=1559&ntv_r3=1559&ntv_r4=1559&ntv_pl=1073590&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:23 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
654 B 17ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: panickycurtain.com
URL: https://panickycurtain.com/v2vuxOJsNKz3Xg-zsd4Ve7BYiup77tNhZNKfM7CR3Mn-QHoc21btNzbHhvirnQ4S9YVTqwArViNZDEJQL/ConsentManager,Sticky2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

2ab9c263d57a65fc6ace46c35ad658615e57cd06b8c11e8667b211b3d5184388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 18:00:33 GMT
server: ESF
date: Mon, 01 Nov 2021 18:16:23 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 01 Nov 2021 18:16:23 GMT

GET
H2 200 128.4699927e96ec45f5f859.css
cdn.viafoura.net/ 15 KB
4 KB 18ms
17ms Stylesheet
text/css 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/128.4699927e96ec45f5f859.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 654bbd066838ae538683f108f4d116ff422ca823d7beb5f8f800d5c7d82c55a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:33:00 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 17:32:34 GMT
server: AmazonS3
age: 866604
etag: W/"c610bfec09e1742290fae1966849c331"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: dh1z69_jHjYWTUj4IgxC7lB8TiqNT.2K
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: text/css; charset=utf-8
x-amz-cf-id: f4QE1tRjXjykEiIKLwhE7gFc_JmSyTxZzlAmMeukVMUjOM2_nMLtBA==

GET
H2 200 vendors~content_recirculation_js.5afb7002d1c209701ee4.js Show response
cdn.viafoura.net/chunks/ 139 KB
37 KB 19ms
18ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~content_recirculation_js.5afb7002d1c209701ee4.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 870f40606dc31453acb12d64c47ee66521e2ab56c34d80ccf00419d7bf3af7c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:33:00 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 17:32:28 GMT
server: AmazonS3
age: 866604
etag: W/"768577cb638b4ccb95cac9f46d30efb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: lmnXUBTDlCv3V0TsRhRaPQVBjOkw9Fdf
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: XUIsxNl1s4KXPBTRZlLzFmQdMacKU-KsDrzquVltkTgNsnPlkuBT4g==

GET
H2 200 33.5f7c10f2c30add74d86a.css
cdn.viafoura.net/ 7 KB
2 KB 20ms
20ms Stylesheet
text/css 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/33.5f7c10f2c30add74d86a.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 571835cbca6a12967dd9fc98249a9bbe0fa3989b7cf56595ca719a76f5441956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:33:00 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 17:32:35 GMT
server: AmazonS3
age: 866604
etag: W/"376ae0caa79051804171da7b02872bf3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: JhK1FLtBYsfelUVCdIeonE.U.hrrwE63
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: text/css; charset=utf-8
x-amz-cf-id: Y7rWpJRa475QX3fWlCNbSbTkrULpl0Deg73zNez6gWq4UMm-0kod7g==

GET
H2 200 content_recirculation_js.2227dc7db6a99dc58358.js Show response
cdn.viafoura.net/chunks/ 7 KB
3 KB 20ms
20ms Script
application/javascript 13.225.39.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/content_recirculation_js.2227dc7db6a99dc58358.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-39-73.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd081f94f88f06aade6ec07deaa53f2d43f618ea3fa17abc8f347b64e693a0ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:33:00 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 17:32:28 GMT
server: AmazonS3
age: 866604
etag: W/"97a9b426a8ee529a82ed617b330b21f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: HucThPvbuBW0LaV.srcz4lvJtyiSwrVb
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: CDG3-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: qv2ft-mEl8Q9-3JUAG9-aOa1df4A8U4NmnT0Dn9JYdgcj7kA7YTLPg==

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 36 KB
36 KB 9ms
8ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:53:07 GMT
x-content-type-options: nosniff
age: 386596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37056
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:48:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 06:53:07 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 36 KB
36 KB 10ms
10ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:53:07 GMT
x-content-type-options: nosniff
age: 386596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37056
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:48:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 06:53:07 GMT

GET
H2 200 MiwwY2M3MWM5Zjc1M2I
images.getadmiral.com/ 3 KB
3 KB 91ms
44ms Image
image/png 172.67.193.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MiwwY2M3MWM5Zjc1M2I

