www.newson6.com Open in urlscan Pro
2600:9000:206f:ca00:1c:8a47:ec00:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-w...
Submission: On March 02 via api (March 2nd 2022, 11:31:13 am UTC) from US — Scanned from DE

Summary HTTP 148 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 51 IPs in 8 countries across 44 domains to perform 148 HTTP transactions. The main IP is 2600:9000:206f:ca00:1c:8a47:ec00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.newson6.com. The Cisco Umbrella rank of the primary domain is 163907.
TLS certificate: Issued by Amazon on February 14th 2022. Valid for: a year.

This is the only time www.newson6.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2600:9000:206... 2600:9000:206f:ca00:1c:8a47:ec00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
4	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.60.230 104.16.60.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.16.58.230 104.16.58.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2600:9000:205... 2600:9000:2057:b600:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.88.120.28 3.88.120.28	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.139.185 52.217.139.185	16509 (AMAZON-02) (AMAZON-02)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:214... 2600:9000:214f:9800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	213.19.147.43 213.19.147.43	26120 (RHYTHMONE) (RHYTHMONE)
1	18.184.249.62 18.184.249.62	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2 6	99.86.7.34 99.86.7.34	16509 (AMAZON-02) (AMAZON-02)
6	3.92.67.221 3.92.67.221	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
3	2600:1f18:44f... 2600:1f18:44f0:4832:d1c0:ca07:da34:7495	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:4466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	50.17.45.48 50.17.45.48	14618 (AMAZON-AES) (AMAZON-AES)
2	35.227.246.163 35.227.246.163	15169 (GOOGLE) (GOOGLE)
7	54.162.254.217 54.162.254.217	14618 (AMAZON-AES) (AMAZON-AES)
1	35.227.201.248 35.227.201.248	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.7.205 51.89.7.205	16276 (OVH) (OVH)
148	51

14 2600:9000:206f:ca00:1c:8a47:ec00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.newson6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.yieldlift.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

griffin-communications.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.60.230 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.64.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

voraciousgrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.58.230 (None, )

ASN13335 (CLOUDFLARENET, US)

player.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redirect.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:2057:b600:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.88.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-120-28.compute-1.amazonaws.com

baron.kotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.139.185 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

hot-town-closings.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.yieldlift.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.249.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-249-62.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

os4m-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.7.34 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-34.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.92.67.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-67-221.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:44f0:4832:d1c0:ca07:da34:7495 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.17.45.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-45-48.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.246.163 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 163.246.227.35.bc.googleusercontent.com

rdc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.162.254.217 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-254-217.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
notifications.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.201.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.201.227.35.bc.googleusercontent.com

geoloc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.7.205 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p28.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 10175	372 KB
14	newson6.com www.newson6.com — Cisco Umbrella Rank: 163907	450 KB
13	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 10405 livecomments.viafoura.co — Cisco Umbrella Rank: 11120 i.viafoura.co — Cisco Umbrella Rank: 10387 notifications.viafoura.co — Cisco Umbrella Rank: 11567	6 KB
9	field59.com cdn.field59.com — Cisco Umbrella Rank: 30976 player.field59.com — Cisco Umbrella Rank: 24238 redirect.field59.com — Cisco Umbrella Rank: 116697	517 KB
7	voraciousgrip.com voraciousgrip.com — Cisco Umbrella Rank: 176729	224 KB
7	yieldlift.io player.yieldlift.io — Cisco Umbrella Rank: 59997 ghb.yieldlift.io — Cisco Umbrella Rank: 81409	143 KB
6	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 935	4 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 125	3 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 689 gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185	3 KB
6	gstatic.com fonts.gstatic.com	136 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1373 m.addthis.com — Cisco Umbrella Rank: 1332	218 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 399	194 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	150 KB
3	m32.media rdc.m32.media — Cisco Umbrella Rank: 22823 geoloc.m32.media — Cisco Umbrella Rank: 23610	18 KB
3	taboola.com c2.taboola.com — Cisco Umbrella Rank: 6920 cdn.taboola.com — Cisco Umbrella Rank: 971 trc.taboola.com Failed	185 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	59 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	138 KB
2	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3104	34 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 709	171 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 488	533 B
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 87574	3 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1542	743 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	13 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	28 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 329	1 KB
1	33across.com ssc.33across.com — Cisco Umbrella Rank: 1316	324 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 594	745 B
1	openx.net os4m-d.openx.net — Cisco Umbrella Rank: 21383	379 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 409	1 KB
1	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1957	371 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 412	1 KB
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1440	845 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 205	817 B
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 989	114 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 500	481 B
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 4912	1 KB
1	amazonaws.com hot-town-closings.s3.amazonaws.com — Cisco Umbrella Rank: 197822	507 B
1	kotv.com baron.kotv.com — Cisco Umbrella Rank: 246955	1018 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3112	115 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	59 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181	18 KB
1	akamaized.net griffin-communications.akamaized.net — Cisco Umbrella Rank: 156359	2 KB
0	pubmatic.com Failed hbopenbid.pubmatic.com Failed
148	44

	Domain	Requested by
22	cdn.viafoura.net	www.newson6.com cdn.viafoura.net
14	www.newson6.com	www.newson6.com
7	voraciousgrip.com	www.newson6.com voraciousgrip.com
6	livecomments.viafoura.co	cdn.viafoura.net
6	jadserve.postrelease.com	s.ntv.io www.newson6.com
6	sb.scorecardresearch.com	2 redirects www.newson6.com cdn.taboola.com
6	fonts.gstatic.com	fonts.googleapis.com
4	ghb.yieldlift.io	player.yieldlift.io
4	s7.addthis.com	www.newson6.com s7.addthis.com
3	gum.criteo.com	1 redirects static.criteo.net
3	i.viafoura.co
3	api.viafoura.co	cdn.viafoura.net
3	redirect.field59.com	www.newson6.com
3	player.field59.com	www.newson6.com player.field59.com
3	fonts.googleapis.com	www.newson6.com voraciousgrip.com client
3	cdn.field59.com	www.newson6.com player.field59.com
3	player.yieldlift.io	www.newson6.com player.yieldlift.io
3	securepubads.g.doubleclick.net	www.newson6.com securepubads.g.doubleclick.net
2	mug.criteo.com
2	static.criteo.net	player.yieldlift.io static.criteo.net
2	rdc.m32.media	cdn.viafoura.net rdc.m32.media
2	s0.2mdn.net	player.field59.com s0.2mdn.net
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	targeting.unrulymedia.com	player.yieldlift.io
2	cdn.taboola.com	www.newson6.com cdn.taboola.com
1	id5-sync.com	player.yieldlift.io
1	geoloc.m32.media	rdc.m32.media
1	notifications.viafoura.co	cdn.viafoura.net
1	images.getadmiral.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	pagead2.googlesyndication.com	srcdoc
1	imasdk.googleapis.com	s0.2mdn.net
1	www.googletagservices.com	player.field59.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	z.moatads.com	s7.addthis.com
1	ssc.33across.com	player.yieldlift.io
1	ap.lijit.com	player.yieldlift.io
1	bidder.criteo.com	player.yieldlift.io
1	os4m-d.openx.net	player.yieldlift.io
1	htlb.casalemedia.com	player.yieldlift.io
1	web.hb.ad.cpe.dotomi.com	player.yieldlift.io
1	fastlane.rubiconproject.com	player.yieldlift.io
1	apex.go.sonobi.com	player.yieldlift.io
1	ib.adnxs.com	player.yieldlift.io
1	btlr.sharethrough.com	player.yieldlift.io
1	static.adsafeprotected.com	www.newson6.com
1	player.adtelligent.com	player.yieldlift.io
1	hot-town-closings.s3.amazonaws.com	www.newson6.com
1	baron.kotv.com	www.newson6.com
1	s.ntv.io	www.newson6.com
1	www.googletagmanager.com	www.newson6.com
1	stackpath.bootstrapcdn.com	www.newson6.com
1	griffin-communications.akamaized.net	www.newson6.com
1	c2.taboola.com	www.newson6.com
0	trc.taboola.com Failed	cdn.taboola.com
0	hbopenbid.pubmatic.com Failed	player.yieldlift.io
148	58

This site contains links to these domains. Also see Links.

Domain
reviews.newson6.com
workforcenow.adp.com
bit.ly
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.google.com
griffincommunications.net
griffin-communications.akamaized.net
optout.aboutads.info
publicfiles.fcc.gov
www.news9.com
getadmiral.com
www.addthis.com

Subject Issuer	Validity	Valid
*.newson6.com Amazon	`2022-02-14` - `2023-03-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
player.yieldlift.io R3	`2022-01-30` - `2022-04-30`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
voraciousgrip.com R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
viafoura.com Amazon	`2021-10-07` - `2022-11-05`	a year	crt.sh
*.kotv.com Amazon	`2021-09-13` - `2022-10-12`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
player.adtelligent.com R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
ghb.yieldlift.io ZeroSSL ECC Domain Secure Site CA	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2021-05-13` - `2022-05-12`	a year	crt.sh
*.m32.media Sectigo RSA Domain Validation Secure Server CA	`2021-12-16` - `2023-01-16`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Frame ID: 9F66E6E3DCA676D4F2DAD51185754D7F
Requests: 137 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: 5E9C3958259AEF657639B0482BFDAD11
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D4F5785A73DE2437F7F794C04FDFADE7
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: EE5212957FC2722118689FDD5630D20F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 62388962D463DA66291205DD984D1466
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newson6.com&gdpr=1&gdpr_consent=
Frame ID: C20BB4C2D72A73917A4346C6F7729781
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oklahomans Enjoy Arvest Winterfest On Christmas Eve Despite The Warm TemperaturesNews On 6 user-signalchecklistsettings-toggle-horizontalFacebookTwitterEmailCopy LinkFacebookTwitterEmailCopy Link

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

148
Requests

96 %
HTTPS

42 %
IPv6

44
Domains

58
Subdomains

51
IPs

8
Countries

3121 kB
Transfer

10232 kB
Size

31
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://reviews.newson6.com/
Title: Buying Guides

Search URL Search Domain Scan URL

URL: https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=54733210-d9a2-4046-a182-316ad78bb00a&lang=en_US&selectedMenuKey=CurrentOpenings
Title: Job Listings

Search URL Search Domain Scan URL

URL: https://bit.ly/PowerByViafoura

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NewsOn6/

Search URL Search Domain Scan URL

URL: https://twitter.com/NewsOn6

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newson6kotv/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheNewsOn6

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/News+On+6+KOTV/@36.160321,-95.9947127,17z/data=!3m1!4b1!4m5!3m4!1s0x87b6eb7fa4d01791:0xd95893ab6017140b!8m2!3d36.160321!4d-95.992524

Search URL Search Domain Scan URL

URL: http://griffincommunications.net/
Title: Griffin Communications.

Search URL Search Domain Scan URL

URL: https://griffin-communications.akamaized.net/legal/ko-kq-eeo.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/#!/
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KOTV-DT
Title: KOTV Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kqcw-dt
Title: KQCW Public Inspection File

Search URL Search Domain Scan URL

URL: https://www.news9.com/story/5f9af35232b26d4683a616e5/griffin-communications-fcc-license-application-posting
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.newson6.com&utm_medium=pb&session=5-dbfa134b5b74b97126152154fb98d641-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://sb.scorecardresearch.com/b?c1=2&c2=15283051&ns__t=1646220666465&ns_c=UTF-8&c8=Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1646220666465&ns_c=UTF-8&c8=Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&c9=

Request Chain 91

https://sb.scorecardresearch.com/c2/15283051/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 144

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newson6.com%2F&domain=www.newson6.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=f1PR7HxlMWZWYlA0S1gzMzJCZjZ2cjZBb3pXTnZGam5STHNObTNUY1RPdDc1cDBIZ21sTlZoZk10TlFwWXZLK1N0UlFmVXFPcVc5YldKd3o4ZUZLeWE4L1V6VUtUUTZIUTJSeWQ1THZBOHg0ZHEwejVYd1l2NkZZdnNsQ0hwSXBxSzhrNWRrTmVlWm5McTh6WG9JZkhjQnZVZHMrbFl5MVhIZERqV0VhSkt4c2owNDVvSlVWZldqN3duMzJlUTdlK1pUQ0lEVGx4cnhwUk9Mcll2akhjaU5BZVNWSkwwUEl2bWVGcWJGSlBDM1JpaU44RXdLcjhuSkMzSjFGS0hMUk5YUWFSfA&cppv=2

148 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures Show response
www.newson6.com/story/61c69ed7d303e30bec346a57/ 411 KB
71 KB 371ms
351ms Document
text/html 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

26c4ef99fc29cac0eb9bbfb22924dcfdb6c846e64f1c6a24738f87175c2cd81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Mar 2022 11:31:05 GMT
server: nginx/1.20.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=200
etag: Su2gY+fYH5dkvT3/I09wt0BLsrI=
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: THYXz3Huxqwb3Deth37UFI9LzS5zdQnuT-evvsrBtgnSDu2fBXpipA==

