crestedbuttenews.com Open in urlscan Pro
104.238.71.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crestedbuttenews.com/
Effective URL:
https://crestedbuttenews.com/
Submission Tags: falconsandbox
Submission: On June 30 via api (June 30th 2023, 9:37:30 am UTC) from US — Scanned from DE

Summary HTTP 71 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 71 HTTP transactions. The main IP is 104.238.71.109, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is crestedbuttenews.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 18th 2023. Valid for: a year.

This is the only time crestedbuttenews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	104.238.71.109 104.238.71.109	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	20.150.38.36 20.150.38.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 5	23.53.42.160 23.53.42.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f08e:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f08e:219:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:d::210:f149	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
71	13

48 104.238.71.109 (United States) 1 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 109.71.238.104.host.secureserver.net

crestedbuttenews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.38.36 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

etypeproductionstorage1.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.53.42.160 (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-160.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f08e:100:face:b00c:0:3 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

scontent-cdg4-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f08e:219:face:b00c:0:3 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

scontent-cdg4-3.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:d::210:f149 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	crestedbuttenews.com 1 redirects crestedbuttenews.com	2 MB
9	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 660 scontent-cdg4-2.xx.fbcdn.net — Cisco Umbrella Rank: 39829 scontent-cdg4-3.xx.fbcdn.net — Cisco Umbrella Rank: 40091	158 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
5	wsimg.com 3 redirects img1.wsimg.com — Cisco Umbrella Rank: 9721 img6.wsimg.com — Cisco Umbrella Rank: 11920	20 KB
2	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13682	570 B
2	gstatic.com fonts.gstatic.com	43 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	81 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	16 KB
1	windows.net etypeproductionstorage1.blob.core.windows.net — Cisco Umbrella Rank: 388010	167 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	751 B
71	10

	Domain	Requested by
48	crestedbuttenews.com	1 redirects crestedbuttenews.com
7	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
3	region1.google-analytics.com	www.googletagmanager.com
3	img1.wsimg.com	3 redirects
2	events.api.secureserver.net	img1.wsimg.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	crestedbuttenews.com www.google-analytics.com
2	img6.wsimg.com	crestedbuttenews.com
1	scontent-cdg4-3.xx.fbcdn.net	www.facebook.com
1	scontent-cdg4-2.xx.fbcdn.net	www.facebook.com
1	www.googletagmanager.com	www.google-analytics.com
1	www.facebook.com	crestedbuttenews.com
1	etypeproductionstorage1.blob.core.windows.net	crestedbuttenews.com
1	fonts.googleapis.com	crestedbuttenews.com
71	14

This site contains links to these domains. Also see Links.

Domain
www.seobayim.com
www.facebook.com
twitter.com
publisher.etype.services
bit.ly

Subject Issuer	Validity	Valid
crestedbuttenews.com Starfield Secure Certificate Authority - G2	`2023-05-18` - `2024-06-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 06	`2023-05-20` - `2024-05-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-08` - `2023-07-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2022-08-05` - `2023-09-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://crestedbuttenews.com/
Frame ID: ECD6712AAE57D188EAF94A20B5C46F3D
Requests: 61 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/CrestedButteNews&width=300&height=250&show_faces=true&header=false&stream=false&show_border=false
Frame ID: 572E253015D0FFCA77BD4068BFE1FCA8
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Crested Butte News – Serving the Gunnison Valley since 1999

Page URL History Show full URLs

http://crestedbuttenews.com/ HTTP 308
https://crestedbuttenews.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

71
Requests

97 %
HTTPS

77 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

2189 kB
Transfer

3343 kB
Size

6
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.seobayim.com/
Title: hacklink satış

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrestedButteNews

Search URL Search Domain Scan URL

URL: https://twitter.com/search?f=realtime&q=crested%20butte%20news

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/Crested-Butte-News
Title: e-Edition Login

Search URL Search Domain Scan URL

URL: https://bit.ly/3qaijIs
Title: Summer Guide

Search URL Search Domain Scan URL

URL: https://bit.ly/400eoel
Title: PEAK Magazine

Search URL Search Domain Scan URL

URL: http://bit.ly/3VmQHtV
Title: Winter Guide

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/Crested-Butte-News/e-paper-special-edition/C333E4AFC55020DC
Title: COVID Reflections

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/Crested-Butte-News/e-paper-special-edition/1364A9E0F815C256/2
Title: CBCS Graduation Guide 2022

Search URL Search Domain Scan URL

URL: http://bit.ly/38A48iS

Search URL Search Domain Scan URL

URL: http://bit.ly/400eoel

Search URL Search Domain Scan URL

URL: http://bit.ly/35bbtmC

Search URL Search Domain Scan URL

URL: https://bit.ly/2NnTRga

Search URL Search Domain Scan URL

URL: https://bit.ly/3t9Lfiy

Search URL Search Domain Scan URL

URL: https://bit.ly/45oeRKt

Search URL Search Domain Scan URL

URL: http://bit.ly/2E7ec4W

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crestedbuttenews.com/ HTTP 308
https://crestedbuttenews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

Request Chain 26

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
crestedbuttenews.com/
Redirect Chain

http://crestedbuttenews.com/
https://crestedbuttenews.com/

83 KB
16 KB

626ms
309ms

Document
text/html

104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

1ec902482e75a3e747f9b1775dd2bec2fafee4e6aa1e7c21ae060192e915583a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30192
content-encoding: gzip
content-length: 15446
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 30 Jun 2023 09:41:45 GMT
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,4,24
x-php-version: 8.0
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 65
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 09:41:45 GMT
Location: https://crestedbuttenews.com/
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 style.min.css
crestedbuttenews.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 479ms
478ms Stylesheet
text/css 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 12736
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jun 2023 08:52:43 GMT
server: openresty
x-php-version: 8.0
etag: "17ced-5fdfef5559316-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 classic-themes.min.css
crestedbuttenews.com/wp-includes/css/ 291 B
659 B 171ms
169ms Stylesheet
text/css 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-includes/css/classic-themes.min.css