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6179974393162583edabf194073462712000fc96c82d4b9eccedf7aa9617b548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2568
server: cloudflare
x-datacenter: gce-europe-west1
etag: "c7c2d87d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JB1P3j%2B2NbMES1HzBKBhuXlAdGvr5R1SRlslgqZ2YT5Y3ZPFozvkPP%2FetjpRIkRIcOXFaJBfoTNnOiHM6RbZXoJWMB1%2BaQsLHybWcEILwroWqNcbYC%2F9D9OWBML8Ih3TAS5Pis7VO%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=300
x-hostname: felicia
cf-ray: 6a771d2da9bcf9e6-PRG

POST
H2 200 v2xraijNQlrTTwx1oc0n5DH_7RQWogMIHwQHRiJcm8_JIMUOwxzLv120iTVPxM_FUwoAkQxoBJZK1FBzBGg Show response
panickycurtain.com/ 272 B
354 B 20ms
20ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://panickycurtain.com/v2xraijNQlrTTwx1oc0n5DH_7RQWogMIHwQHRiJcm8_JIMUOwxzLv120iTVPxM_FUwoAkQxoBJZK1FBzBGg

Requested by

Host: panickycurtain.com
URL: https://panickycurtain.com/v2lrx_fzyb9STCK81av0tjrSM9YSI6-goDAUVamxHtNhfMSSK9HoqirXy-5Ugl6Gv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

61cf673a694dd21b4dfe03f487749fce1c5612d142e249943945b32730f05a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 01 Nov 2021 18:16:24 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: c984a0b3
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 272
expires: Mon, 01 Nov 2021 18:16:23 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 99ms
99ms Image
image/gif 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=c76ae45f-b866-45df-acb0-7cf5cff50547&ntv_a=AAAAAAAAAA5h0RA&ntv_ht=9i6AYQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWS8Qjt_fdw3Y51WnkKFJB14qcITlIyN3NF2lX-GDrpfYwRYb75-fok-hg818H7N5w3kuVDZByj0sIxJrf3dsi6CahHjG-aQ0hPzs8Er-YaRfPfhxUOMDsK_fE5jWWYeEXoffYsSJx1tSbNzBl9Zgooa5H5F80YHQLmrn2t7Tec9Q3N1H9hnJO-pLzgZm7QbO7fZG4dlZfP5lgkeqoZyjlwycV4SxJ3ACaum9baXSBHcj4LQUyxlDLZYPAM5FOG0MMGtNKedPmAUw4S-TW124ZQSvHkqGwDrXNP70aRgA_RDs&ord=1452809630&ntv_ift=0&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 18:16:24 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK julius-jones-.1632160199752.jpeg
hot-town-images.s3.amazonaws.com/kwtv/production/2021/September/20/ 41 KB
41 KB 412ms
116ms Image
image/jpeg 52.217.193.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.amazonaws.com/kwtv/production/2021/September/20/julius-jones-.1632160199752.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.193.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a6014cacebdc2228f76946776fee344423e40e77a8746ed2629eebdf09ac60df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:25 GMT
Last-Modified: Mon, 04 Oct 2021 19:23:08 GMT
Server: AmazonS3
x-amz-request-id: ACENGFQ4VAB60PAK
ETag: "68c506f9c7d613155c9361191e54b082"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 41892
x-amz-id-2: H0a4td5VoMPb80bz8h4sdH3DpCswWkbM8MyUJDZnv9cxMn2lyKNo8vdvSPKdjjc/rFCG5UaQhJU=

GET
H2 200 8e6453edd77036a07856945c3191c86fb78d734c_SITM_Aircheck_frame_292395_custom.jpeg
cdn.field59.com/KOTV/ 113 KB
114 KB 79ms
26ms Image
image/jpeg 104.16.61.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KOTV/8e6453edd77036a07856945c3191c86fb78d734c_SITM_Aircheck_frame_292395_custom.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.61.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a452cc3366478290793da8491c0266925a3b5db9b4e85854bfc9a2e916fb49b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:24 GMT
last-modified: Mon, 01 Nov 2021 14:04:29 GMT
cf-cache-status: HIT
age: 12989
cf-ray: 6a771d2f3c0b411a-PRG
x-amz-replication-status: COMPLETED
content-length: 116045
x-amz-id-2: 3Isj3EyUhVkVIYCjyALDw6r18sQSKZHvBWvk/UFg8PdVspLQ1167sZUIA+WRR/+mJlm0ApkeWR4=
cf-bgj: h2pri
server: cloudflare
etag: "568603ba2c1e9bff8b78597065ef6c15-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4GHBYNAMB1XYMFM4
cache-control: public, max-age=2592000
x-amz-version-id: tFEQeY4KBUMyBkodTd1sWS3PMwyD3b6_
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 01 Dec 2021 18:16:24 GMT