GET
H2 200 bundle-kotv-production.js Show response
www.newson6.com/js/ 381 KB
113 KB 213ms
213ms Script
application/javascript 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

185b3334a6c36404de43de8c5c952a65c5d81b567194b57af5a8af57602ac5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"5f55e-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-timestamp: 1646220665489
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: c4nz7CdR4vJVqyyDrQdZxCCtmrfpagM7kYdWCVqn9V4EbxjfYk_G-A==

GET
H2 200 below-the-fold-bundle-kotv.css
www.newson6.com/css/ 90 KB
16 KB 106ms
106ms Stylesheet
text/css 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/css/below-the-fold-bundle-kotv.css?v=1645636726685

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

93e956d9b215273da41b4747167d7d7a1e37660065fa08231f8e950183a5c79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"16625-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-timestamp: 1646220665398
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: 2KokUMPxj8s3ZNflECFyJIkbQUwwgaNnucGqFN9RHtBybbhGmvAX3g==

GET
H2 200 above-the-fold-bundle-kotv.css
www.newson6.com/css/ 210 KB
39 KB 226ms
225ms Stylesheet
text/css 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/css/above-the-fold-bundle-kotv.css?v=1645636726685

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

97561eb1b3a7b1dbd6e01e3d83e75213bccfff294885b71d89b61b9352d4fd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"34789-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-timestamp: 1646220665591
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: 13NxtBQ1DoMKpfo4JbbeOkzDa36AqJ7vcjvsyOLwA95RN8cPmQxCPg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 119ms
89ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

c5a49437e64a95b9d7c29266d82c60b83dbcf841b7af22bfc8e6950be489035e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27879
x-xss-protection: 0
server: sffe
etag: "1147 / 292 of 1000 / last-modified: 1646214223"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 02 Mar 2022 11:31:05 GMT

GET
H2 200 hb_532954_13595.js Show response
player.yieldlift.io/prebidlink/457283/ 376 KB
113 KB 179ms
107ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 7246c5a733d6ad191c366c439981391bb462aad4705671fa39d318e58f60a607

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 20:24:57 GMT
server: nginx
etag: W/"62193b19-5dfe6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Fri, 04 Mar 2022 11:31:05 GMT

GET
H2 200 wrapper_hb_532954_13595.js Show response
player.yieldlift.io/prebidlink/457283/ 784 B
730 B 212ms
141ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.yieldlift.io/prebidlink/457283/wrapper_hb_532954_13595.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e868fe4e209ab38b2a783a234d12107f115b01b160c691831ad7982448e65d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 06:17:20 GMT
server: nginx
etag: W/"621f0bf0-310"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Fri, 04 Mar 2022 11:31:05 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/griffin-newson6/ 72 KB
18 KB 253ms
226ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/griffin-newson6/newsroom.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11a92f958776c4c95db04e3dcdea3eaad69cb1bd45841f84dc9b328fe78ba280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "05b5292ef5997b2454e6d68c4cd59dd3"
age: 0
x-cache: HIT
content-length: 17938
x-amz-id-2: JPEV1erHAQaPsCDczJYDXIhoCra4Ix8LF1H39CACsYydaoOWuIelmMSgoSVmhyxE3wHL1yLhT7M=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 17 Jan 2022 05:43:35 GMT
server: AmazonS3
x-timer: S1646220666.555111,VS0,VE201
date: Wed, 02 Mar 2022 11:31:05 GMT
vary: Accept-Encoding
x-amz-request-id: SVGWRKFVX1VE6GY4
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 n6logo.svg
www.newson6.com/img/ 1 KB
1 KB 106ms
105ms Image
image/svg+xml 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newson6.com/img/n6logo.svg

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

5e7cb9da834946a345c5f9d60d0c406a6789fcd29b80ea3207fbdd8fcaae4e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"5b1-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-timestamp: 1646220665581
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: xqGd6lml6QHBDkWzSSges7m5L8tb_W91RsJFChjSyx7Ej_gN6YMxTA==

GET
H2 200 n6logoLarge.svg
www.newson6.com/img/ 6 KB
3 KB 210ms
209ms Image
image/svg+xml 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newson6.com/img/n6logoLarge.svg

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

948d657f668ce87cd8b0ef38cb49191b377254366735a5cf23a1db9f614830aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"1626-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-timestamp: 1646220665676
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: WGRFzEcw8do44g8ggBtJa62REpGtKFy4BkHqmdueI_WI88ap1yJSqg==

GET
H2 200 notStreaming.svg
www.newson6.com/img/ 363 B
980 B 127ms
126ms Image
image/svg+xml 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newson6.com/img/notStreaming.svg

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

5e554a79c82d7292297617179cb1ce618b5fc41cb6440da1818d4e521337a186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 363
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"16b-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1646220665594
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: eaBX4CfZP-hdzBlOM2zDRmtAN-L8gY1PiKH2YcVOi3OGvPt0_CQwQA==

GET
H2 200 streaming.svg
www.newson6.com/img/ 419 B
1 KB 139ms
138ms Image
image/svg+xml 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newson6.com/img/streaming.svg

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

7afd1220823e11508d3f03c32dc889df0202be78768e5f19071f003276d54faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 419
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"1a3-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1646220665611
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: OpK1hVaCrw0GGWqaaC78cXOpXizDtW4NW24UQNSEOquTs8A1-fJD7g==

GET
H/1.1 200
OK clear.svg
griffin-communications.akamaized.net/baronIcons/day/ 1 KB
2 KB 995ms
458ms Image
image/svg+xml 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/baronIcons/day/clear.svg
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bdbfd7103de44415a582357fe1360f93792aeb64d61ca2ea35d6b59d92d32b41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 11:31:06 GMT
Last-Modified: Wed, 26 Jun 2019 16:04:30 GMT
Server: AkamaiNetStorage
ETag: "b953377fbfcb22a9fb27ae741a598e43:1580959025.00369"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1502

GET
H2 200 glyphicons-halflings-regular.woff2
stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 133ms
79ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newson6.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 4768351
cdn-cachedat: 2021-07-24 16:51:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6b54366be6798316bda56244adb5d3be
accept-ranges: bytes
cf-ray: 6e59cdd7fc3383a3-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 244ed7d93b4cda0c31a4c66da48ccd67cc004f23.jpg
cdn.field59.com/KOTV/ 276 KB
277 KB 388ms
132ms Image
image/pjpeg 104.16.60.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KOTV/244ed7d93b4cda0c31a4c66da48ccd67cc004f23.jpg
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.60.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb96db8ecfb25256326daedc596be825f4a1359927bd77d5a5050bac7105db27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
cf-cache-status: HIT
x-amz-request-id: SESG4X9CSYBQ12BD
cf-ray: 6e59cdd97eed68e5-FRA
x-amz-replication-status: COMPLETED
content-length: 282921
x-amz-id-2: XtwiKBeVsaBgmp7F5hT2TpPibnNclI/XHbgPpoLlLxHhnyQUIMpJpcRvpqGGTo/1DAB52HkPwRo=
last-modified: Sat, 25 Dec 2021 03:38:36 GMT
server: cloudflare
etag: "ae281375d592d706f0e0fc2ec3592f92-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: xGCihvIy0EHLY2JOMKSd7vQd9Sa6nJ5b
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/pjpeg
expires: Fri, 01 Apr 2022 11:31:05 GMT

GET
H2 200 pubads_impl_2022022401.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
122 KB 8ms
7ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js?cb=31065383

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124299
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 09:41:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 11:08:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 312 B
181 B 38ms
14ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newson6.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

071a3906c43096a22dc94830ccc72ddeef590c91c187f3d4eb9a7dc5ce6609b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
expires: Wed, 02 Mar 2022 11:31:05 GMT

GET
H2 200 fa-solid-900.woff2
www.newson6.com/webfonts/ 74 KB
75 KB 209ms
209ms Font
font/woff2 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/webfonts/fa-solid-900.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 76084
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"12934-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1646220665747
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: AXkPwD6IJNYfRYyYgs_HLLb8WEw7nzvVp6dvUJRTSm-LZA-0qvNLfA==

GET
H2 200 fa-brands-400.woff2
www.newson6.com/webfonts/ 74 KB
75 KB 221ms
218ms Font
font/woff2 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/webfonts/fa-brands-400.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 75936
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"128a0-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1646220665812
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: CTFmOIQyk1aJNSxJ27CvFCYV0mjdydADBemjQSklZnL02Pl-QtYxcw==

GET
H2 200 fa-regular-400.woff2
www.newson6.com/webfonts/ 13 KB
14 KB 219ms
218ms Font
font/woff2 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/webfonts/fa-regular-400.woff2

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 13576
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"3508-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1646220665810
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: r8-aR4EZ6Aeyd5Im8LkoKHPYTqyOVjChcwkVM1XSHd6TB3ycsANRmg==

GET
H2 200 v2uooEiQet-SjRwPJ13nqmcy9XSOVPH9Tx2TdXHXO-IAv-IneTQNHRx2DiAol4Jvr Show response
voraciousgrip.com/ 520 KB
90 KB 275ms
212ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2uooEiQet-SjRwPJ13nqmcy9XSOVPH9Tx2TdXHXO-IAv-IneTQNHRx2DiAol4Jvr

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

8b3bbcbb0495e73eaf207f7a315f780be7e713bcddae562e1b0af8f1bf2f45c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "1106f4f8ce6408112e27222034d4c171238ec5b4fd717ae7dfeca6988dafac9c"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Wed, 02 Mar 2022 11:31:05 GMT
x-buildnumber: 478878929
timing-allow-origin: *

GET
H2 200 v2ejxluzlvspnGx9UWSNyosXUH1-gGos0iNxQUGUyJXHBHZXubDW4XMPjrNN8sAP9BfMc0rfQw9qu7TPhyQ Show response
voraciousgrip.com/ 16 KB
6 KB 206ms
202ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2ejxluzlvspnGx9UWSNyosXUH1-gGos0iNxQUGUyJXHBHZXubDW4XMPjrNN8sAP9BfMc0rfQw9qu7TPhyQ

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

d9667dde01557c23c5024bd665966b568fb4c59507baadfaf4887ecc5b78e12c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "c673613d40172ad7c0e7016e674c1402efed127900b7e8b441b4c56b0ba3bfe6"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Wed, 02 Mar 2022 11:31:05 GMT
x-buildnumber: 478878929
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 94ms
25ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 11:17:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 11:31:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 11:31:05 GMT

GET
H2 200 jquery.min.js Show response
www.newson6.com/js/ 85 KB
30 KB 129ms
127ms Script
application/javascript 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/jquery.min.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"15283-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-timestamp: 1646220665803
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: kq3kQDBVQOfwbbblQD9DKoeQPDv1jgYXHQWrEw9oyqorE3VvVPe1Qw==

GET
H2 200 bootstrap.min.js Show response
www.newson6.com/js/ 36 KB
10 KB 114ms
112ms Script
application/javascript 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/js/bootstrap.min.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"90b5-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-timestamp: 1646220665788
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: EcbhBOZq4t0hYJ-_9Lk7SLRLflAZPc-AyvAaPUdFsnXTkp7MNqJV9w==

GET
H2 200 hbw_master_532954_13595.js Show response
player.yieldlift.io/prebidlink/457283/ 88 KB
28 KB 21ms
21ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.yieldlift.io/prebidlink/457283/hbw_master_532954_13595.js
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/wrapper_hb_532954_13595.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 59caa38d6f589a12460192e57cf0c6c8e9d04f82217d1963cbc8d207f7afd91f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 06:17:20 GMT
server: nginx
etag: W/"621f0bf0-161f4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Fri, 04 Mar 2022 11:31:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 202ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 438183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 25 Feb 2023 09:48:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 201ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 581687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 17:56:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
59 KB 86ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d97e80797005727fc875fad63d6c7cd0a9c6d8a163d8169a937296e1da27ed66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59757
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Mar 2022 11:31:06 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 392 KB
115 KB 125ms
35ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 36a588822bfb9e3d351da79c492ed62f9d98275d59f611a50b0f37ae11731a34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 11:31:06 GMT
Content-Encoding: gzip
x-amz-request-id: Z0CM2CQ8ZKF580NM
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: xO0476HKDo2I2bzrkOt82TIHn1NDM5mgQ+gUqQ9cf8Psk5spTqpqXoQy57zz0TFOHhRx62B7mxo=
Last-Modified: Thu, 10 Feb 2022 22:27:22 GMT
Server: AmazonS3
ETag: "93a3fdf08b1a28e64ac925822f0cc789"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 c6b1fda09219cf33e8fce22c624e5f7b080e002f Show response
player.field59.com/v4/vp/kotv/ 5 KB
3 KB 390ms
224ms Script
application/javascript 104.16.58.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/v4/vp/kotv/c6b1fda09219cf33e8fce22c624e5f7b080e002f
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.58.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 619ad2d8d1f974e9d4e7839a9b16728e00830ae474c111454a8d6c515f3c2e24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Mar 2022 11:31:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 02 Mar 2022 11:46:06 GMT
cache-control: max-age=600, public, s-maxage=600
cf-ray: 6e59cddbfaf79293-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 662 KB
156 KB 76ms
9ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63a22801e7900cf78a218a72dbe07ba3b81fc890f79615ca887f41a5583b80a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: xlhtOTOpYtT_SO16PiSqurxDzuPMPg_r
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:32 GMT
server: AmazonS3
age: 250
etag: W/"a3e9c83e950813aba7fd1c8352288015"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 02 Mar 2022 11:26:57 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Tw3hw1rHDFT8cx-lLq3y3vQIrX_-G33JOQlczxGZupUMU1FTEPxzdQ==