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 210
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jun 2023 08:52:43 GMT
server: openresty
x-php-version: 8.0
etag: "123-5fdfef5557ba5;5a49c08d8c2a6
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 dashicons.min.css
crestedbuttenews.com/wp-includes/css/ 58 KB
35 KB 173ms
172ms Stylesheet
text/css 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-includes/css/dashicons.min.css

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 35730
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jun 2023 08:52:43 GMT
server: openresty
x-php-version: 8.0
etag: "e688-5fdfef555d966-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 frontend.min.css
crestedbuttenews.com/wp-content/plugins/post-views-counter/css/ 215 B
603 B 171ms
170ms Stylesheet
text/css 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/plugins/post-views-counter/css/frontend.min.css

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 160
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Apr 2023 18:57:17 GMT
server: openresty
x-php-version: 8.0
etag: "d7-5f98cc281c4d4-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 style.css
crestedbuttenews.com/wp-content/themes/sahifa/ 196 KB
36 KB 325ms
324ms Stylesheet
text/css 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/style.css

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

ff4469ce1485439442e1db632244d083dbd39ddf40602f88b94c77823d244945

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116616
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 36762
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:15 GMT
server: openresty
x-php-version: 8.0
etag: "311a5-5b8473d593ac0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 skin.css
crestedbuttenews.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 7 KB
2 KB 172ms
171ms Stylesheet
text/css 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 1319
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:15 GMT
server: openresty
x-php-version: 8.0
etag: "1c79-5b8473d593ac0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 802 B
751 B 48ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 09:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 08:58:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 09:37:22 GMT

GET
H2 200 jquery.min.js Show response
crestedbuttenews.com/wp-includes/js/jquery/ 88 KB
31 KB 479ms
478ms Script
application/javascript 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116616
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 31049
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jun 2023 08:52:43 GMT
server: openresty
x-php-version: 8.0
etag: "15ed7-5fdfef55bad9a;5a49c0901da7a
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 jquery-migrate.min.js Show response
crestedbuttenews.com/wp-includes/js/jquery/ 13 KB
5 KB 478ms
477ms Script
application/javascript 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 4795
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jun 2023 08:52:43 GMT
server: openresty
x-php-version: 8.0
etag: "3470-5fdfef55b9dfa-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 cbnews_header-386x60.png
crestedbuttenews.com/wp-content/uploads/2015/04/ 8 KB
8 KB 159ms
157ms Image
image/png 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2015/04/cbnews_header-386x60.png

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

a55400ff906de5500999ac42f49e810eb1d3399d690806525ae9d7441455f2aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 7717
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Apr 2015 22:58:35 GMT
server: openresty
x-php-version: 8.0
etag: "1e25-512c5c5815cc0"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 GraduationSection_web2023-1.jpg
crestedbuttenews.com/wp-content/uploads/2023/05/ 23 KB
23 KB 309ms
307ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/05/GraduationSection_web2023-1.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

91e5298542e3c7181f5e2e4ba50246e89f94752c7bb1e90d0599028a03fa0d7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 23051
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 01:11:04 GMT
server: openresty
x-php-version: 8.0
etag: "5a0b-5fc7a4b5d7318"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 Soth_8-23-22.gif
crestedbuttenews.com/wp-content/uploads/2022/08/ 68 KB
68 KB 309ms
306ms Image
image/gif 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2022/08/Soth_8-23-22.gif

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

2d3abbf86bbcb789dbe7a76c7e3ce0a2c5a7d5bdb06a0c675d961db7cef1cab4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116574
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 69316
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Aug 2022 19:36:06 GMT
server: openresty
x-php-version: 8.0
etag: "10ec4-5e6edaceb89db"
content-type: image/gif
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 CBN_adHere_horiz.jpg
crestedbuttenews.com/wp-content/uploads/2019/05/ 15 KB
16 KB 308ms
306ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2019/05/CBN_adHere_horiz.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

49242b8b531bfc4f0cfe1aa772cde9cad81f15c60055d6a2a6f00796642939a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 15635
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2019 21:25:13 GMT
server: openresty
x-php-version: 8.0
etag: "3d13-588dfab164040"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 Summer-Guide-2023-Thumbnail.jpg
crestedbuttenews.com/wp-content/uploads/2023/05/ 65 KB
66 KB 159ms
157ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/05/Summer-Guide-2023-Thumbnail.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

331a111cb48540d3c4f331d7fc2683e174abcb2c4053a3c7850f07085a9085de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 66929
x-xss-protection: 1; mode=block
last-modified: Tue, 23 May 2023 20:48:51 GMT
server: openresty
x-php-version: 8.0
etag: "10571-5fc6283cbcc73"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 Peak23Thumb.jpg
crestedbuttenews.com/wp-content/uploads/2023/03/ 58 KB
58 KB 309ms
307ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/03/Peak23Thumb.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

e288e4be389f0334bbb34b296c193f5e570ba18b71a62ce9a45eefa362de1fdb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 58916
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2023 22:49:44 GMT
server: openresty
x-php-version: 8.0
etag: "e624-5f75cbe3a65c7"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 WVG_Winter22_Thumb.jpg
crestedbuttenews.com/wp-content/uploads/2022/11/ 54 KB
54 KB 159ms
158ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2022/11/WVG_Winter22_Thumb.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