GET
H2 200 a5ef510df54eed45733f939196d34ad2da19fe28_JonesClemency1_custom.jpg
cdn.field59.com/KWTV/ 52 KB
52 KB 75ms
23ms Image
image/pjpeg 104.16.61.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KWTV/a5ef510df54eed45733f939196d34ad2da19fe28_JonesClemency1_custom.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.61.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794d4c462caedb54a5da7bf67abad17b433d8f0985a47955d4c58341244af7bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:24 GMT
cf-cache-status: HIT
age: 12989
cf-ray: 6a771d2f3c11411a-PRG
x-amz-replication-status: COMPLETED
content-length: 52752
x-amz-id-2: mOpRpBtyevW6BX0XDTCKT9Nhmw+xZqo5y2KREkgNhvwdkfC0lM7X2KOilDNe12lET4MwsBRLDrY=
last-modified: Mon, 01 Nov 2021 11:51:06 GMT
server: cloudflare
etag: "bfc2361050c3a2256064f76c4942048d-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: AV8WHCPQ6NS61YF9
cache-control: public, max-age=2592000
x-amz-version-id: m_sl3SUmXgPY6yl.QnwvBQ8BAwXC4Jxv
accept-ranges: bytes
content-type: image/pjpeg
expires: Wed, 01 Dec 2021 18:16:24 GMT

GET
H2 200 92eeb50038a2e1fa875f42456c91b337adc5dc37.jpg
cdn.field59.com/KOTV/ 161 KB
161 KB 89ms
37ms Image
image/pjpeg 104.16.61.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KOTV/92eeb50038a2e1fa875f42456c91b337adc5dc37.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.61.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a268989e400dd44183ad0138d309e8e4c2514da7797a61f31ada0b912aec8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:24 GMT
cf-cache-status: HIT
age: 438499
cf-ray: 6a771d2f3c12411a-PRG
x-amz-replication-status: COMPLETED
content-length: 164763
x-amz-id-2: kbfhN/P70n1L2iSDdVbLJ+ZEyXfVo5dbEBdugtb6def9LDunEUHeKeJN3qdc+DGQHo/ESUPzlM4=
last-modified: Tue, 26 Oct 2021 23:14:45 GMT
server: cloudflare
etag: "27df60eccfe347a4ded55ffb010e3e33-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: P7AMFPZ6X3XK0X75
cache-control: public, max-age=2592000
x-amz-version-id: bLtjKwfadLG60Je1c_79sAVNl6HZp_Oh
accept-ranges: bytes
content-type: image/pjpeg
expires: Wed, 01 Dec 2021 18:16:24 GMT

GET
H/1.1 200
OK tu-campus-university-of-tulsa.1607464021997.jpeg
hot-town-images.s3.amazonaws.com/kotv/production/2020/December/8/ 208 KB
208 KB 457ms
136ms Image
image/jpeg 52.217.193.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.amazonaws.com/kotv/production/2020/December/8/tu-campus-university-of-tulsa.1607464021997.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.193.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b31c5a9c707aad4b88c7e16cae4e5503f7ba529936dc884323f13c7301fe990

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 18:16:25 GMT
Last-Modified: Mon, 04 Oct 2021 18:27:00 GMT
Server: AmazonS3
x-amz-request-id: ACEYDBD04DBKQZZM
ETag: "5e22836c2838d67ce6b30ed197268454"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 212673
x-amz-id-2: MqBV+12txc7BThgvzXuubpy8JVLwCgEE4h2+yIecUrS5PHvKbUIXsJPBUKR+gWu8sReZQhKjj60=