GET
H2 200 zipInput.ejs Show response
www.newson6.com/views/partials/ 648 B
1 KB 106ms
105ms XHR
application/octet-stream 2600:9000:206f:ca00:1c:8a47:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newson6.com/views/partials/zipInput.ejs

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:ca00:1c:8a47:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

320e48973b75574afce198236b2ee06ff1a93843f870334dba25cd7f837af6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 648
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"288-17f27a8faa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=518400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: 48dAFItw9y8w3GmYsbHVZsDe4lvmpvIMoTY2G8pm9kwbvzkHi9BPWw==

GET
H/1.1 200
OK 74120 Show response
baron.kotv.com/reports/metar/zip/ 1 KB
1018 B 466ms
98ms XHR
application/json 3.88.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baron.kotv.com/reports/metar/zip/74120
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-120-28.compute-1.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: e389d734bb33daa0c7a2df92d05b2d9cfa8cd81c81114182a2823702d1afa530

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 11:31:06 GMT
Content-Encoding: gzip
ETag: W/"42b-WedOFOWK0G2CL+s1xf0Uz2/i7UY"
Server: nginx/1.12.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=60
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 613

GET
H/1.1 200
OK kotv-production.js Show response
hot-town-closings.s3.amazonaws.com/ 2 B
507 B 465ms
117ms XHR
application/json 52.217.139.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hot-town-closings.s3.amazonaws.com/kotv-production.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.139.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 11:31:07 GMT
Last-Modified: Wed, 02 Mar 2022 11:26:37 GMT
Server: AmazonS3
x-amz-request-id: 907V12ZBJVZ89YP5
ETag: "d751713988987e9331980363e24189ce"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 2
x-amz-id-2: zD7uuI6xMQfNyYww0UR9Ei/SW3yL5g7jE9ru/sv7aCunzOby9Eunhqnu4A6P4GX1VsbeLqCkx9E=

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 131ms
60ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 02 Mar 2022 11:31:06 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/501024/ 2 KB
1 KB 51ms
6ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/501024/config.json?cb=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 53a40d9b6838b1a9907137a3c2c82629394e9d97acaf5f494ef6799bba31f781

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 00:02:16 GMT
server: nginx
etag: W/"621d6288-824"
content-type: application/json
access-control-allow-origin: https://www.newson6.com
expires: Fri, 04 Mar 2022 11:31:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 acv.json Show response
voraciousgrip.com/ 210 KB
46 KB 71ms
30ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/acv.json

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2uooEiQet-SjRwPJ13nqmcy9XSOVPH9Tx2TdXHXO-IAv-IneTQNHRx2DiAol4Jvr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
last-modified: Fri, 04 Feb 2022 18:27:30 GMT
x-datacenter: gce-europe-west1
date: Wed, 02 Mar 2022 11:31:06 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: application/json
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 478878929
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
accept-ranges: bytes

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 94ms
27ms Image
image/gif 2600:9000:214f:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
age: 17954192
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: dzghQVi7_HM0EbN-7xI1xVdl816Vi2uIgNc3Fqa1n8Qupbtyrx7UQQ==

GET
H/1.1 200
OK / Show response
ghb.yieldlift.io/geo/ 156 B
404 B 194ms
21ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.yieldlift.io/geo/
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hbw_master_532954_13595.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8a53290d8a93023c7eef0d3c444df954b2f77115a3cf3f9351180079011da45c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.newson6.com
Date: Wed, 02 Mar 2022 11:31:06 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 156
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.yieldlift.io/adunit/ 43 B
406 B 185ms
22ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.yieldlift.io/adunit/tracking?event=11&type=0&client_id=532954&site_id=13595&full_page_url=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&adid=9ha3fs.1v&features=16480&vpbv=N051&tte=696&lifecycle_tte=1270
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hbw_master_532954_13595.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.newson6.com
Date: Wed, 02 Mar 2022 11:31:06 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 h180
redirect.field59.com/video/thumb/c6b1fda09219cf33e8fce22c624e5f7b080e002f/w320/ 13 KB
13 KB 538ms
370ms Image
image/jpeg 104.16.58.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/c6b1fda09219cf33e8fce22c624e5f7b080e002f/w320/h180
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.58.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e6402d8044591224c62d8e5f289bb48f807c01dfa03904465ac301c610dd8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
x-image-transform-time: 111.722ms
cf-cache-status: MISS
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 35.851ms
last-modified: Wed, 02 Mar 2022 11:31:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, s-maxage=604800
cf-ray: 6e59cddd680f9b45-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires: Wed, 09 Mar 2022 11:31:06 GMT

GET
H2 200 h180
redirect.field59.com/video/thumb/48573f2ab11309888b27998020d183de592b05c0/w320/ 11 KB
12 KB 196ms
28ms Image
image/jpeg 104.16.58.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/48573f2ab11309888b27998020d183de592b05c0/w320/h180
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.58.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6bc705ba3d26952df648e766605a3322737a442fb37148513a918cf7b838f42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
x-image-transform-time: 71.27ms
cf-cache-status: HIT
age: 22865
cf-polished: origSize=12013, status=webp_bigger
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 20.582ms
last-modified: Wed, 02 Mar 2022 03:49:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 09 Mar 2022 03:49:23 GMT
cache-control: max-age=604800, public, s-maxage=604800
cf-ray: 6e59cddd68139b45-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h180
redirect.field59.com/video/thumb/ab642c1c49033e5e0ddb76f6c7d7d098f02d2a13/w320/ 12 KB
13 KB 193ms
25ms Image
image/jpeg 104.16.58.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/ab642c1c49033e5e0ddb76f6c7d7d098f02d2a13/w320/h180
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.58.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 419aadd1460a44512e76a26585ec916c1faf6599fbeab4795d3ba1958e73d90f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
x-image-transform-time: 98.473ms
cf-cache-status: HIT
age: 20284
cf-polished: origSize=12824, status=webp_bigger
content-length: 12430
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 23.644ms
last-modified: Wed, 02 Mar 2022 04:38:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 09 Mar 2022 04:38:28 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6e59cddd68169b45-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/griffin-newson6/ 498 KB
39 KB 32ms
21ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/griffin-newson6/loader.js
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/js/bundle-kotv-production.js?v=1645636726685
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bdc1665c6729a98596369649190c48e69272c21a46abddecceefd6be59581ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Ds_MKyZi9klpecUo_1S2dcH3DLSVc1n9
content-encoding: gzip
etag: "4feb114aa200e53d5c5eae882a44e957"
age: 1123
x-cache: HIT
content-length: 39120
x-amz-id-2: OqwLBuIY/cyMV2K52glyBUe/mH3CIxkJy0UDwZsww1YrXjkFO6lCsps8R+INTnH4M3nYX1RfUUY=
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 02 Mar 2022 10:40:35 GMT
server: AmazonS3
x-timer: S1646220666.308701,VS0,VE1
date: Wed, 02 Mar 2022 11:31:06 GMT
vary: Accept-Encoding
x-amz-request-id: TBQ6A0GPTRA1281R
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 67
x-cache-hits: 1

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 98ms
25ms Preflight
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Wed, 02 Mar 2022 11:31:06 GMT
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
114 B 391ms
332ms XHR
text/plain 18.184.249.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newson6.com
date: Wed, 02 Mar 2022 11:31:06 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
817 B 137ms
89ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c35aa5129037103e4b9091e758faaaf0f264d60f92aa90079ce89673860d88fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 11:31:06 GMT
X-Proxy-Origin: 45.141.152.68; 45.141.152.68; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b0dd2ea2-2507-44af-a30c-0bd8dfc636d4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newson6.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 94 B
845 B 129ms
44ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2262242e16cffb22%22%3A%224b94a3a8570df59c7ff3%7C728x90%7Cgpid%3D%2F21886259135%2Fnewson6%2Fweb%2Fnews%22%7D&ref=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&s=d02f8fac-315b-4648-89df-bdafb1dcfd1d&pv=c14e5869-d858-41a6-99a7-76f8fe9c8142&vp=desktop&lib_name=prebid&lib_v=6.7.0-pre&us=0&ius=1&userid=%7B%22pubcid%22%3A%2289c0e984-6f38-474e-9572-616426e249ef%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2289c0e984-6f38-474e-9572-616426e249ef%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

12132544b23a39df46c1af6cd2ad5d0503f70717b5fd8dbed53f2476159907a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 11:31:06 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.newson6.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 119
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 175ms
73ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=349032&zone_id=2192028&size_id=2&eid_pubcid.org=89c0e984-6f38-474e-9572-616426e249ef%5E1&rf=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=f9198358-c8aa-4882-9ef3-0814593916d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8068657955867802
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 722b79ee84afa2fa2780760133eeeeb527ab87b6c1f6e90bbbce73d89797bfa3

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 11:31:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.newson6.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 186 B
371 B 99ms
18ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 425c571e8bc6701d4068deb62c29fd71600c5932e3ae160de24b81dedbc937f1

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 186
expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 1 KB
1 KB 120ms
89ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=736092&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211bca66261b4e9c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221255a7fea136e85%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22736092%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2289c0e984-6f38-474e-9572-616426e249ef%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b04cd38564a43fa92b9a5edc3f7923a94dbe8706c1b9130cfec8c2136acc9f03

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[45.141.152.68], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.newson6.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1210
x-ak-client-geo: 12
expires: Wed, 02 Mar 2022 11:31:06 GMT

GET
H2 200 arj Show response
os4m-d.openx.net/w/1.0/ 73 B
379 B 67ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f9198358-c8aa-4882-9ef3-0814593916d2&nocache=1646220666348&pubcid=89c0e984-6f38-474e-9572-616426e249ef&aus=728x90&divids=header-ad-container-lg&aucs=&auid=545725323
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: a704480bd2d436dcd5609f0624252f0204dc3147f5123a45c0c634bd25ed30bd

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newson6.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 88ms
32ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=39377376393

Requested by

Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
745 B 121ms
66ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 25e877159a576d04fa7dd98247004e333eedb6f981619a049b32c5e778944e59

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 02 Mar 2022 11:31:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newson6.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 60 B
324 B 155ms
104ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dFUIeWm0Gr7iokaKj0P0Le
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 9528febcc66052f2f99bfc1088583946c13851fd8b02e9b3ad0dfd52f0ad5318

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
171 B 80ms
47ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.newson6.com
pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 41ms
11ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5174
date: Wed, 02 Mar 2022 10:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 02 Mar 2022 12:04:52 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15283051&ns__t=1646220666465&ns_c=UTF-8&c8=Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures&c7=https%...
https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1646220666465&ns_c=UTF-8&c8=Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures&c7=https...