4ed996bb1a2f00fb5189d6d464fa49ad9c571dadc1b964e1467881555a5044fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116572
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 55128
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2022 20:19:11 GMT
server: openresty
x-php-version: 8.0
etag: "d758-5ee14e292560d"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 BB_CharlieJoelWeather.gif
crestedbuttenews.com/wp-content/uploads/2017/05/ 66 KB
66 KB 468ms
466ms Image
image/gif 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2017/05/BB_CharlieJoelWeather.gif

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

a8fb3df0e4d03c673f89e10c17391d502b780c6655f033cec0ed91233a8a9c2f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 67431
x-xss-protection: 1; mode=block
last-modified: Mon, 01 May 2017 15:08:03 GMT
server: openresty
x-php-version: 8.0
etag: "10767-54e77ca243ac0"
content-type: image/gif
x-cache-hit: HIT
accept-ranges: bytes

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/118/ 167 KB
167 KB 574ms
133ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/118/thumbnail.jpg
Requested by: Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7f2b539dd331bd1ec071777665aa0b2375a7874c56ad429871585d9213722edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 30 Jun 2023 09:37:22 GMT
Last-Modified: Thu, 29 Jun 2023 10:07:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB7888AC598389
Content-Type: .jpg
x-ms-request-id: 5ba2d448-a01e-0041-0236-ab1dd6000000
x-ms-version: 2009-09-19
Content-Length: 170789

GET
H2 200 CBFamilyDental_Web_7.12.22.gif
crestedbuttenews.com/wp-content/uploads/2022/07/ 53 KB
53 KB 469ms
467ms Image
image/gif 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2022/07/CBFamilyDental_Web_7.12.22.gif

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

a09ecfaf04a22ad6ba700cc42ee17c7065fd77acd97e26149c842f32af74e176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 54296
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jul 2022 20:58:54 GMT
server: openresty
x-php-version: 8.0
etag: "d418-5e3a1efb107b5"
content-type: image/gif
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 AugustaPark_optimized.gif
crestedbuttenews.com/wp-content/uploads/2022/05/ 74 KB
75 KB 464ms
463ms Image
image/gif 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2022/05/AugustaPark_optimized.gif

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

469168910a4d0aad0f0d2649bbfd45beb7a88e82b9b94f0be9b4feb988bf82e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116572
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 75863
x-xss-protection: 1; mode=block
last-modified: Wed, 11 May 2022 18:33:16 GMT
server: openresty
x-php-version: 8.0
etag: "12857-5dec0acb8ddcd"
content-type: image/gif
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 PeakAd-300x250_Resized.jpg
crestedbuttenews.com/wp-content/uploads/2019/08/ 92 KB
93 KB 468ms
467ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2019/08/PeakAd-300x250_Resized.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

dc56a26cec1456ab1fbd6f9fc2ffc6acf0372401701685ab241117f20e50ae2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 94381
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Jan 2021 19:07:51 GMT
server: openresty
x-php-version: 8.0
etag: "170ad-5b9458e1abbde"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 CBCOAd_Resized.jpg
crestedbuttenews.com/wp-content/uploads/2019/08/ 98 KB
98 KB 468ms
467ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2019/08/CBCOAd_Resized.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

dbd82ca8f33e5969555086fbb3639c8398a7b2fa334b1e41bae766a380aab565

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 100206
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Jan 2021 19:05:26 GMT
server: openresty
x-php-version: 8.0
etag: "1876e-5b94585744767"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 tie-scripts.js Show response
crestedbuttenews.com/wp-content/themes/sahifa/js/ 72 KB
21 KB 158ms
157ms Script
application/javascript 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/js/tie-scripts.js

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 21377
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:13 GMT
server: openresty
x-php-version: 8.0
etag: "12161-5b8473d3ab640-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 ilightbox.packed.js Show response
crestedbuttenews.com/wp-content/themes/sahifa/js/ 78 KB
25 KB 158ms
158ms Script
application/javascript 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/js/ilightbox.packed.js

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 24974
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:13 GMT
server: openresty
x-php-version: 8.0
etag: "137ad-5b8473d3ab640-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 search.js Show response
crestedbuttenews.com/wp-content/themes/sahifa/js/ 15 KB
4 KB 158ms
156ms Script
application/javascript 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/js/search.js

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 3635
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:13 GMT
server: openresty
x-php-version: 8.0
etag: "3aa2-5b8473d3ab640-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H2

200

tccl.min.js Show response
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

45 KB
12 KB

16ms
14ms

Script
application/javascript

23.53.42.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by: Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/
Protocol: H2
Server: 23.53.42.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding: br
date: Fri, 30 Jun 2023 09:37:22 GMT
x-amz-request-id: 1K08MGCFGNYAVXZF
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468921_389360284_844068914_24_1617_7_0_-";dur=1
content-length: 11347
x-amz-id-2: CZXoeAWpc5+jb36BYR8uyZbNJRBFREbz0Nre0fU34nQWMlUclaRIk+VX09Y65a5zNWYS93IKD+k=
last-modified: Mon, 17 Apr 2023 05:04:44 GMT
etag: "5c3e20ad749ddb088afc84b1b7ff009e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin: *
date: Fri, 30 Jun 2023 09:37:22 GMT
cache-control: max-age=1800
timing-allow-origin: *
content-length: 0
expires: Fri, 30 Jun 2023 10:07:22 GMT