GET
H2 200 92eeb50038a2e1fa875f42456c91b337adc5dc37.jpg
cdn.field59.com/KOTV/ 161 KB
161 KB 21ms
21ms Image
image/pjpeg 104.16.61.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KOTV/92eeb50038a2e1fa875f42456c91b337adc5dc37.jpg
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.61.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a268989e400dd44183ad0138d309e8e4c2514da7797a61f31ada0b912aec8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:24 GMT
cf-cache-status: HIT
age: 438499
cf-ray: 6a771d2fed74411a-PRG
x-amz-replication-status: COMPLETED
content-length: 164763
x-amz-id-2: kbfhN/P70n1L2iSDdVbLJ+ZEyXfVo5dbEBdugtb6def9LDunEUHeKeJN3qdc+DGQHo/ESUPzlM4=
last-modified: Tue, 26 Oct 2021 23:14:45 GMT
server: cloudflare
etag: "27df60eccfe347a4ded55ffb010e3e33-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: P7AMFPZ6X3XK0X75
cache-control: public, max-age=2592000
x-amz-version-id: bLtjKwfadLG60Je1c_79sAVNl6HZp_Oh
accept-ranges: bytes
content-type: image/pjpeg
expires: Wed, 01 Dec 2021 18:16:24 GMT

GET
H2 200 0ab0e1d2453a7777b66772eda5f2c3be83d3739f.jpg
cdn.field59.com/KOTV/ 225 KB
225 KB 24ms
24ms Image
image/pjpeg 104.16.61.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KOTV/0ab0e1d2453a7777b66772eda5f2c3be83d3739f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.61.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44fbf22a33ca956c10db1a75bc8e2d42eb8853235a0bb54d493274a696eb4dd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:16:24 GMT
cf-cache-status: HIT
age: 95957
cf-ray: 6a771d2ffd93411a-PRG
x-amz-replication-status: COMPLETED
content-length: 230028
x-amz-id-2: MIV5eL+ZkJbTRT6LXLYpA/xhmsosJixQKyE1N5BX7oETTlYfWRdbypwId9AnYoy0r4xedmCpm8E=
last-modified: Sat, 30 Oct 2021 23:32:00 GMT
server: cloudflare
etag: "ca219e51471d012fe288d2c1e04a48e6-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: XC0PZBZNN1QWKV67
cache-control: public, max-age=2592000
x-amz-version-id: M7J8sCQroQPYbRoYaD8RS3QEcYx9vndw
accept-ranges: bytes
content-type: image/pjpeg
expires: Wed, 01 Dec 2021 18:16:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newson6.com/story/5e35a7e283eff40362be764f	1969-12-31 23:59:59	Name: ntvSession Value: {"id":9216545,"placementID":1073590,"lastInteraction":1635790582913,"sessionStart":1635790582913,"sessionEndDate":1635811200000,"trackUserSessionTime":true,"experiment":""}
www.newson6.com/	1970-01-19 22:43:20	Name: connect.sid Value: s%3AcgaW3OQvKv4A8h0EUQtlyN9DbU4wOLKe.5TSroHC%2FFkT2Tu688Dg3DeFn%2B3Cj0AGDylbjV9kpeuM