0
223 B

11ms
11ms

Image
text/plain

99.86.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1646220666465&ns_c=UTF-8&c8=Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&c9=
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Server: 99.86.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-34.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: B68CTijf97hHtqnGdqzTy9kj6KDN8_xYMDMzOtyNdrbWLPH8wJ6vgQ==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 02 Mar 2022 11:31:06 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1646220666465&ns_c=UTF-8&c8=Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&c9=
content-length: 366
x-amz-cf-id: yttsdd4PiS3yrrW4Pi30ejI9hzTyfc6zyTiCW2-MP_OIYlaFbTL8nw==

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 338ms
123ms Script
text/javascript 3.92.67.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.67.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-67-221.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e4b034a1fb0b4c0c788754b4b7dfe2a9d16c508aad3d6af284c1a6731feafee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 1207
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 65ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=39600
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 load.js Show response
widget.perfectmarket.com/griffin-newson6/ 3 KB
2 KB 349ms
328ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/griffin-newson6/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/griffin-newson6/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87dd37ba2bf577d27dbac941dde2ace8f320ca28160465a8a2374c67a097ff5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Jm0.14FnDrVGY0aScLsvR6A7nqw6lOsX
content-encoding: gzip
etag: "17f0becb12ce94c81523cc2439ff3d15"
age: 0
x-cache: HIT, HIT
content-length: 1183
x-amz-id-2: LyZ/9INMigQnFyYkEY0+jO/fZzS1x2S+XWTPuQIGh+gdqdK/hHpPGG2DMmPqKGYRSEmLGhCgIw4=
x-served-by: cache-sna10738-LGB, cache-hhn4070-HHN
last-modified: Tue, 11 Jan 2022 16:51:26 GMT
server: AmazonS3
x-timer: S1646220667.656111,VS0,VE317
date: Wed, 02 Mar 2022 11:31:06 GMT
vary: Accept-Encoding,,
x-amz-request-id: NMKCF01JQ7PPC7MH
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20220302-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 620 KB
128 KB 11ms
11ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220302-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/griffin-newson6/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ba5e4256742d05d0a63da6c682e491bcb9eade51f43a5c3c5038ea095e9ca73e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: k6VPWg4La5r3vYe2UOxjwdxMOGbS32M2
content-encoding: br
etag: "ba37af5bb79c08ca31a54b4d9d83b5c0"
age: 5028
x-cache: HIT
content-length: 131080
x-amz-id-2: fhTgqL5n8292SePcCSb+OPRIH15/fFq75vMG7eD2Rn8DsT8922LrMr1Mra0j936jf0vhiN5ztqs=
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 02 Mar 2022 10:04:19 GMT
server: AmazonS3-br
x-timer: S1646220667.637994,VS0,VE0
date: Wed, 02 Mar 2022 11:31:06 GMT
vary: Accept-Encoding
x-amz-request-id: C85RQHX3P63R6DJB
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 83
x-cache-hits: 7095

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 8ms
8ms Script
application/javascript 99.86.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/griffin-newson6/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-34.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 07:22:37 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 14910
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: XByxLIBxHN4e5Nn2gSWwNBpt75cOBechv2OL594CoGc8NVJCX6chfA==

POST
H2 200 v2 Show response
api.viafoura.co/v2/www.newson6.com/bootstrap/ 6 KB
3 KB 305ms
116ms XHR
application/json 2600:1f18:44f0:4832:d1c0:ca07:da34:7495
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.newson6.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4832:d1c0:ca07:da34:7495 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7116d9b2a34b550fa9927ceb59ff01bc9f1e5881c0055f8dabda329fd181f285

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-09662d6c927f6f5fd
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newson6.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Wed, 02 Mar 2022 11:31:07 GMT

OPTIONS
H2 204 v2
api.viafoura.co/v2/www.newson6.com/bootstrap/ Frame 0
0 294ms
93ms Preflight 2600:1f18:44f0:4832:d1c0:ca07:da34:7495
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.newson6.com/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4832:d1c0:ca07:da34:7495 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
server: nginx/1.18.0 (Ubuntu)
expires: Wed, 02 Mar 2022 11:31:06 GMT
cache-control: max-age=0
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-max-age: 1728000

GET
H2 200 main-c335bac439.css
player.field59.com/release-3.19.5/css/ 58 KB
11 KB 26ms
26ms Stylesheet
text/css 104.16.58.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/release-3.19.5/css/main-c335bac439.css
Requested by: Host: player.field59.com
URL: https://player.field59.com/v4/vp/kotv/c6b1fda09219cf33e8fce22c624e5f7b080e002f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.58.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a48885dafbf847141d353245399a4fc91db653213dfef0dded37a7c56442390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 21:42:45 GMT
server: cloudflare
age: 574005
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6e59cddf49ad9293-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires: Wed, 02 Mar 2022 20:03:51 GMT

GET
H2 200 html5_dfp-131552293d.js Show response
player.field59.com/release-3.19.5/js/ 631 KB
182 KB 75ms
74ms Script
application/javascript 104.16.58.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/release-3.19.5/js/html5_dfp-131552293d.js
Requested by: Host: player.field59.com
URL: https://player.field59.com/v4/vp/kotv/c6b1fda09219cf33e8fce22c624e5f7b080e002f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.58.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcc9e66f50570314f67d8c15efd5e94b83883e7575665200a98712271a0e5e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 18:13:38 GMT
server: cloudflare
age: 573920
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6e59cddf49ae9293-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires: Wed, 02 Mar 2022 20:03:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 39ms
16ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1256897610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&ul=en-us&de=UTF-8&dt=Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1540822666&gjid=1604875676&cid=931928241.1646220667&tid=UA-572554-5&_gid=1478513096.1646220667&_r=1&gtm=2wg2s0NXTXTZN&z=1622021587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2ikcsXIuliQVQpP20x7XmQpjEQpNpIeX-C9wEa_9KQ-mgK3ass6d3JsKpvcosNpo8DoJ_9Kh Show response
voraciousgrip.com/ 209 B
318 B 20ms
20ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2ikcsXIuliQVQpP20x7XmQpjEQpNpIeX-C9wEa_9KQ-mgK3ass6d3JsKpvcosNpo8DoJ_9Kh

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2uooEiQet-SjRwPJ13nqmcy9XSOVPH9Tx2TdXHXO-IAv-IneTQNHRx2DiAol4Jvr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

96f1249d84ab105d7984cda1b0e7901f70794254315dc45385b4a85e9da538b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Wed, 02 Mar 2022 11:31:06 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 478878929
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Wed, 02 Mar 2022 11:31:05 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
332 B 9ms
9ms Image
text/plain 99.86.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1646220666791&ns_c=UTF-8&cv=3.5&c8=Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures&c7=https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&c9=
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-34.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 6JiQKe3CUYa_P55co9WdPweDE8iw4x5_R9gkuHppO0_cfVs9LBR4bQ==
x-cache: Miss from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 70ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-572554-5&cid=931928241.1646220667&jid=1540822666&gjid=1604875676&_gid=1478513096.1646220667&_u=YEBAAEAAAAAAAC~&z=697864795

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 02 Mar 2022 11:31:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2whgQ8A4sqegbQ2T8Xae5PLn-OJ02Rf60ZH54Lat7CFBQW20toxkGER8NZpPVqUbSpmpKh1V Show response
voraciousgrip.com/ 2 KB
816 B 298ms
298ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2whgQ8A4sqegbQ2T8Xae5PLn-OJ02Rf60ZH54Lat7CFBQW20toxkGER8NZpPVqUbSpmpKh1V

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2uooEiQet-SjRwPJ13nqmcy9XSOVPH9Tx2TdXHXO-IAv-IneTQNHRx2DiAol4Jvr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

8dad13965cae5165c9937f51581bb25a2b9d14e3d9d4ac949e8ac8b9174cd15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
date: Wed, 02 Mar 2022 11:31:07 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 478878929
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 752

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 100ms
99ms Image
image/gif 3.92.67.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2625142&ntv_pl=1073590
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.67.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-67-221.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
102ms Image
image/gif 3.92.67.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=2d0a9cc2-d687-4f7d-aec7-ec9d7453c681&ntv_fl=CF4se3gYGjAPzQcMJoAeWY6-iIEK_9c8Ht7aKVfqS6yYkDmT89DDjuiIJhGIyrQW2DYJuvYQlg6DvxILQsIB60AWWYF_9349MT_P3puIhV9zQkbI1SYi2Kwz8fOpQygCCrQ6ll1U4QlNNQdfsxy7ebHNDCoiBDME4BL30Pt7O62qxACcQ92noEUttZ9ZRelDax2mCOe4ekYRHYt_flJd7exap9lskK-1NcfvgVTsdPcOD3OUqRkCH0ATEhr2YXH5Vc39DvNOGFSulc5RKVgReCAuW9sGBoUzcQwNn3SaNKaZ2zQ6bDvJawYUxNmIRZms&ntv_ht=elUfYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAtmEQA&ord=1646220666903&ntv_it
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.67.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-67-221.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
102ms Image
image/gif 3.92.67.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=2d0a9cc2-d687-4f7d-aec7-ec9d7453c681&ntv_fl=CF4se3gYGjAPzQcMJoAeWY6-iIEK_9c8Ht7aKVfqS6yYkDmT89DDjuiIJhGIyrQW2DYJuvYQlg6DvxILQsIB60AWWYF_9349MT_P3puIhV9zQkbI1SYi2Kwz8fOpQygCCrQ6ll1U4QlNNQdfsxy7ebHNDCoiBDME4BL30Pt7O62qxACcQ92noEUttZ9ZRelDax2mCOe4ekYRHYt_flJd7exap9lskK-1NcfvgVTsdPcOD3OUqRkCH0ATEhr2YXH5Vc39DvNOGFSulc5RKVgReCAuW9sGBoUzcQwNn3SaNKaZ2zQ6bDvJawYUxNmIRZms&ntv_ht=elUfYgA&ntv_at=323&ntv_a=AAAAAAAAAAtmEQA&ntv_jtr=6&ntv_it
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.67.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-67-221.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
101ms Image
image/gif 3.92.67.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=31d25802-0989-4805-8a6f-845d3dad02ab&ntv_fl=CF4se3gYGjAPzQcMJoAeWS8Qjt_fdw3Y51WnkKFJB15Q3HOzF-x6BDNuCUCivSGDLjmzQ6LntoPw4IyqcZKHnoAep5F-5LGo53FajKI60IRo7Da-S5SVQxAyXjcW1y3gEJ4SVP0zR3Hbh0IFSZx8eS1s3QM3GUFV4vHXedhlkM2XpDmN-ZWuu6P5r2c0WwWQdOETqSl1Vh2FC-HWvqwM8m8bjU5Qzr4ANw8Cjpt1vU5RPOD312maNUo958T1Y-Sqmfw09RfI8cJ6ALGlzcJ4rRNOuHwVk9CcAxi8vrrkJAI0NWAiQSFGLxBEI4zNy0K5&ntv_ht=elUfYgA&ntv_at=303&ntv_a=AAAAAAAAAA5h0RA&ord=1646220666907&ntv_it
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.67.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-67-221.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 102ms
99ms Image
image/gif 3.92.67.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1121767&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.newson6.com
URL: https://www.newson6.com/story/61c69ed7d303e30bec346a57/oklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.67.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-67-221.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:06 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 fpicons.woff
cdn.field59.com/player/fonts/ 3 KB
4 KB 52ms
25ms Font
application/x-font-woff 104.16.60.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.field59.com/player/fonts/fpicons.woff
Requested by: Host: player.field59.com
URL: https://player.field59.com/release-3.19.5/css/main-c335bac439.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.60.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddaa0d52bb744fbadd01e0d802c1703e49d7650eeb66bded570111b6c9752528

Request headers

Referer: https://player.field59.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
cf-cache-status: HIT
age: 685469
cf-ray: 6e59cde0b9339290-FRA
content-length: 3040
x-amz-id-2: Nhp/k6eIIrdTekbSUc4YJ3sFWUGfWpT5nnWIBYcrSQsY1l3H7eF3ss72f4LTodHbrybPeaKGTPE=
last-modified: Mon, 18 Apr 2016 20:34:41 GMT
server: cloudflare
etag: "725a886c5970c00ffa65a5d67df6e8d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-request-id: KRG76NQ46E5FJ9RG
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-version-id: Rr4yR713iQpY_NTbPM11Z3Q_LeKl8mSf
accept-ranges: bytes
content-type: application/x-font-woff
expires: Wed, 02 Mar 2022 12:31:07 GMT

GET
H2 200 fp6_play_white.png
cdn.field59.com/player/ 3 KB
4 KB 19ms
18ms Image
image/webp 104.16.60.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/player/fp6_play_white.png
Requested by: Host: player.field59.com
URL: https://player.field59.com/release-3.19.5/css/main-c335bac439.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.60.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d286e31993062c84db7d15274216bef3d70b38cf4e25439abe6e2834f12786ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.field59.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:06 GMT
cf-cache-status: HIT
age: 766229
cf-polished: origFmt=png, origSize=7587
last-modified: Tue, 15 Dec 2015 22:46:58 GMT
content-length: 3414
content-disposition: inline; filename="fp6_play_white.webp"
x-amz-request-id: 92P03B25NFTJ56NJ
x-amz-id-2: Q/kvtGWx1OPMaMF1qmVbY2SFwVGc4gnRaLDagtrIiqyuYBuQcAoyijqi61nFMVzqIXarolCdlRI=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "98a1b8195b25ce442ea127ddeb0b2e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-amz-version-id: wFl7bOHWyEiYwrIqRQCGXEEKkkbsRATT
accept-ranges: bytes
cf-ray: 6e59cde08e0768e5-FRA
expires: Wed, 02 Mar 2022 12:31:06 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: player.field59.com
URL: https://player.field59.com/release-3.19.5/js/html5_dfp-131552293d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6da099f98e79188b479b8e3d8be836b73411e02da2dba4e8ac8ccb8f2b98b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27879
x-xss-protection: 0
server: sffe
etag: "1147 / 440 of 1000 / last-modified: 1646214131"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 02 Mar 2022 11:31:07 GMT