GET
H2

200

tti.min.js Show response
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

24 KB
8 KB

21ms
11ms

Script
application/javascript

23.53.42.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by: Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/
Protocol: H2
Server: 23.53.42.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding: br
date: Fri, 30 Jun 2023 09:37:22 GMT
x-amz-request-id: FPNVPC26ASG1ZC2P
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468921_389360284_844068886_23_1420_6_0_-";dur=1
content-length: 7498
x-amz-id-2: HjyiTp21LgkXvw27WiDuzmPNN/xKNty/C9ZP3N6HH/vy36X5D6/xBUhsopBjkftblO2vuK54SD0=
last-modified: Thu, 09 Feb 2023 05:38:30 GMT
etag: "ce554d2333f3801abafb32da18213ff7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
access-control-allow-origin: *
date: Fri, 30 Jun 2023 09:37:22 GMT
cache-control: max-age=1800
timing-allow-origin: *
content-length: 0
expires: Fri, 30 Jun 2023 10:07:22 GMT

GET
H2 200 wp-emoji-release.min.js Show response
crestedbuttenews.com/wp-includes/js/ 18 KB
5 KB 469ms
468ms Script
application/javascript 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 5039
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jun 2023 08:52:43 GMT
server: openresty
x-php-version: 8.0
etag: "4904-5fdfef55c808b-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 08:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3720
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 30 Jun 2023 10:35:22 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 572E 45 KB
16 KB 99ms
82ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/CrestedButteNews&width=300&height=250&show_faces=true&header=false&stream=false&show_border=false

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

624bb0d552a9d45d646e8194bfe5056cc17014f85b1d0a2a1cd90405fcf11206

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crestedbuttenews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:37:22 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: QwFzYrTQ4GUWQQwGgW/h72IrulACNMVpT1il1BZf3yv/zImbsXHiYOIfR27amoxrpwzRTiUaCw4v2gWSOuxnRQ==
x-xss-protection: 0

GET
H2 200 body-bg1.png
crestedbuttenews.com/wp-content/themes/sahifa/images/patterns/ 5 KB
6 KB 466ms
465ms Image
image/png 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/images/patterns/body-bg1.png

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

b21bba2a5f9f66f4ea29660babd03fa1fb7db245f0deecfe16c185a844b8524c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 5548
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:16 GMT
server: openresty
x-php-version: 8.0
etag: "15ac-5b8473d687d00"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 home.png
crestedbuttenews.com/wp-content/themes/sahifa/images/ 1022 B
1 KB 462ms
462ms Image
image/png 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/images/home.png

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 1022
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:16 GMT
server: openresty
x-php-version: 8.0
etag: "3fe-5b8473d687d00"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 cover-2-660x330.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 105 KB
105 KB 463ms
463ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/cover-2-660x330.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

7a555efca470ad38dec99b82314f87797a7e26152fb51140ff9f01119fa6a03f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 107072
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:40:15 GMT
server: openresty
x-php-version: 8.0
etag: "1a240-5ff39f1a18344"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 news-2-660x330.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 72 KB
73 KB 457ms
457ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/news-2-660x330.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

fc915f6989fc30cbe0887118d75bf4b3fa15852a7124d07f089dd8ec01cc611f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 74151
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:38:35 GMT
server: openresty
x-php-version: 8.0
etag: "121a7-5ff39eba22f68"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 editorial-1-660x330.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 103 KB
104 KB 460ms
459ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/editorial-1-660x330.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

f7ddc5ef42363ae3280a171e64ada4f8e1042c177993ce4762bf1cd86a22186b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 105490
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:37:40 GMT
server: openresty
x-php-version: 8.0
etag: "19c12-5ff39e860b1b6"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 profile-660x330.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 72 KB
72 KB 463ms
462ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/profile-660x330.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

7be2468eb703df5aee76a00971477bbb3d05c09f2428ff208011fd846443b48e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 73289
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:36:43 GMT
server: openresty
x-php-version: 8.0
etag: "11e49-5ff39e4f564c1"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 sports-2-660x330.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 102 KB
102 KB 463ms
462ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/sports-2-660x330.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

e3fa28dabe8b86424c3ce52ab96ef6611d65248a13cc6752d3eb2c8b0eefc35d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 104214
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:35:45 GMT
server: openresty
x-php-version: 8.0
etag: "19716-5ff39e1855cd9"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 stripe.png
crestedbuttenews.com/wp-content/themes/sahifa/images/ 93 B
498 B 463ms
463ms Image
image/png 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/images/stripe.png

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 93
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:16 GMT
server: openresty
x-php-version: 8.0
etag: "5d-5b8473d687d00"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 38ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://crestedbuttenews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 05:36:35 GMT
x-content-type-options: nosniff
age: 446447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 05:36:35 GMT

GET
H2 200 fontawesome-webfont.woff2
crestedbuttenews.com/wp-content/themes/sahifa/fonts/fontawesome/ 70 KB
71 KB 460ms
460ms Font
font/woff2 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css
Origin: https://crestedbuttenews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 71896
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:16 GMT
server: openresty
x-php-version: 8.0
etag: "118d8-5b8473d687d00"
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://crestedbuttenews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:45:43 GMT
x-content-type-options: nosniff
age: 481899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 19:45:43 GMT

GET
H2 200 BebasNeue-webfont.woff
crestedbuttenews.com/wp-content/themes/sahifa/fonts/BebasNeue/ 20 KB
20 KB 458ms
457ms Font
font/woff 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css
Origin: https://crestedbuttenews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 19996
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:16 GMT
server: openresty
x-php-version: 8.0
etag: "4e1c-5b8473d687d00"
content-type: font/woff
access-control-allow-origin: *
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 fontello.woff
crestedbuttenews.com/wp-content/themes/sahifa/fonts/tiefont/ 6 KB
7 KB 445ms
445ms Font
font/woff 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://crestedbuttenews.com/wp-content/themes/sahifa/fonts/tiefont/fontello.woff