www.newson6.com/	1970-01-20 07:08:46	Name: usprivacy Value: 1---
.newson6.com/	1970-01-20 15:54:22	Name: _ga Value: GA1.2.348739384.1635790582
.newson6.com/	1970-01-19 22:24:36	Name: _gid Value: GA1.2.738432294.1635790582
.newson6.com/	1970-01-19 22:23:10	Name: _gat_UA-572554-5 Value: 1
.scorecardresearch.com/	1970-01-20 15:39:58	Name: UID Value: 1HHOFZZA4YJ2FTEVTRWSPCg1635790582
www.newson6.com/	1970-01-20 07:08:46	Name: ntv_as_us_privacy Value: 1---
.jsrdn.com/	1970-01-20 15:54:22	Name: u Value: 26a37fe5-a316-4d70-9a78-91ddcd588e0b
www.newson6.com/	1970-01-19 22:23:10	Name: AWSELB Value: A78141670EC295055210B1BB420DB2BA93D27E7028B161B20CC3E1BAA841DF4050DD18540B1290103A9E5F8890B2D60AC30F72B5370DDA86F6C8DBA779DEAF3E5AFB79735C
.postrelease.com/	1970-01-20 07:08:46	Name: opt_out Value: 1
www.newson6.com/	1970-01-20 07:51:58	Name: __atuvc Value: 1%7C44
www.newson6.com/	1970-01-19 22:23:12	Name: __atuvs Value: 61802ef62f19f708000
.viafoura.co/	1970-01-19 23:06:22	Name: VfSess Value: pht04iqdb0tgdndjabccd9rcjv
.viafoura.co/	1969-12-31 23:59:59	Name: vfThirdpartyCookiesEnabled Value: true
.addthis.com/	1970-01-20 07:51:58	Name: uvc Value: 1%7C44
.addthis.com/	1970-01-20 07:51:58	Name: loc Value: MDAwMDBFVURFQlcyMjc4MTg5ODAwNDAwMDBDSA==
www.newson6.com/	1970-01-19 22:23:12	Name: _vfb Value: www%2Enewson6%2Ecom.00000000-0000-4000-8000-d8ecaca547bb.1.10.1635790583....
www.newson6.com/	1970-01-19 22:23:10	Name: _vfz Value: www%2Enewson6%2Ecom.00000000-0000-4000-8000-d8ecaca547bb.1635790583.1.medium=direct\|source=\|sharer_uuid=\|terms=
www.newson6.com/	1970-01-20 07:08:46	Name: _vfa Value: www%2Enewson6%2Ecom.00000000-0000-4000-8000-d8ecaca547bb.1954d01c-f792-4c2e-95ad-5d6afca0e0f9.1635790583.1635790583.1635790583.1
.viafoura.co/	1970-01-20 07:08:46	Name: vfDeviceId Value: 110fc766-4187-45d1-b289-d598237ed4c1
www.newson6.com/	1970-01-19 22:23:10	Name: m32_pubgeo Value: eyJpcCI6IjIxNi4xMzEuMTE0LjIwNCIsImNvdW50cnlfY29kZSI6IkRFIiwiY291bnRyeV9uYW1lIjoiRGV1dHNjaGxhbmQiLCJyZWdpb25fY29kZSI6IkhFIiwicmVnaW9uX25hbWUiOiJIZXNzZW4iLCJjaXR5IjoiRnJhbmtmdXJ0IGFtIE1haW4iLCJ0aW1lX3pvbmUiOiJFdXJvcGUvQmVybGluIiwibGF0aXR1ZGUiOjUwLjExODgsImxvbmdpdHVkZSI6OC42ODQzLCJtZXRyb19jb2RlIjowLCJwb3N0YWxfY29kZSI6IjYwMzEzIn0=
.newson6.com/	1970-01-21 00:39:58	Name: _awl Value: 2.1635790584.0.4-83115546-adc10d1364ee5b23fdb62e922fe6a044-6763652d6575726f70652d7765737431-61802ef7-0
.newson6.com/	1970-01-21 00:39:58	Name: _admrla Value: 2.0-adc10d13-64ee-5b23-fdb6-2e922fe6a044