GET
H2 200 ima3.js Show response
s0.2mdn.net/instream/html5/ 367 KB
122 KB 82ms
32ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/html5/ima3.js

Requested by

Host: player.field59.com
URL: https://player.field59.com/release-3.19.5/js/html5_dfp-131552293d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bc4b4e83d00a23ad6e7f8f9dc85067b7503c0a00814e02b02a20b3b0c8ddd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124251
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Mar 2022 11:31:07 GMT

GET
H2 200 pmk-202010011.1.js Show response
widget.perfectmarket.com/griffin-newson6/ 118 KB
32 KB 9ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/griffin-newson6/pmk-202010011.1.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/griffin-newson6/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 838f48fb314b5d97a2eaf0d105f3e06be69fbfede4ff8b8b8cd13c557622d745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: EOG7Dect8yfLdFW8KaNbgKqwSfLPWRc0
content-encoding: gzip
etag: "a901c92533c767128cc5e3d2062a93c0"
age: 1987773
x-cache: HIT, HIT
content-length: 32405
x-amz-id-2: VEsODG4CvCKwZgOAhZorQyI2XLnWv9fnX3mvakrNVZc6VA0rmcL+NJMSyd95W1vMKa+eHPmaoY4=
x-served-by: cache-sna10721-LGB, cache-hhn4070-HHN
last-modified: Tue, 11 Jan 2022 16:51:26 GMT
server: AmazonS3
x-timer: S1646220667.018790,VS0,VE1
date: Wed, 02 Mar 2022 11:31:07 GMT
vary: Accept-Encoding,,
x-amz-request-id: SB7P17EBMM75RW0J
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 bridge3.502.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5E9C 588 KB
192 KB 38ms
8ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Feb 2022 13:10:55 GMT
expires: Tue, 28 Feb 2023 13:10:55 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 23 Feb 2022 23:41:21 GMT
content-type: text/html
age: 166812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Mar 2022 11:31:07 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D4F5 37 KB
13 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 02 Mar 2022 12:09:32 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/griffinnewmedia/ 2 KB
743 B 83ms
73ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/griffinnewmedia/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20638b42fdffc8dd9040c0ddecd25184b1d67cd5051cefe4d32e7131b39164d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
content-encoding: gzip
etag: -2051436664--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=25, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 566

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 176ms
166ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=621f557a6ef4a49f&bkl=0&bl=1&pdt=1123&sid=621f557a6ef4a49f&pub=griffinnewmedia&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newson6.com&fp=story%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=newson6&colc=1646220667308&jsl=1&uvs=621f557ac21cf359000&skipb=1&callback=addthis.cbs.jsonp__015979983359788230
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a3c82663f346f450233090530045ed5764c412ae4a2195c82538ae138738cfa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:07 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame EE52 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 6238 71 KB
26 KB 17ms
17ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 02 Mar 2022 11:31:07 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 ConsentManager,Sticky2 Show response
voraciousgrip.com/v2qjrofA0l0sH-4Q__vNiEU5psbHgj2yc5QTGmUSGiMJNaNw4RN3LhrvPvZLDWlKt5XmF8SU/ 274 KB
80 KB 23ms
23ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2qjrofA0l0sH-4Q__vNiEU5psbHgj2yc5QTGmUSGiMJNaNw4RN3LhrvPvZLDWlKt5XmF8SU/ConsentManager,Sticky2

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2uooEiQet-SjRwPJ13nqmcy9XSOVPH9Tx2TdXHXO-IAv-IneTQNHRx2DiAol4Jvr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

538b5f936b44218946cd71379559bf6bdc54f345f3edc2f5c7084b7d0623b222

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "33a10f04eb7c4a3629ddc3aa4a557315bce01ef91b3eb064b12a3137dcf9460e"
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.newson6.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 478878929
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Wed, 02 Mar 2022 11:31:07 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/15283051/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
348 B

7ms
7ms

Script
application/javascript

99.86.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 99.86.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-34.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:02:25 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: HKE638ziLNH5SoO1p6dKaV7jw5J-LNkNJaba1SHyFVC1jiY05Arw8w==

Redirect headers

date: Wed, 02 Mar 2022 11:31:07 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: h8juEQX3nGcm59swYuzSbdJLv5IWxuujRujn2Xz2Jn89uRTE0tBcSQ==

POST
H/1.1 204
No Content multitracking Show response
ghb.yieldlift.io/adunit/ 0
203 B 24ms
24ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.yieldlift.io/adunit/multitracking
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hbw_master_532954_13595.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.newson6.com
Date: Wed, 02 Mar 2022 11:31:07 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H2 200 thirdpartycookie Show response
api.viafoura.co/v2/www.newson6.com/ 45 B
648 B 98ms
98ms XHR
application/json 2600:1f18:44f0:4832:d1c0:ca07:da34:7495
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.newson6.com/thirdpartycookie?section=
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4832:d1c0:ca07:da34:7495 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-0455210c473d36437
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newson6.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Wed, 02 Mar 2022 11:31:07 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
653 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2qjrofA0l0sH-4Q__vNiEU5psbHgj2yc5QTGmUSGiMJNaNw4RN3LhrvPvZLDWlKt5XmF8SU/ConsentManager,Sticky2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 10:57:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 11:31:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 11:31:07 GMT

GET
H2 200 intl-messageformat.5c2d6f77c77cc4d06747.js Show response
cdn.viafoura.net/chunks/vendors~languages/ 17 KB
5 KB 9ms
8ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.5c2d6f77c77cc4d06747.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d64a0418bce759f01cd9d1666d13fe1158c66543f46abb0b5f6c5e47b3f285b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:05 GMT
server: AmazonS3
age: 68353
etag: W/"bde6fd8fc74b18b6762872b7c69f445d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: SsxCO4t4efcOxZO9JBqPMp5hj4.X_S1a
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: p98p4jgkzXgIrXbDEP0CQWS2NO4O03OjDbfNbd-1rFxMTim25pfzEw==

GET
H2 200 intl-messageformat.37fcfe3f7ed7708e2a32.js Show response
cdn.viafoura.net/chunks/languages/ 134 B
562 B 9ms
9ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/intl-messageformat.37fcfe3f7ed7708e2a32.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8a4fff9cb57d4ffbcf690eb56579c0eb197a54e9d0b69e9f6c34ae49c2ef299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 16:31:12 GMT
server: AmazonS3
age: 68353
etag: "96ef5d80633556a47702589fa6c37581"
x-cache: Hit from cloudfront
x-amz-version-id: yqiFdQ5v9Cfzh7PYUZ2X9R7jI34dEgMj
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 134
x-amz-cf-id: G8M4FmmBi-2iNWu5uA_z_NdDt4-nBjRxMmx46VVkCdZZLbYr1znkxQ==

GET
H2 200 en-us-base-json.2ed140ca116dbab98f42.js Show response
cdn.viafoura.net/chunks/languages/ 19 KB
5 KB 11ms
11ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-base-json.2ed140ca116dbab98f42.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6c217cf4a70824e150c9b84635540ccebfacd9f4a6b024d8d3d13e7226ca0ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:11 GMT
server: AmazonS3
age: 68353
etag: W/"dc9b47e81a8086b22edb56f64883dacd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ZysNyC6kqvbZKGdU5Zr_b6yY3TTUDkox
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: pENd6RwnexNBltWEy0DqozngWLfpPofUiseWY82ge-TDhdrULJryUw==

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 37 KB
37 KB 32ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:02:08 GMT
x-content-type-options: nosniff
age: 581339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 18:02:08 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 37 KB
37 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:02:08 GMT
x-content-type-options: nosniff
age: 581339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 18:02:08 GMT

GET
H2 200 MiwwY2M3MWM5Zjc1M2I
images.getadmiral.com/ 3 KB
3 KB 120ms
49ms Image
image/png 2606:4700:3034::6815:4466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MiwwY2M3MWM5Zjc1M2I

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6179974393162583edabf194073462712000fc96c82d4b9eccedf7aa9617b548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-buildnumber: 456232094
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2568
server: cloudflare
x-datacenter: gce-europe-west1
etag: "c7c2d87d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZj%2F7R%2FQLhtqNkvi9uH5p1AG6dHr8oIDIoWig7vnCfdGYNXouuN8TQykRlkaxfmwtnpFJFa5AqqaVbw5%2FAoKpa%2FQQTeG1sCH%2BV8FKL2dyowcRh9bKwNy7giufazhP89%2BMpepAB%2BlGqL6mc9iaU1Mm5HKIew%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=300
x-hostname: button
cf-ray: 6e59cde44d6683b2-MXP

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 14ms
13ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 02 Mar 2022 11:31:07 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 vf-css.049297f7d985456d4f86.js Show response
cdn.viafoura.net/chunks/ 119 KB
17 KB 11ms
9ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vf-css.049297f7d985456d4f86.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f656076ee9faaa43b28d941e35978b30056113af8b9aacba6aa853879bab206

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:25 GMT
server: AmazonS3
age: 68353
etag: W/"0150f34032126cc336c0d54ef7b89247"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: q3Xg8inOJugFMFgryToA4OAXvgfa91YS
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: KAkrA3CjA2jKNmG09h-q2KX5tPTTz1Lg99zhm7YYCpuInAka045Ebg==

POST
H2 200 v2ikcsXIuliQVQpP20x7XmQpjEQpNpIeX-C9wEa_9KQ-mgK3ass6d3JsKpvcosNpo8DoJ_9Kh Show response
voraciousgrip.com/ 254 B
315 B 28ms
28ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2ikcsXIuliQVQpP20x7XmQpjEQpNpIeX-C9wEa_9KQ-mgK3ass6d3JsKpvcosNpo8DoJ_9Kh

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2uooEiQet-SjRwPJ13nqmcy9XSOVPH9Tx2TdXHXO-IAv-IneTQNHRx2DiAol4Jvr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

a8f3b7a47377996fe91fbaea926f705db111479a46074a3f3df34cfb9732e987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Wed, 02 Mar 2022 11:31:07 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 478878929
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 254
expires: Wed, 02 Mar 2022 11:31:06 GMT

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 60ms
60ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 02 Mar 2022 11:31:07 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/contentcontainer/ Frame 0
0 308ms
99ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/contentcontainer/id?container_id=story-61c69ed7d303e30bec346a57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.newson6.com
access-control-allow-methods: GET,POST,PUT,DELETE,PATCH
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-max-age: 43200

GET
H3 200 css
fonts.googleapis.com/ 16 KB
952 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 10:42:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 11:31:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 11:31:07 GMT

GET
H2 200 0.5f00e6801f66f4370964.css
cdn.viafoura.net/ 86 KB
10 KB 8ms
8ms Stylesheet
text/css 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/0.5f00e6801f66f4370964.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3faa66b4f36ef74c8f6dba115cdcc3652a61556778fae86e7bf707742eefa65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:31 GMT
server: AmazonS3
age: 68353
etag: W/"66df792ee311804a6a03246dbb686021"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: fx9YYh8ZXq1IXSJCs_svbEn9EqV3AEQL
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: -p7bpb4tMPgzT3igfqgy_FI_3mZvaesSqdkOBC7v_UpNTgaxUpQbrw==

GET
H2 200 da.fa7ddb28ce8b8ed0ff6a.js Show response
cdn.viafoura.net/chunks/ 143 KB
34 KB 9ms
9ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/da.fa7ddb28ce8b8ed0ff6a.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce57ff50551e1bddd83b30981b94b3b83b80633127de3ddd4d4db448aa29dd95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:19 GMT
server: AmazonS3
age: 68353
etag: W/"ecb7ee666e44bb1aaecbe995147af827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: v_B5WB7KonGTw.r4MyJIyIAvbQN9gqZz
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YPfBa3KKa-zCK-2kqLq8wCSsNZ-HpcCg0K8PVeYgLzXAg72t_84IiQ==

GET
H2 200 134.85323042c60e6ad2c8a4.css
cdn.viafoura.net/ 1 KB
854 B 11ms
11ms Stylesheet
text/css 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/134.85323042c60e6ad2c8a4.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f771d519306d5ae99473e06775b77f1697c6992f74fa699c347baf01ddcb12c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:32 GMT
server: AmazonS3
age: 68353
etag: W/"517c194d691465e12bd636932d338ae9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Wwvd2dDKOSNUglwTuql2xqvSNf4vrFbn
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: KYzYElaoaUSxdT8rLuQGaA16syvWB3I8ki5PoIAapLtXzguPq703Fg==

GET
H2 200 tray-trigger.55cfcc4f68f2ac290ac2.js Show response
cdn.viafoura.net/chunks/ 4 KB
2 KB 12ms
11ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/tray-trigger.55cfcc4f68f2ac290ac2.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4290c627d929681efc241c1e6b68182f5b43941da2ce06dda35bb0531c9729a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:26 GMT
server: AmazonS3
age: 68353
etag: W/"be0bfb5c279acd30c36c6933a8117f7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: lhysqdxnjeO4V7EHI.GucQE_y2QIvjlV
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: TUhlS3hpNQqNOe2e-jxcBAhi5D7fMrj0i3wZ6r4woNpcIhTVCQ7Nmw==