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

f9179f4383ccee61bd4cd924e8b5720c3c5dc0c7f62da319bb28e49fd09ef505

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crestedbuttenews.com/wp-content/themes/sahifa/style.css
Origin: https://crestedbuttenews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116617
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 6332
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 03:43:16 GMT
server: openresty
x-php-version: 8.0
etag: "18bc-5b8473d687d00"
content-type: font/woff
access-control-allow-origin: *
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 news-2-310x165.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 27 KB
28 KB 433ms
432ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/news-2-310x165.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

1221dc592dec468fd96f47cba45f32ba9846858f0503e2baf7dc76e812890be5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 27764
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:38:34 GMT
server: openresty
x-php-version: 8.0
etag: "6c74-5ff39eba0db8f"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 sports-2-310x165.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 35 KB
35 KB 431ms
430ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/sports-2-310x165.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

6d02b3bc75d2e0f055ae12fd2c5825a210b014c87691481031312949f1a6c62c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 35373
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:35:45 GMT
server: openresty
x-php-version: 8.0
etag: "8a2d-5ff39e1840130"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 sports-1-110x75.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 21 KB
21 KB 430ms
429ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/sports-1-110x75.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

25d29a28a83c8d56afa54bbff3a8b118b3ff63b5eda80cffc07d158b1af1568a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116574
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 21259
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Jun 2023 22:06:02 GMT
server: openresty
x-php-version: 8.0
etag: "530b-5feaaf93cc977"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 editorial-1-310x165.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 37 KB
38 KB 435ms
434ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/editorial-1-310x165.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

99c8bb17a9c512620a1447a6529f18aedfe8b6f8f8bc99ba75776f8e0f9b542c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 38010
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:37:40 GMT
server: openresty
x-php-version: 8.0
etag: "947a-5ff39e85f5ddd"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 editoria-110x75.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 11 KB
12 KB 436ms
435ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/editoria-110x75.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

80622e4f7c84c66ec40fadff152b90223f0aeac545d718e46a8f0828187b3d8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116574
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 11726
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Jun 2023 22:08:31 GMT
server: openresty
x-php-version: 8.0
etag: "2dce-5feab02195e89"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 editorial-110x75.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 17 KB
17 KB 436ms
435ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/editorial-110x75.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

f27ae738ccba56fad18d26fc1b17aa724538524f967502c9c570ae8e6be77ef0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 17207
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Jun 2023 22:53:58 GMT
server: openresty
x-php-version: 8.0
etag: "4337-5fe1ed3bfdc79"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 Scenic_tulips-110x75.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 21 KB
21 KB 437ms
436ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/Scenic_tulips-110x75.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

293811b3e91faebd5d54dace88d6c1e31f3a9b690e74edaaaa73b8589af9fd21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 21448
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jun 2023 23:05:10 GMT
server: openresty
x-php-version: 8.0
etag: "53c8-5fd922aebbd89"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 editorial-1-110x75.jpg
crestedbuttenews.com/wp-content/uploads/2023/05/ 22 KB
22 KB 435ms
434ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/05/editorial-1-110x75.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

58f207d424ec861b4f337ada375e3acff5c0adf19ec7a81169aed42e49475491

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 22552
x-xss-protection: 1; mode=block
last-modified: Wed, 31 May 2023 23:23:36 GMT
server: openresty
x-php-version: 8.0
etag: "5818-5fd059bf5a180"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 profile-310x165.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 31 KB
32 KB 436ms
436ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/profile-310x165.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

153d6354cdf7af05035d85b7bcbb9770d218d87b932e36248ddf2d7d974fa98e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116696
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 32170
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 00:36:42 GMT
server: openresty
x-php-version: 8.0
etag: "7daa-5ff39e4f3f978"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 calendarFeaturedImage-660x330-1-110x75.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 2 KB
3 KB 436ms
435ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/calendarFeaturedImage-660x330-1-110x75.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

eee1ff13935e1f6a8d9265dcbe66bca18ee99523217f7703ba1afb51ec7677b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 2477
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jun 2023 22:47:48 GMT
server: openresty
x-php-version: 8.0
etag: "9ad-5fd91eccbc67d"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 online-extra-v2-110x75.jpg
crestedbuttenews.com/wp-content/uploads/2023/06/ 19 KB
19 KB 434ms
434ms Image
image/jpeg 104.238.71.109
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crestedbuttenews.com/wp-content/uploads/2023/06/online-extra-v2-110x75.jpg

Requested by

Host: crestedbuttenews.com
URL: https://crestedbuttenews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.238.71.109 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

109.71.238.104.host.secureserver.net

Software

openresty /

Resource Hash

312bdfaae39ee623949f74c9db18ff0a69c9bee83de5a280022deba7a77beaa1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:41:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 116573
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 19324
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Jun 2023 22:52:15 GMT
server: openresty
x-php-version: 8.0
etag: "4b7c-5fe1ecd9876b5"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
224 B 17ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1602934819&t=pageview&_s=1&dl=https%3A%2F%2Fcrestedbuttenews.com%2F&ul=en-us&de=UTF-8&dt=The%20Crested%20Butte%20News%20%E2%80%93%20Serving%20the%20Gunnison%20Valley%20since%201999&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=566661073&gjid=582526650&cid=1414009158.1688117843&tid=UA-150104489-1&_gid=438453988.1688117843&_r=1&_slc=1&z=724337044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