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.newson6.com/story/5e35a7e283eff40362be764f/fbi:-man-dressed-as-woman-robs-norman-arvest-bank Message: The resource https://www.newson6.com/css/above-the-fold-bundle-kotv.css?v=1635362535793 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.viafoura.co
baron.kotv.com
c.jsrdn.com
cdn.field59.com
cdn.viafoura.net
fonts.googleapis.com
fonts.gstatic.com
geoloc.m32.media
griffin-communications.akamaized.net
hot-town-closings.s3.amazonaws.com
hot-town-images.s3.amazonaws.com
hot-town-images.s3.us-east-1.amazonaws.com
i.viafoura.co
images.getadmiral.com
images.newson6.com
interaction.viafoura.co
jadserve.postrelease.com
livecomments.viafoura.co
m.addthis.com
notifications.viafoura.co
ntvcld-a.akamaihd.net
panickycurtain.com
rdc.m32.media
redirect.field59.com
rules.quantcount.com
s.jsrdn.com
s.ntv.io
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.adsafeprotected.com
stats.g.doubleclick.net
v1.addthisedge.com
www.google-analytics.com
www.googletagmanager.com
www.newson6.com
z.moatads.com
s7.addthis.com
104.16.57.230
104.16.61.230
104.18.10.207
104.85.1.154
104.85.1.65
13.225.39.54
13.225.39.73
13.225.39.78
142.250.184.206
142.250.185.202
142.250.185.67
143.204.229.125
151.101.114.208
172.217.18.98
172.217.23.104
172.67.193.230
184.30.24.121
2.16.107.105
3.215.150.19
3.217.216.1
3.226.102.122
35.190.91.111
35.227.201.248
35.227.246.163
50.17.45.48
52.0.221.38
52.217.193.73
52.30.148.69
52.31.171.27
54.144.244.112
54.231.128.26
54.76.238.61
74.125.133.157
91.228.74.134
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0ae1d8063d5c8029c5e488d2fabdaee0b17a07a1a8da4e7c245aade69aaa9e8d
0b4e71e32c4757d57ec588bb8cdcf00d5be26f70ac15a8c4d5f5fe63f3adf88e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec902adf3a487d332ada945bcb9edc28da7fcee152b2e25641a18ec512acfa5
13dbe75b0ef0dae24d542596f865e3b397eacc51bfe170cf8b516c3e75e2da68
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
2690d7d1d67717aae618600987f9cc8af88ab10a92b81c77086aa3663f330445
26cf9cb3feb5dbbb0f12d3f70eeaf04b59097cea94417b78fb659d59c955b8fe
293711855cf5e1c16d5c205d296740c1bf59067ce8ca316e4d473fe06ac993cd
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2ab9c263d57a65fc6ace46c35ad658615e57cd06b8c11e8667b211b3d5184388
2ac6f90f5370b445ff0599ac29bb288bcdfce4243243fc61a74ab8c9309fd921
2ec855206935e32d9ad48b5919e4c66b5f4366e04ab07fdade79bab9ff58033c
31f59519907f7aeb3a203fe5fbfe53678b10c800aa2e94d5f362d8fb9bc7e25d
320e48973b75574afce198236b2ee06ff1a93843f870334dba25cd7f837af6a6
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
335f03defb127880765128bcb89271f934c713f5dc42267a4194942abec0de71
3a7f099835f738032de22a0c3d0653de9cde89d7012ded2f9875f98f936ec109
3aa4c8bd2d455b3556c4a1fd9bcc36dc69addd6956ec77885c67b808710357b6
3aa896bf56a07c9b912d90d39ace3a810eadf603cecfbc6d732664e65ea23e2c
3ae1d14522c7133a5d23013dcdf683ecbd8aab48fcb92d2de935fd628471b68c
3d33c2cf7ab89a1bc3b63208592daddf131c95fed75758ae5b21d3987df46296
3fe37bc63d36548f367d1c90ec8b013da6e53fdb7881b27b98a8539901ba880b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44fbf22a33ca956c10db1a75bc8e2d42eb8853235a0bb54d493274a696eb4dd0
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
571835cbca6a12967dd9fc98249a9bbe0fa3989b7cf56595ca719a76f5441956
59ee8eeb8e7ecb8d481595be4d84cc18177a625e9dc3ba61e2bd501d3eaf3b65
5b91a383c9c098ccfec9a73928a6b7dabd9f98d900cac447d40e689fac93fe5c
5e554a79c82d7292297617179cb1ce618b5fc41cb6440da1818d4e521337a186
5e7cb9da834946a345c5f9d60d0c406a6789fcd29b80ea3207fbdd8fcaae4e04
6179974393162583edabf194073462712000fc96c82d4b9eccedf7aa9617b548
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61cf673a694dd21b4dfe03f487749fce1c5612d142e249943945b32730f05a1a
654bbd066838ae538683f108f4d116ff422ca823d7beb5f8f800d5c7d82c55a6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8e92d55ad376d1dc9d5003b609edee4ee9c31fffb6f6439ddb4177776e6d1e
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
78df27ebb26fffe08a8bda5a8660dd1a64f2bcde3c79393d70c729e956fec633
794d4c462caedb54a5da7bf67abad17b433d8f0985a47955d4c58341244af7bc
7afd1220823e11508d3f03c32dc889df0202be78768e5f19071f003276d54faa
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7f452962b4ac9584e280a517c945377609c6ef0a43a8087020bf62865db0a10d
80055b2b7f3dce2faba4e117e55c3b4a26a54771f81d24a6d16f9c1a6359d064