GET
H2 200 en-us-conversations-json.40fe2ec9a126c6034f66.js Show response
cdn.viafoura.net/chunks/languages/ 14 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.40fe2ec9a126c6034f66.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee7fa9758461125ca596582dc9082a355124c94c6b989f188bac28ad1ff5c191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:12 GMT
server: AmazonS3
age: 68353
etag: W/"90961159f3d814380877bc80bcc47368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: dPm8ySFIe1EFykvpKMAWtSm4g57h7cWt
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: kcOux7jwc0pi8V5cMuPKOWElIjCWfAy3_jKsYrzIfK1IihetR074Jw==

GET
H2 200 madops.min.js Show response
rdc.m32.media/ 60 KB
17 KB 151ms
117ms Script
application/javascript 35.227.246.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdc.m32.media/madops.min.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.246.163 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.246.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 /
Resource Hash: fa1b5f122f4540d031362a25e2bb8d1372c9cecb18e1ba7fdfd2ffda0d2d0965

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
content-encoding: gzip
last-modified: Mon, 20 Dec 2021 21:59:25 GMT
server: nginx/1.10.3
etag: W/"61c0fcbd-f063"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
expires: Wed, 02 Mar 2022 11:46:07 GMT

GET
H2 200 content_container-module-js.5086fb205414eefc1d4e.js Show response
cdn.viafoura.net/chunks/vuex_store/ 2 KB
1 KB 10ms
9ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.5086fb205414eefc1d4e.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be270b951dd311faaf9410f008aa81da9f238632bf38a75eac2470ca25a695f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 16:31:16 GMT
server: AmazonS3
age: 68353
etag: W/"ea9b25e2c7832491d810b35f53fdbd55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: AZZToKIP.d9rutZ8ZfohOTcR0CYE2uyG
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 0vb4hzS61nTJZj7nbHbrH0mblb5AsP3c3C-HCgYpY0i71HpOHzFO3g==

GET
H2 200 id Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/contentcontainer/ 762 B
463 B 110ms
105ms XHR
application/json 54.162.254.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/contentcontainer/id?container_id=story-61c69ed7d303e30bec346a57
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.254.217 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-254-217.compute-1.amazonaws.com
Software: /
Resource Hash: a5eb9854bbf90bee8ace17a89e13b4c5e869dc0508a8a6e995c02da433dd92f5

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.newson6.com
date: Wed, 02 Mar 2022 11:31:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 309
content-type: application/json

GET
H2 200 ingest
i.viafoura.co/v3/www.newson6.com/ 67 B
325 B 309ms
100ms Image
image/png 54.162.254.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.newson6.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1646220668%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1646220668%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%228c0444d2-8dbd-4620-a632-637f1d6070fb%22%2C%22firstVisit%22%3A1646220668%2C%22previousVisit%22%3A1646220668%2C%22currentVisit%22%3A1646220668%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22section%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageImage%22%3A%22https%3A%2F%2Fcdn.field59.com%2FKOTV%2F244ed7d93b4cda0c31a4c66da48ccd67cc004f23.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22path%22%3A%22%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22title%22%3A%22Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22The%20ice%20skating%20rink%20was%20a%20popular%20place%20to%20be%20on%20Christmas%20Eve%2C%20but%20with%20temps%20near%2080%2C%20we%20were%20wondering%20how%20are%20they%20keeping%20the%20ice%20from%20melting.%20Organizers%20at%20Winterfest%20Downtown%20Tulsa%20said%20the%20ice%20is%20wet%20and%20soft%2C%20but%20safe%20to%20skate%20on.%22%2C%22topics%22%3A%5B%22newson6%22%5D%2C%22git%22%3A%22602fc2908d02d6bfa370e667aa77956b63e70861%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22d54cd784-c3fd-4cbf-8cad-b7d72b972e92%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.254.217 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-254-217.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendors~chat_js~comments_js~liveblog_js.21c121293e161b25d5d1.js Show response
cdn.viafoura.net/chunks/ 19 KB
6 KB 14ms
12ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~chat_js~comments_js~liveblog_js.21c121293e161b25d5d1.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7eead747912e886e1ab60344a4f7e0c10e77132ee12ae0cd03a42c4fe2df21c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:18 GMT
server: AmazonS3
age: 68353
etag: W/"f6470162b9dcabdd6afafa494d16721d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yPiKSjA6BgdhU4gCyCIjcPT525WB4HNt
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: BnK2LBqT07sMvq3vKEJ9bJInd9rlxoUU_r0XSq3l62y9-fHLf5INsQ==

GET
H2 200 vendors~comments_js~liveblog_js.ff4537601f9df3752e78.js Show response
cdn.viafoura.net/chunks/ 268 KB
55 KB 14ms
13ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~comments_js~liveblog_js.ff4537601f9df3752e78.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5be50a7d1fe31c810dfec68ab3d8b69c51017d75ad693ed556d3d1df4f7cc3ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:20 GMT
server: AmazonS3
age: 68353
etag: W/"967e08b66eb21d4d78cdc59a1f0f167e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: gJbS2nGKMd6Q.Q7LMrgFM0NQEvg4TzxJ
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: _Ep33wpot9795sgYamww1fd7RhucWbI2u38Ys8eGCQ9wyTmgkHKIOQ==

GET
H2 200 4.6a67359a2447ec5284fc.css
cdn.viafoura.net/ 4 KB
1 KB 17ms
16ms Stylesheet
text/css 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/4.6a67359a2447ec5284fc.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb0a90dd01b8934f8106c94bf458e052fd7f495159b9046c9a5bec0123d72915

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:29 GMT
server: AmazonS3
age: 68353
etag: W/"0a3ab5f716ac6871b8671c387da6abef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: DyEBK_lR1K4lUprCQ6oXaypo19SE2RlA
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: lGjibquDRv_Vsvht_GJcUGrMrHuzv0F9_PXT-6sisAwKbsdgdQGC3w==

GET
H2 200 default~chat_js~comments_js~liveblog_js.eb34e88b4017a26b17bd.js Show response
cdn.viafoura.net/chunks/ 14 KB
5 KB 17ms
17ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/default~chat_js~comments_js~liveblog_js.eb34e88b4017a26b17bd.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eebaf506675b286edf947ef63b7b0bb388524517fc3fb09694446f2ad7a4cc16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:23 GMT
server: AmazonS3
age: 68353
etag: W/"450f16966497fbfd68cc3f194b6b0a2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 0CQzdwik7f_XpnHT7EGpd_CZq.pbK0rx
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: MsX6cC4ZS9vEdhiMqKx4C5r6K0dZAhCf-HfYaRv4OmxdjYteBbJu9A==

GET
H2 200 31.6502d99a9fb68ad7e95b.css
cdn.viafoura.net/ 68 KB
11 KB 18ms
17ms Stylesheet
text/css 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/31.6502d99a9fb68ad7e95b.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 728eee083d9ebdbfd6de30bc14f7c814916bf14196cb99ff637e65e862e17cc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 16:31:31 GMT
server: AmazonS3
age: 68353
etag: W/"a5d966136fc0bcdf6bfacef0ff7099a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: CaT4KrcEEDCP1oiupaczIUFPAT7Me8_3
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: RHjaNLVNfoT-D0PMJW_5XnZO531ywrYwmhXe9BJ212vFaKI0RhqguA==

GET
H2 200 comments_js.e94ceedb938e14d3fe01.js Show response
cdn.viafoura.net/chunks/ 230 KB
44 KB 18ms
18ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/comments_js.e94ceedb938e14d3fe01.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffef493459a7a83e6572f9d225924341ae8d6c002bd7ae690d09bec6a9034a21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:26 GMT
server: AmazonS3
age: 68353
etag: W/"a2efa93fc78901dfdd658db9639aeafb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 7vcxDho0aE0cYD6qnlidYqSYyCcEAi0j
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: VDpEAzGg0mC9gbsGjWwTN1dTbFm18xb8BaVPggIzHTRyuulvkHLkYw==

GET
H2 200 livecomments-module-js.fe37ce50059daa7c384a.js Show response
cdn.viafoura.net/chunks/vuex_store/ 30 KB
7 KB 22ms
21ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/livecomments-module-js.fe37ce50059daa7c384a.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcb86a331f549611ee1ca632d0f616fb92a5edd408b8eb32003317304665c176

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:16 GMT
server: AmazonS3
age: 68353
etag: W/"2476bd83611bfc727e0bb66f1a3ea0ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: w7kZSf05KXeoO4P87xUbycblPIG87QtN
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: nUT0V3g38-L5EVKWwGK6l4oJSUUrIhb37jJMXn8Ig1brRBIyKm_REA==

GET
H2 200 content-module-js.3c7da61f3d9223d92e1d.js Show response
cdn.viafoura.net/chunks/vuex_store/ 11 KB
3 KB 23ms
23ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/content-module-js.3c7da61f3d9223d92e1d.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d88642a55f24c052575d2116dad550055cf3cdb2e576be3392cd72edc81a4fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:17 GMT
server: AmazonS3
age: 68353
etag: W/"99de2c735cdd2755ff6ae803f42e9931"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: L6Lskn2UudBtKc_nBODgRW3_hmyjuJJr
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: vD57vM0CrcmV5WYS479UmYqp8sprLHsudju2yVteyJUl18Gi1FCAkA==

GET
H2 200 threads-module-js.6daa7e6b52b38305d578.js Show response
cdn.viafoura.net/chunks/vuex_store/ 12 KB
4 KB 23ms
23ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/threads-module-js.6daa7e6b52b38305d578.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94d4d40a9eda0c687da7f7a86bc90c777013d6b2a9a7b7454ab6a3412358a133

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:16 GMT
server: AmazonS3
age: 68353
etag: W/"8e75ef3cbc7105f5fd6ac0b9262ac7d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: s6TLvNXD1Md_cn7zPVYRjJPEctWZNrU0
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 61ezLhvIjlhNqmbNQgMfj30JuniDwGEQ7YnQezkmAdJL2NZU10UZFA==

GET
H2 200 interaction-module-js.5c11adc73fe1d639a19c.js Show response
cdn.viafoura.net/chunks/vuex_store/ 1 KB
1 KB 23ms
23ms Script
application/javascript 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/interaction-module-js.5c11adc73fe1d639a19c.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2c9491534cd274939086cecc10ae84355e42a2175248722e6a4486f39a01ef3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 16:31:16 GMT
server: AmazonS3
age: 68353
etag: W/"8a943cb219fc549c051129b4f6e61bd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: bfuObM4v0VOoanSPdgGbrYGwtQJU6Sir
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: M7iYYYM2bMQeoeU8NRwICgUZgXiVVwAAmD0MEZfa7_Ofe1JWvWbWOA==

GET
H2 200 00000000-0000-4000-8000-d8ecaca547bb Show response
livecomments.viafoura.co/v4/livecomments/ 877 B
494 B 129ms
125ms XHR
application/json 54.162.254.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb?limit=3&container_id=story-61c69ed7d303e30bec346a57&reply_limit=2&sorted_by=newest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.254.217 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-254-217.compute-1.amazonaws.com
Software: /
Resource Hash: b1251c1d2138ca5fe7ec866d23f939dbf034193b83ae230fa9159ccf03a7a298

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.newson6.com
date: Wed, 02 Mar 2022 11:31:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 340
content-type: application/json

OPTIONS
H2 200 00000000-0000-4000-8000-d8ecaca547bb
livecomments.viafoura.co/v4/livecomments/ Frame 0
0 267ms
99ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb?limit=3&container_id=story-61c69ed7d303e30bec346a57&reply_limit=2&sorted_by=newest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.newson6.com
access-control-allow-methods: GET,PATCH,PUT,POST,DELETE
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-max-age: 43200

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 14ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 77347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 14:02:00 GMT

GET
H2 200 all Show response
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-d8ecaca547bb/ 36 B
224 B 304ms
100ms XHR
application/json 54.162.254.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-d8ecaca547bb/all
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.254.217 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-254-217.compute-1.amazonaws.com
Software: /
Resource Hash: b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.newson6.com
date: Wed, 02 Mar 2022 11:31:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 59
content-type: application/json; charset=utf-8

GET
H3 200 custom.json Show response
rdc.m32.media/adops/custom_files/newson6.com/ 2 KB
893 B 180ms
118ms XHR
application/json 35.227.246.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdc.m32.media/adops/custom_files/newson6.com/custom.json
Requested by: Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.246.163 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.246.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 /
Resource Hash: f11363dd4beeef02ac64f9c04f5d95590c1699c21113610f859eab01fbd8f2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:07 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 10:41:52 GMT
server: nginx/1.10.3
etag: W/"621f49f0-99f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
expires: Wed, 02 Mar 2022 11:46:07 GMT