45e46c6bfc4842f25df70b332f805d78e4b8cd63b9cf2face263dbdd24523e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://crestedbuttenews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:37:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crestedbuttenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 51ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K2N9NM2NZ3&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c1964bd4c9bcdf8d579c90a267a10087e8291b63a463e1d11c02baa7e70bfdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:37:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82091
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Jun 2023 09:37:22 GMT

GET
H2 200 N5m2lTQ0oys.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ Frame 572E 30 KB
8 KB 34ms
10ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/N5m2lTQ0oys.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/CrestedButteNews&width=300&height=250&show_faces=true&header=false&stream=false&show_border=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a9733ad28f960cfeb8bdc53ff8162cb8d8511cb56176acfacf4da436e3636d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: eERp4LcHlnnqgTx6SsQnVg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7302
x-fb-debug: qLORMsvsU2Ly6MTR02DXdAypLeD5bKEQnZ2wsvpi7wRrNuI17oNB6PslcMhSvb6EfjzEinYc/oXtoUX6K/3ZrA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 28 Jun 2024 16:37:21 GMT

GET
H2 200 qWNhkXTDn4y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 572E 307 KB
82 KB 41ms
16ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/qWNhkXTDn4y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d63570ce6ad4241794283d202e20e0156cc61486dd161d32f3529db66326ed57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: UoIM+atj4qoeoWF7xBju0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83367
x-fb-debug: +5Cx5rKQKxF5sn9cSto20w50fVP0ifNnHZQ1Yg3opUg1jBXd0DAj8kqog1Sgil/AI81IfdoDT+w9269ROy+RJg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 28 Jun 2024 04:45:28 GMT

GET
H2 200 Kn9xthnTuGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 572E 5 KB
2 KB 35ms
11ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/Kn9xthnTuGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a107095a2bb939f925a4f19ababd030f322c4a9b54fa99e09294fd0c52adb9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lrpknL11bTHuCoMFPW3YQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1626
x-fb-debug: ZubvH/KtYAsh2dp9uY02FuDJAunR++bdC2qCC5xtHPKth+fugKuN98WK0496YCKO8PTeGhMmI8DqyHvxjegACQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 28 Jun 2024 16:37:16 GMT

GET
H2 200 pijRMKHCcB_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 572E 84 KB
26 KB 41ms
16ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/pijRMKHCcB_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41713a5542354ed316cea27da9dcc00457e1621a136cdfd0c7f819709bbcb6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: n3t7Km4nwDXaR3zAYtStqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26072
x-fb-debug: WHsl5fj+2nL8xMcmsd9hhMuXqs8SzPjhX3ciJRQBTSYareEaS7r3UPslo3E20plbPaUkWEDAzg5w5knIU0s63A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 28 Jun 2024 04:45:28 GMT

GET
H2 200 zYMf62EflCf.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yp/l/de_DE/ Frame 572E 103 KB
30 KB 54ms
30ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yp/l/de_DE/zYMf62EflCf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f247b2fe92373eea28d33ce1e0fdd8162cc7035f9f0fdb72f3aa6459d15d879f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Lee+LrtkI3aWBaVfZ1OzYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30613
x-fb-debug: Z7JazmL3/8mxRMavC0a2okV2rmSwTnZf3hhYu4Gsw+EuHMYx2KxgU8g8qsgKv6YiAr1UdLBqiVZs+PgeKGc2bg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 27 Jun 2024 19:01:44 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 572E 507 B
629 B 55ms
31ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-debug: PnPbqOs9vuzAiOmkyxOcn1LQvjWgKrs5lqz9XWIXdC+UY2qK2kmMAIDPGaglB5B9/HRYwE+p1XmGSAww0uaUgA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 20 Jun 2024 19:54:23 GMT

GET
H2 200 162112125_218974496356449_5343528344511591684_n.jpg
scontent-cdg4-2.xx.fbcdn.net/v/t1.6435-9/ Frame 572E 8 KB
8 KB 98ms
16ms Image
image/jpeg 2a03:2880:f08e:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-cdg4-2.xx.fbcdn.net/v/t1.6435-9/162112125_218974496356449_5343528344511591684_n.jpg?stp=dst-jpg_p130x130&_nc_cat=109&ccb=1-7&_nc_sid=dd9801&_nc_ohc=bkq8vGxk6N4AX9lrRy_&_nc_ht=scontent-cdg4-2.xx&edm=AEDRbFQEAAAA&oh=00_AfA5uQzAIFiE7QBSBg9DtDqqtOYjAbSNl9o9lCb-Wfr6PA&oe=64C5FEB6
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/CrestedButteNews&width=300&height=250&show_faces=true&header=false&stream=false&show_border=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f08e:100:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: be6c4a3f474bae7bba8ebb55d004b444e26279abf185554c1aff795d2b259b70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-haystack-needlechecksum: 361314669
date: Fri, 30 Jun 2023 09:37:23 GMT
x-fbtype: 6435
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 18 Mar 2021 13:45:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3212950390
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2021195393
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 8159

GET
H2 200 162299507_218974503023115_5622829560075167562_n.jpg
scontent-cdg4-3.xx.fbcdn.net/v/t1.6435-1/ Frame 572E 1 KB
2 KB 96ms
15ms Image
image/jpeg 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-cdg4-3.xx.fbcdn.net/v/t1.6435-1/162299507_218974503023115_5622829560075167562_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=IO6OWjQOdd0AX8btbai&_nc_ht=scontent-cdg4-3.xx&edm=AEDRbFQEAAAA&oh=00_AfDX929e78Q6ez8xsbBmDNnSq4Dq9TdSA6RSZFgm1nF0CA&oe=64C61F49
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/CrestedButteNews&width=300&height=250&show_faces=true&header=false&stream=false&show_border=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 567ae338aae0c307e3bed1026daa9909820914f6257828986a4eaea88b9685b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-haystack-needlechecksum: 1635011360
date: Fri, 30 Jun 2023 09:37:23 GMT
x-fbtype: 6435
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 18 Mar 2021 13:45:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1259498444
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3203158091
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1247