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
855e749fea9b063b42a2061c3bb0296f34fa9eedb24dedc1af9f84af4638e0a4
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
870f40606dc31453acb12d64c47ee66521e2ab56c34d80ccf00419d7bf3af7c7
87916883d2187d2ce227cbe2a46ecbe06e32f27f15337c9a0577d178e6ed0e5e
891d3cdd44a23dcd3a8f7a73c31e516030f08b5edd47be58d61bd3e9c73ca2c7
8b31c5a9c707aad4b88c7e16cae4e5503f7ba529936dc884323f13c7301fe990
8c097baab686fb069942a367234cfa9223cd0249c134137e50042a6eedee9615
8d59f2c7986bc73bf37e3da9d7d9a0cbf7686dede1cb5a1649c43569848bde6e
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
929c27d636b5dcaf59021416c87657514e619cf5a5515812fa81f8404845c2fa
948d657f668ce87cd8b0ef38cb49191b377254366735a5cf23a1db9f614830aa
9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa
9e98de602014c431f28dec4b9230ba2b2242e9a36fa9b34b00f2569707121cbc
9ed29d813147d3161c57ef5efd2c9de699f896864a277af778b45622b36192bd
9f63cf5f554f4f318ed462d01422349e5876f99f523a706a8c1dbed545748fdd
a0652199d4e4d43ee8bc746aa071aa2b1685749bc3d310a031a96c81f697b2fb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a37c50c5ce115e40bddf2a0469751eeaf52e131b7660094fab3794441835080c
a452cc3366478290793da8491c0266925a3b5db9b4e85854bfc9a2e916fb49b0
a6014cacebdc2228f76946776fee344423e40e77a8746ed2629eebdf09ac60df
a693e64120b8d8eccd70fb4feec8eaa41056e429a6c3bc6995b6c6c1a7df36b4
a78773e715a6874a2470a2b3fcb6a26219b86cd7d81c988aea8e0d4e2d879285
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad076a8c4e48e5a49a04e44699b05a1e90be20f949f351649514d3aebac1f562
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b7b3d5b795834653294afb1d987f3c690fec3dd2dd61ddc1e9368035b7e5b916
b991c1ea66dc32cad7cd6a7204502bb2f250bd6f572de06a875decfaf7abab90
b9cc6dc91e403e1e3074b4be21de296a1b6c9aaac1a10442750292f9ba93c0b6
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcbff4a2b57d380d43151e9ee217a44f435a0e022cd54b1041a2460381a72915
bd76d7e259facc62e024dc96a67ff7433e3310d94afb7b1a2ef9c40e50061841
c104d2168e37a46310e8694024cd18a844f802c467d9979d0718ef38004cc964
c3943f52d20bc7d03843c2d5b31de54c38ecfff7b1c4d75ba9c763e036806eda
c638073454208adbe1da6e4fef4f9c8f62649c9187efacfff8ab0b22fee841b1
c94936e132cc58acf1366ff60ef2b9f2344e6c5a87919dc027b242199c21f1ce
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cef97d8106c3f0eab840aa24eaf1f96be510cf96d258a30d2ceb89b0d96b1f90
d21efbe7478e84b77c648ed784ae85f58054ce3995a0a004ab103923ad8f020b
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
d65ea213ded3bd6f4608d4f677fe4bf0dbd82f2bb049d1694d1d946171503ea2
dd081f94f88f06aade6ec07deaa53f2d43f618ea3fa17abc8f347b64e693a0ff
ddbcb199af70ab9d382a16df9fe4a2c1b3e02ca83e3609001d252074bcbbb6e0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e10d3681e147d112ef1c20c0cdafb283ca74c0d9f0cf9a2e11e768d5d1b4c835
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a268989e400dd44183ad0138d309e8e4c2514da7797a61f31ada0b912aec8d
e58f25313ee7f6f12f012d487020babbe6b21c8feddc747ea090070ea3a4f0ee
e67299a8b7bcba813bd1cffc1f2b3798113fd9df57783f433fa077ab64196db4
e679b64f976d44338579dad28fbdcd68f6d9ee9890e25d3f9bf92f3d63056c7d
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee0b5ecabd4b8856fe060ed33a7416cf185f40bc2a181032ede6f0be14ce4b19
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d
ee7ece0a319d7c7d1e6dfed95d913528f53861fd587a7950b006ad9890baef10
f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f8ea3e73c00e6e4899c0108c5312a5a3106df1207f33b5eb9c0c28fae1bcb227
fb10638a9c68030195c983f7275a19f7e1eda641be0125923372218f255a9c06
fb3a39a2eb2438d868fa56be040bc74e96a138f7fc940e1c78559245bd6b9289
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd9f7ecd27ea85e0bc386502ef788a970d923c8f698f9608ca672213efdd396d
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.newson6.com Open in urlscan Pro 143.204.229.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

132 Requests

98 %HTTPS

0 %IPv6

27 Domains

39 Subdomains

35 IPs

6 Countries

2956 kBTransfer

6864 kBSize

24 Cookies

13 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newson6.com Open in urlscan Pro
143.204.229.125 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

98 %
HTTPS

0 %
IPv6

27
Domains

39
Subdomains

35
IPs

6
Countries

2956 kB
Transfer

6864 kB
Size

24
Cookies

132 HTTP transactions
0 data transactions