GET
H2 200 / Show response
geoloc.m32.media/json/ 241 B
449 B 134ms
99ms XHR
application/json 35.227.201.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geoloc.m32.media/json/

Requested by

Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.201.248 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

248.201.227.35.bc.googleusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7f1f55d1947f829beaa5e338cee9da98ce032dc5376694003b29587afdc78395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:08 GMT
content-encoding: gzip
x-database-date: Wed, 02 Mar 2022 02:00:17 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.newson6.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubdomains;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 ingest
i.viafoura.co/v3/www.newson6.com/ 67 B
324 B 99ms
98ms Image
image/png 54.162.254.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.newson6.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1646220668%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1646220668%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%228c0444d2-8dbd-4620-a632-637f1d6070fb%22%2C%22firstVisit%22%3A1646220668%2C%22previousVisit%22%3A1646220668%2C%22currentVisit%22%3A1646220668%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22section%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageImage%22%3A%22https%3A%2F%2Fcdn.field59.com%2FKOTV%2F244ed7d93b4cda0c31a4c66da48ccd67cc004f23.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22path%22%3A%22%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22title%22%3A%22Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22The%20ice%20skating%20rink%20was%20a%20popular%20place%20to%20be%20on%20Christmas%20Eve%2C%20but%20with%20temps%20near%2080%2C%20we%20were%20wondering%20how%20are%20they%20keeping%20the%20ice%20from%20melting.%20Organizers%20at%20Winterfest%20Downtown%20Tulsa%20said%20the%20ice%20is%20wet%20and%20soft%2C%20but%20safe%20to%20skate%20on.%22%2C%22topics%22%3A%5B%22newson6%22%5D%2C%22git%22%3A%22602fc2908d02d6bfa370e667aa77956b63e70861%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22d54cd784-c3fd-4cbf-8cad-b7d72b972e92%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22content_container_uuid%22%3A%220105db84-f2a7-4f2f-8582-b3371c8acb4d%22%2C%22content_container_type%22%3A%22comments%22%2C%22widget_type%22%3A%22vf-conversations%22%2C%22v%22%3A1%2C%22event_type%22%3A%22analytics.container.load%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.254.217 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-254-217.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 comments
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/0105db84-f2a7-4f2f-8582-b3371c8acb4d/ Frame 0
0 99ms
99ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/0105db84-f2a7-4f2f-8582-b3371c8acb4d/comments?limit=3&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Mar 2022 11:31:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.newson6.com
access-control-allow-methods: DELETE,PUT,POST,PATCH,GET
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-max-age: 43200

GET
H2 200 comments Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/0105db84-f2a7-4f2f-8582-b3371c8acb4d/ 38 B
217 B 120ms
120ms XHR
application/json 54.162.254.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d8ecaca547bb/0105db84-f2a7-4f2f-8582-b3371c8acb4d/comments?limit=3&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.254.217 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-254-217.compute-1.amazonaws.com
Software: /
Resource Hash: accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.newson6.com
date: Wed, 02 Mar 2022 11:31:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 64
content-type: application/json

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newson6.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 581556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 17:58:32 GMT

GET
H2 200 defaultavatar.28fea6b8b2b5fdb61025943a5aac4c45.png
cdn.viafoura.net/assets/ 676 B
1 KB 7ms
7ms Image
image/png 2600:9000:2057:b600:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viafoura.net/assets/defaultavatar.28fea6b8b2b5fdb61025943a5aac4c45.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:31:55 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 16:31:05 GMT
server: AmazonS3
age: 68354
etag: "28fea6b8b2b5fdb61025943a5aac4c45"
x-cache: Hit from cloudfront
x-amz-version-id: IoL9579awTYdPPR5YE8jeyvj.k8hHno8
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 676
x-amz-cf-id: Hl7yGTmsuiOEtzEpsNS2yZ5sEHgrv8yZ3HGzv2RgaJ8ArVmRtHfTyA==

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 55ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:08 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Mar 2022 11:31:08 GMT

GET
H2 200 ingest
i.viafoura.co/v3/www.newson6.com/ 67 B
324 B 99ms
98ms Image
image/png 54.162.254.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.newson6.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1646220668%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1646220668%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%228c0444d2-8dbd-4620-a632-637f1d6070fb%22%2C%22firstVisit%22%3A1646220668%2C%22previousVisit%22%3A1646220668%2C%22currentVisit%22%3A1646220668%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.newson6.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22section%22%3A%2200000000-0000-4000-8000-d8ecaca547bb%22%2C%22pageImage%22%3A%22https%3A%2F%2Fcdn.field59.com%2FKOTV%2F244ed7d93b4cda0c31a4c66da48ccd67cc004f23.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22path%22%3A%22%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22title%22%3A%22Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22The%20ice%20skating%20rink%20was%20a%20popular%20place%20to%20be%20on%20Christmas%20Eve%2C%20but%20with%20temps%20near%2080%2C%20we%20were%20wondering%20how%20are%20they%20keeping%20the%20ice%20from%20melting.%20Organizers%20at%20Winterfest%20Downtown%20Tulsa%20said%20the%20ice%20is%20wet%20and%20soft%2C%20but%20safe%20to%20skate%20on.%22%2C%22topics%22%3A%5B%22newson6%22%5D%2C%22git%22%3A%22602fc2908d02d6bfa370e667aa77956b63e70861%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Oklahomans%20Enjoy%20Arvest%20Winterfest%20On%20Christmas%20Eve%20Despite%20The%20Warm%20Temperatures%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22d54cd784-c3fd-4cbf-8cad-b7d72b972e92%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22widget%22%3A%22vf-conversations%22%2C%22adData%22%3A%7B%22index%22%3A0%2C%22container_id%22%3A%22story-61c69ed7d303e30bec346a57%22%2C%22total_count%22%3A0%7D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.trackAd%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.254.217 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-254-217.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C20B 2 KB
1 KB 68ms
22ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newson6.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 543
date: Wed, 02 Mar 2022 11:31:08 GMT
content-length: 972
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 58ms
24ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:31:08 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 21:31:17 GMT
server: nginx
etag: W/"62194aa5-18342"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Mar 2022 11:31:08 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.yieldlift.io/adunit/ 0
203 B 34ms
33ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.yieldlift.io/adunit/multitracking
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hbw_master_532954_13595.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.newson6.com
Date: Wed, 02 Mar 2022 11:31:09 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 72ms
22ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newson6.com%2F&domain=www.newson6.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newson6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.newson6.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1655
date: Wed, 02 Mar 2022 11:31:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newson6.com%2F&domain=www.newson6.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=f1PR7HxlMWZWYlA0S1gzMzJCZjZ2cjZBb3pXTnZGam5STHNObTNUY1RPdDc1cDBIZ21sTlZoZk10TlFwWXZLK1N0UlFmVXFPcVc5YldKd3o4ZUZLeWE4L1V6VUtUUTZIUTJSeWQ1THZBOHg0ZHEwejVYd1l2NkZZdnNsQ0...

342 B
609 B

50ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=f1PR7HxlMWZWYlA0S1gzMzJCZjZ2cjZBb3pXTnZGam5STHNObTNUY1RPdDc1cDBIZ21sTlZoZk10TlFwWXZLK1N0UlFmVXFPcVc5YldKd3o4ZUZLeWE4L1V6VUtUUTZIUTJSeWQ1THZBOHg0ZHEwejVYd1l2NkZZdnNsQ0hwSXBxSzhrNWRrTmVlWm5McTh6WG9JZkhjQnZVZHMrbFl5MVhIZERqV0VhSkt4c2owNDVvSlVWZldqN3duMzJlUTdlK1pUQ0lEVGx4cnhwUk9Mcll2akhjaU5BZVNWSkwwUEl2bWVGcWJGSlBDM1JpaU44RXdLcjhuSkMzSjFGS0hMUk5YUWFSfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

91df68a25cd8463c352ac93244af1df4d8fb888ea729ea3824686ce4bf2c8765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:11 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2781
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 11:31:10 GMT
location: https://mug.criteo.com/sid?cpp=f1PR7HxlMWZWYlA0S1gzMzJCZjZ2cjZBb3pXTnZGam5STHNObTNUY1RPdDc1cDBIZ21sTlZoZk10TlFwWXZLK1N0UlFmVXFPcVc5YldKd3o4ZUZLeWE4L1V6VUtUUTZIUTJSeWQ1THZBOHg0ZHEwejVYd1l2NkZZdnNsQ0hwSXBxSzhrNWRrTmVlWm5McTh6WG9JZkhjQnZVZHMrbFl5MVhIZERqV0VhSkt4c2owNDVvSlVWZldqN3duMzJlUTdlK1pUQ0lEVGx4cnhwUk9Mcll2akhjaU5BZVNWSkwwUEl2bWVGcWJGSlBDM1JpaU44RXdLcjhuSkMzSjFGS0hMUk5YUWFSfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newson6.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1452
content-length: 509
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
533 B 65ms
20ms XHR
application/json 51.89.7.205
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/457283/hb_532954_13595.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p28.id5-sync.com