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 94ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K2N9NM2NZ3&gtm=45je36s0&_p=1602934819&ul=en-us&sr=1600x1200&cid=1414009158.1688117843&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EhA&ngs=1&_s=1&dl=https%3A%2F%2Fcrestedbuttenews.com%2F&dt=The%20Crested%20Butte%20News%20%E2%80%93%20Serving%20the%20Gunnison%20Valley%20since%201999&sid=1688117842&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K2N9NM2NZ3&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:37:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crestedbuttenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 75ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K2N9NM2NZ3&gtm=45je36s0&_p=1602934819&ul=en-us&sr=1600x1200&cid=1414009158.1688117843&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABg&ngs=1&_s=2&dl=https%3A%2F%2Fcrestedbuttenews.com%2F&dt=The%20Crested%20Butte%20News%20%E2%80%93%20Serving%20the%20Gunnison%20Valley%20since%201999&sid=1688117842&sct=1&seg=0&en=farnan_weather&_c=1&_et=21
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K2N9NM2NZ3&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:37:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crestedbuttenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 64ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K2N9NM2NZ3&gtm=45je36s0&_p=1602934819&ul=en-us&sr=1600x1200&cid=1414009158.1688117843&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABg&ngs=1&_s=3&dl=https%3A%2F%2Fcrestedbuttenews.com%2F&dt=The%20Crested%20Butte%20News%20%E2%80%93%20Serving%20the%20Gunnison%20Valley%20since%201999&sid=1688117842&sct=1&seg=0&en=farnan_aperture&_c=1&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K2N9NM2NZ3&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:37:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crestedbuttenews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 572E 573 B
709 B 23ms
11ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/N5m2lTQ0oys.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/N5m2lTQ0oys.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:37:23 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-debug: f/vFiJBNbDqjP8pQ0udr2V3mbDALfPh89/HE7tG/Bc07q2rCR7RrYdrqc0SYxVPIGzokdPFeoc0CsZS/8k8+7A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 20 Jun 2024 23:50:59 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
285 B 153ms
97ms XHR
image/gif 2a02:26f0:480:d::210:f149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1688117842974&dh=crestedbuttenews.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&vci=153264460&cv=2.0.1&z=19598870&vg=6bd29b0b-7a8b-5944-9a30-b4de86ab3a71&vtg=6bd29b0b-7a8b-5944-9a30-b4de86ab3a71&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22ae324cbd-e320-2658-b33b-ec264e31161c.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data14%22%2C%22xid%22%3A%2243428011%22%2C%22wp%22%3A%226.2.2%22%2C%22php%22%3A%228.0.27%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-classic-editor%22%2C%22theme%22%3A%22sahifa%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22652%22%2C%22wp_alloptions_bytes%22%3A%22235460%22%7D&hit_id=7a434f15-8470-564c-8fe5-ca309d9bc5a3&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:d::210:f149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Fri, 30 Jun 2023 09:37:24 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://crestedbuttenews.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
285 B 150ms
98ms XHR
image/gif 2a02:26f0:480:d::210:f149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1688117844038&dh=crestedbuttenews.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&vci=153264460&cv=2.0.1&z=1384654610&vg=6bd29b0b-7a8b-5944-9a30-b4de86ab3a71&vtg=6bd29b0b-7a8b-5944-9a30-b4de86ab3a71&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22ae324cbd-e320-2658-b33b-ec264e31161c.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data14%22%2C%22xid%22%3A%2243428011%22%2C%22wp%22%3A%226.2.2%22%2C%22php%22%3A%228.0.27%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-classic-editor%22%2C%22theme%22%3A%22sahifa%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22652%22%2C%22wp_alloptions_bytes%22%3A%22235460%22%7D&hit_id=ecf88c21-dd72-5fe6-8525-ea7986580e66&ht=perf&tce=1688117841971&tcs=1688117841656&tdc=1688117844034&tdclee=1688117843034&tdcles=1688117843034&tdi=1688117843034&tdl=1688117842284&tdle=1688117841656&tdls=1688117841656&tfs=1688117841655&tns=1688117841315&trqs=1688117841971&tre=1688117842282&trps=1688117842281&tles=1688117844034&tlee=0&nt=navigate&lcp=1575&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:d::210:f149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crestedbuttenews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Fri, 30 Jun 2023 09:37:24 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://crestedbuttenews.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crestedbuttenews.com/	1970-01-20 22:31:17	Name: _ga Value: GA1.2.1414009158.1688117843
.crestedbuttenews.com/	1970-01-20 12:56:44	Name: _gid Value: GA1.2.438453988.1688117843
.crestedbuttenews.com/	1970-01-20 12:55:17	Name: _gat Value: 1
.crestedbuttenews.com/	1970-01-20 21:40:53	Name: _tccl_visitor Value: 6bd29b0b-7a8b-5944-9a30-b4de86ab3a71
.crestedbuttenews.com/	1970-01-20 12:55:19	Name: _tccl_visit Value: 6bd29b0b-7a8b-5944-9a30-b4de86ab3a71
.crestedbuttenews.com/	1970-01-20 22:31:17	Name: _ga_K2N9NM2NZ3 Value: GS1.2.1688117842.1.0.1688117843.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crestedbuttenews.com
etypeproductionstorage1.blob.core.windows.net
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
img6.wsimg.com
region1.google-analytics.com
scontent-cdg4-2.xx.fbcdn.net
scontent-cdg4-3.xx.fbcdn.net
static.xx.fbcdn.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.238.71.109
20.150.38.36
2001:4860:4802:32::36
23.53.42.160
2a00:1450:4001:806::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::2008
2a02:26f0:480:d::210:f149
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f08e:100:face:b00c:0:3
2a03:2880:f08e:219:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
1221dc592dec468fd96f47cba45f32ba9846858f0503e2baf7dc76e812890be5
153d6354cdf7af05035d85b7bcbb9770d218d87b932e36248ddf2d7d974fa98e
1ec902482e75a3e747f9b1775dd2bec2fafee4e6aa1e7c21ae060192e915583a
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
25d29a28a83c8d56afa54bbff3a8b118b3ff63b5eda80cffc07d158b1af1568a
293811b3e91faebd5d54dace88d6c1e31f3a9b690e74edaaaa73b8589af9fd21
2d3abbf86bbcb789dbe7a76c7e3ce0a2c5a7d5bdb06a0c675d961db7cef1cab4
312bdfaae39ee623949f74c9db18ff0a69c9bee83de5a280022deba7a77beaa1
331a111cb48540d3c4f331d7fc2683e174abcb2c4053a3c7850f07085a9085de
41713a5542354ed316cea27da9dcc00457e1621a136cdfd0c7f819709bbcb6a0
45e46c6bfc4842f25df70b332f805d78e4b8cd63b9cf2face263dbdd24523e60
469168910a4d0aad0f0d2649bbfd45beb7a88e82b9b94f0be9b4feb988bf82e3
49242b8b531bfc4f0cfe1aa772cde9cad81f15c60055d6a2a6f00796642939a8
4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821
4c1964bd4c9bcdf8d579c90a267a10087e8291b63a463e1d11c02baa7e70bfdf
4ed996bb1a2f00fb5189d6d464fa49ad9c571dadc1b964e1467881555a5044fb
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
567ae338aae0c307e3bed1026daa9909820914f6257828986a4eaea88b9685b8
58f207d424ec861b4f337ada375e3acff5c0adf19ec7a81169aed42e49475491
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
624bb0d552a9d45d646e8194bfe5056cc17014f85b1d0a2a1cd90405fcf11206
6d02b3bc75d2e0f055ae12fd2c5825a210b014c87691481031312949f1a6c62c
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7a555efca470ad38dec99b82314f87797a7e26152fb51140ff9f01119fa6a03f
7be2468eb703df5aee76a00971477bbb3d05c09f2428ff208011fd846443b48e
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f2b539dd331bd1ec071777665aa0b2375a7874c56ad429871585d9213722edb
80622e4f7c84c66ec40fadff152b90223f0aeac545d718e46a8f0828187b3d8b
91e5298542e3c7181f5e2e4ba50246e89f94752c7bb1e90d0599028a03fa0d7d
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99c8bb17a9c512620a1447a6529f18aedfe8b6f8f8bc99ba75776f8e0f9b542c
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a09ecfaf04a22ad6ba700cc42ee17c7065fd77acd97e26149c842f32af74e176
a107095a2bb939f925a4f19ababd030f322c4a9b54fa99e09294fd0c52adb9b1
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62
a55400ff906de5500999ac42f49e810eb1d3399d690806525ae9d7441455f2aa
a8fb3df0e4d03c673f89e10c17391d502b780c6655f033cec0ed91233a8a9c2f
a9733ad28f960cfeb8bdc53ff8162cb8d8511cb56176acfacf4da436e3636d7e
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21bba2a5f9f66f4ea29660babd03fa1fb7db245f0deecfe16c185a844b8524c
be6c4a3f474bae7bba8ebb55d004b444e26279abf185554c1aff795d2b259b70
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
d63570ce6ad4241794283d202e20e0156cc61486dd161d32f3529db66326ed57
d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca
dbd82ca8f33e5969555086fbb3639c8398a7b2fa334b1e41bae766a380aab565
dc56a26cec1456ab1fbd6f9fc2ffc6acf0372401701685ab241117f20e50ae2e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e288e4be389f0334bbb34b296c193f5e570ba18b71a62ce9a45eefa362de1fdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa28dabe8b86424c3ce52ab96ef6611d65248a13cc6752d3eb2c8b0eefc35d
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
eee1ff13935e1f6a8d9265dcbe66bca18ee99523217f7703ba1afb51ec7677b9
f247b2fe92373eea28d33ce1e0fdd8162cc7035f9f0fdb72f3aa6459d15d879f
f27ae738ccba56fad18d26fc1b17aa724538524f967502c9c570ae8e6be77ef0
f7ddc5ef42363ae3280a171e64ada4f8e1042c177993ce4762bf1cd86a22186b
f9179f4383ccee61bd4cd924e8b5720c3c5dc0c7f62da319bb28e49fd09ef505
fc915f6989fc30cbe0887118d75bf4b3fa15852a7124d07f089dd8ec01cc611f
ff4469ce1485439442e1db632244d083dbd39ddf40602f88b94c77823d244945

crestedbuttenews.com Open in urlscan Pro 104.238.71.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

97 %HTTPS

77 %IPv6

10 Domains

14 Subdomains

13 IPs

3 Countries

2189 kBTransfer

3343 kBSize

6 Cookies

16 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

crestedbuttenews.com Open in urlscan Pro
104.238.71.109 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

97 %
HTTPS

77 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

2189 kB
Transfer

3343 kB
Size

6
Cookies

71 HTTP transactions
0 data transactions