Software

Resource Hash

f918c48a41e38f0a60a5979a80886f6652627152629af37242e82e4d74198797

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.newson6.com
Date: Wed, 02 Mar 2022 11:31:10 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 63ms
15ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 961
date: Wed, 02 Mar 2022 11:31:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET json
trc.taboola.com/griffin-newson6/trc/3/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: trc.taboola.com
URL: https://trc.taboola.com/griffin-newson6/trc/3/json?tim=11%3A31%3A12.864&lti=deflated&data=%7B%22id%22%3A231%2C%22ii%22%3A%22%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1646217601408%2C%22vi%22%3A1646220672862%2C%22cv%22%3A%2220220302-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22%22%2C%22gwto%22%3Atrue%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.newson6.com%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3389%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbs-2r%3Aabp%3D0%22%2C%22uip%22%3A%22below-main-feed%22%2C%22orig_uip%22%3A%22below-main-feed%22%2C%22cd%22%3A1364.4375%2C%22mw%22%3A1050%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fstory%2F61c69ed7d303e30bec346a57%2Foklahomans-enjoy-arvest-winterfest-on-christmas-eve-despite-the-warm-temperatures%2Cbelow-main-feed%3Dthumbs-2r%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newson6.com/story/61c69ed7d303e30bec346a57	1969-12-31 23:59:59	Name: ntvSession Value: {"id":2625142,"placementID":1073590,"lastInteraction":1646220666900,"sessionStart":1646220666900,"sessionEndDate":1646265600000,"experiment":""}
www.newson6.com/	1970-01-20 01:37:10	Name: connect.sid Value: s%3AWmdQosOgVuJqYGM9eXHRVNqqmTc1dO3J.DJYHYP1xdtATqLpxH0Wphads9VkXY9B7UIG05knaJXY
www.newson6.com/	1970-01-20 10:02:36	Name: usprivacy Value: 1---
www.newson6.com/	1970-01-20 02:00:12	Name: _pbjs_userid_consent_data Value: 3524755945110770
.newson6.com/	1970-01-20 10:02:36	Name: _pubcid Value: 89c0e984-6f38-474e-9572-616426e249ef
.go.sonobi.com/	1970-01-20 01:17:00	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s5610\|Yh9Vf
.rubiconproject.com/	1970-01-20 10:02:36	Name: khaos Value: L09HA3PS-13-GLIT
.rubiconproject.com/	1970-01-20 10:02:36	Name: audit Value: 1\|naVuGyos1qqiT3+zhg4ikUHau3iET1N0BmQvWiFCZkI/v2L5sO5vrxta3r0EpJlBpYcoezCkB8nsdoNYHPu+QsxuhZpbWKLtSO1Kqm/rGnA=
www.newson6.com/	1970-01-20 10:02:36	Name: ntv_as_us_privacy Value: 1---
.scorecardresearch.com/	1970-01-20 18:33:48	Name: UID Value: 19F73c03b0d3f7cf7580d241646220666
.newson6.com/	1970-01-20 18:48:12	Name: _ga Value: GA1.2.931928241.1646220667
.newson6.com/	1970-01-20 01:18:27	Name: _gid Value: GA1.2.1478513096.1646220667
.newson6.com/	1970-01-20 01:17:00	Name: _gat_UA-572554-5 Value: 1
.postrelease.com/	1970-01-20 10:02:36	Name: opt_out Value: 1
www.newson6.com/	1970-01-20 01:17:02	Name: _tb_sess_r Value:
www.newson6.com/	1970-01-20 10:47:15	Name: __atuvc Value: 1%7C9
www.newson6.com/	1970-01-20 01:17:02	Name: __atuvs Value: 621f557ac21cf359000
.viafoura.co/	1970-01-20 02:00:12	Name: VfSess Value: 06dr3tv09tpks50021d6mn6357
.viafoura.co/	1969-12-31 23:59:59	Name: vfThirdpartyCookiesEnabled Value: true
.addthis.com/	1970-01-20 10:47:15	Name: uvc Value: 1%7C9
.addthis.com/	1970-01-20 10:47:15	Name: loc Value: MDAwMDBFVURFTlcyMzE3MTg4NzAwMjAwMDBDSA==
www.newson6.com/	1970-01-20 01:17:02	Name: _vfb Value: www%2Enewson6%2Ecom.00000000-0000-4000-8000-d8ecaca547bb.1.10.1646220668....
www.newson6.com/	1970-01-20 01:17:01	Name: _vfz Value: www%2Enewson6%2Ecom.00000000-0000-4000-8000-d8ecaca547bb.1646220668.1.medium=direct\|source=\|sharer_uuid=\|terms=
www.newson6.com/	1970-01-20 10:02:36	Name: _vfa Value: www%2Enewson6%2Ecom.00000000-0000-4000-8000-d8ecaca547bb.8c0444d2-8dbd-4620-a632-637f1d6070fb.1646220668.1646220668.1646220668.1
.newson6.com/	1970-01-21 03:33:48	Name: _awl Value: 2.1646220667.0.5-dbfa134b5b74b97126152154fb98d641-6763652d6575726f70652d7765737431-0
.newson6.com/	1970-01-21 03:33:48	Name: _admrla Value: 2.0-dbfa134b-5b74-b971-2615-2154fb98d641
.viafoura.co/	1970-01-20 10:02:36	Name: vfDeviceId Value: 857d1408-44fb-46b2-925e-722a90722141
www.newson6.com/	1970-01-20 01:17:00	Name: m32_pubgeo Value: eyJpcCI6IjQ1LjE0MS4xNTIuNjgiLCJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6IkRldXRzY2hsYW5kIiwicmVnaW9uX2NvZGUiOiJIRSIsInJlZ2lvbl9uYW1lIjoiSGVzc2VuIiwiY2l0eSI6IkZyYW5rZnVydCBhbSBNYWluIiwidGltZV96b25lIjoiRXVyb3BlL0JlcmxpbiIsImxhdGl0dWRlIjo1MC4xMDQ5LCJsb25naXR1ZGUiOjguNjI5NSwibWV0cm9fY29kZSI6MCwicG9zdGFsX2NvZGUiOiI2MDMyNiJ9
.newson6.com/	1970-01-20 10:38:36	Name: cto_bundle Value: dbGyh19CdjRkbXB2bmsxJTJCVHZjMmJ6NTVBWEtzWmNjSWQyS0tWZFFtSlBDNm00ZFFpM0Z4MlhVbmIlMkZtRHhSWnlZdjJEUktaVWNCQ1M2UGYyY3d4azZCTXZjV1ZQck5tNmo2NURma1F1UW85MnYxRTZxS1VzV3NXS0RSVmw2TTBTcmFXVXI
.newson6.com/	1970-01-20 10:38:36	Name: cto_bidid Value: Fkx98F8ya1V3WDQ2TTlmQzdOZGRySlhsNmUyMndpbFpsMCUyQnhhdnI1VHlraTc2aUlESFZjUHRiMHlYWG9xWmlyckFFRFIlMkJGWmEzbWhuUDFHR0xUcXkxb25kMmclM0QlM0Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.lijit.com
apex.go.sonobi.com
api.viafoura.co
baron.kotv.com
bidder.criteo.com
btlr.sharethrough.com
c2.taboola.com
cdn.field59.com
cdn.taboola.com
cdn.viafoura.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geoloc.m32.media
ghb.yieldlift.io
griffin-communications.akamaized.net
gum.criteo.com
hbopenbid.pubmatic.com
hot-town-closings.s3.amazonaws.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
id5-sync.com
images.getadmiral.com
imasdk.googleapis.com
jadserve.postrelease.com
livecomments.viafoura.co
m.addthis.com
mug.criteo.com
notifications.viafoura.co
os4m-d.openx.net
pagead2.googlesyndication.com
player.adtelligent.com
player.field59.com
player.yieldlift.io
rdc.m32.media
redirect.field59.com
s.ntv.io
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssc.33across.com
stackpath.bootstrapcdn.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
targeting.unrulymedia.com
trc.taboola.com
v1.addthisedge.com
voraciousgrip.com
web.hb.ad.cpe.dotomi.com
widget.perfectmarket.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.newson6.com
z.moatads.com
hbopenbid.pubmatic.com
s7.addthis.com
trc.taboola.com
104.16.58.230
104.16.60.230
104.75.88.126
151.101.1.44
151.101.193.44
172.217.23.98
178.162.133.150
178.250.0.157
178.250.2.131
18.184.249.62
184.31.84.150
185.33.220.243
2.18.234.163
2.18.235.40
213.19.147.43
216.52.2.39
2600:1f18:44f0:4832:d1c0:ca07:da34:7495
2600:9000:2057:b600:8:2ae1:d740:93a1
2600:9000:206f:ca00:1c:8a47:ec00:93a1
2600:9000:214f:9800:8:48e:53c0:93a1
2602:803:c003:200::51
2606:4700:3034::6815:4466
2606:4700::6812:acf
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba0b
2a02:fa8:8806:13::1460
2a0c:5c81:5142::2
3.88.120.28
3.92.67.221
34.149.20.76
34.98.64.218
35.190.64.11
35.227.201.248
35.227.246.163
45.133.44.4
50.17.45.48
51.89.7.205
52.217.139.185
54.162.254.217
99.86.7.34
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
071a3906c43096a22dc94830ccc72ddeef590c91c187f3d4eb9a7dc5ce6609b1
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f771d519306d5ae99473e06775b77f1697c6992f74fa699c347baf01ddcb12c
11a92f958776c4c95db04e3dcdea3eaad69cb1bd45841f84dc9b328fe78ba280
12132544b23a39df46c1af6cd2ad5d0503f70717b5fd8dbed53f2476159907a5
185b3334a6c36404de43de8c5c952a65c5d81b567194b57af5a8af57602ac5ee
20638b42fdffc8dd9040c0ddecd25184b1d67cd5051cefe4d32e7131b39164d8
25e877159a576d04fa7dd98247004e333eedb6f981619a049b32c5e778944e59
26c4ef99fc29cac0eb9bbfb22924dcfdb6c846e64f1c6a24738f87175c2cd81a
2bdc1665c6729a98596369649190c48e69272c21a46abddecceefd6be59581ca
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
320e48973b75574afce198236b2ee06ff1a93843f870334dba25cd7f837af6a6
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36a588822bfb9e3d351da79c492ed62f9d98275d59f611a50b0f37ae11731a34
419aadd1460a44512e76a26585ec916c1faf6599fbeab4795d3ba1958e73d90f
425c571e8bc6701d4068deb62c29fd71600c5932e3ae160de24b81dedbc937f1
4290c627d929681efc241c1e6b68182f5b43941da2ce06dda35bb0531c9729a4
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
538b5f936b44218946cd71379559bf6bdc54f345f3edc2f5c7084b7d0623b222
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a40d9b6838b1a9907137a3c2c82629394e9d97acaf5f494ef6799bba31f781
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
59caa38d6f589a12460192e57cf0c6c8e9d04f82217d1963cbc8d207f7afd91f
5be50a7d1fe31c810dfec68ab3d8b69c51017d75ad693ed556d3d1df4f7cc3ae
5e554a79c82d7292297617179cb1ce618b5fc41cb6440da1818d4e521337a186
5e7cb9da834946a345c5f9d60d0c406a6789fcd29b80ea3207fbdd8fcaae4e04
5e868fe4e209ab38b2a783a234d12107f115b01b160c691831ad7982448e65d3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6179974393162583edabf194073462712000fc96c82d4b9eccedf7aa9617b548
619ad2d8d1f974e9d4e7839a9b16728e00830ae474c111454a8d6c515f3c2e24
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
63a22801e7900cf78a218a72dbe07ba3b81fc890f79615ca887f41a5583b80a5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d64a0418bce759f01cd9d1666d13fe1158c66543f46abb0b5f6c5e47b3f285b
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
7116d9b2a34b550fa9927ceb59ff01bc9f1e5881c0055f8dabda329fd181f285
722b79ee84afa2fa2780760133eeeeb527ab87b6c1f6e90bbbce73d89797bfa3
7246c5a733d6ad191c366c439981391bb462aad4705671fa39d318e58f60a607
728eee083d9ebdbfd6de30bc14f7c814916bf14196cb99ff637e65e862e17cc0
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7afd1220823e11508d3f03c32dc889df0202be78768e5f19071f003276d54faa
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d88642a55f24c052575d2116dad550055cf3cdb2e576be3392cd72edc81a4fa
7dcc9e66f50570314f67d8c15efd5e94b83883e7575665200a98712271a0e5e4
7f1f55d1947f829beaa5e338cee9da98ce032dc5376694003b29587afdc78395
838f48fb314b5d97a2eaf0d105f3e06be69fbfede4ff8b8b8cd13c557622d745
84bc4b4e83d00a23ad6e7f8f9dc85067b7503c0a00814e02b02a20b3b0c8ddd6
86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87dd37ba2bf577d27dbac941dde2ace8f320ca28160465a8a2374c67a097ff5e
8a53290d8a93023c7eef0d3c444df954b2f77115a3cf3f9351180079011da45c
8b3bbcbb0495e73eaf207f7a315f780be7e713bcddae562e1b0af8f1bf2f45c5
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
8dad13965cae5165c9937f51581bb25a2b9d14e3d9d4ac949e8ac8b9174cd15d
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
8f656076ee9faaa43b28d941e35978b30056113af8b9aacba6aa853879bab206
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91df68a25cd8463c352ac93244af1df4d8fb888ea729ea3824686ce4bf2c8765
91e6402d8044591224c62d8e5f289bb48f807c01dfa03904465ac301c610dd8e
93e956d9b215273da41b4747167d7d7a1e37660065fa08231f8e950183a5c79a
948d657f668ce87cd8b0ef38cb49191b377254366735a5cf23a1db9f614830aa
94d4d40a9eda0c687da7f7a86bc90c777013d6b2a9a7b7454ab6a3412358a133
9528febcc66052f2f99bfc1088583946c13851fd8b02e9b3ad0dfd52f0ad5318
9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa
96f1249d84ab105d7984cda1b0e7901f70794254315dc45385b4a85e9da538b9
97561eb1b3a7b1dbd6e01e3d83e75213bccfff294885b71d89b61b9352d4fd4e
9a48885dafbf847141d353245399a4fc91db653213dfef0dded37a7c56442390
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3c82663f346f450233090530045ed5764c412ae4a2195c82538ae138738cfa0
a5eb9854bbf90bee8ace17a89e13b4c5e869dc0508a8a6e995c02da433dd92f5
a704480bd2d436dcd5609f0624252f0204dc3147f5123a45c0c634bd25ed30bd
a7eead747912e886e1ab60344a4f7e0c10e77132ee12ae0cd03a42c4fe2df21c
a8a4fff9cb57d4ffbcf690eb56579c0eb197a54e9d0b69e9f6c34ae49c2ef299
a8f3b7a47377996fe91fbaea926f705db111479a46074a3f3df34cfb9732e987
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b04cd38564a43fa92b9a5edc3f7923a94dbe8706c1b9130cfec8c2136acc9f03
b1251c1d2138ca5fe7ec866d23f939dbf034193b83ae230fa9159ccf03a7a298
b3faa66b4f36ef74c8f6dba115cdcc3652a61556778fae86e7bf707742eefa65
b6bc705ba3d26952df648e766605a3322737a442fb37148513a918cf7b838f42
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
ba5e4256742d05d0a63da6c682e491bcb9eade51f43a5c3c5038ea095e9ca73e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb96db8ecfb25256326daedc596be825f4a1359927bd77d5a5050bac7105db27
bcb86a331f549611ee1ca632d0f616fb92a5edd408b8eb32003317304665c176
bdbfd7103de44415a582357fe1360f93792aeb64d61ca2ea35d6b59d92d32b41
be270b951dd311faaf9410f008aa81da9f238632bf38a75eac2470ca25a695f3
c35aa5129037103e4b9091e758faaaf0f264d60f92aa90079ce89673860d88fd
c5a49437e64a95b9d7c29266d82c60b83dbcf841b7af22bfc8e6950be489035e
cb0a90dd01b8934f8106c94bf458e052fd7f495159b9046c9a5bec0123d72915
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce57ff50551e1bddd83b30981b94b3b83b80633127de3ddd4d4db448aa29dd95
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d286e31993062c84db7d15274216bef3d70b38cf4e25439abe6e2834f12786ea
d2c9491534cd274939086cecc10ae84355e42a2175248722e6a4486f39a01ef3
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
d9667dde01557c23c5024bd665966b568fb4c59507baadfaf4887ecc5b78e12c
d97e80797005727fc875fad63d6c7cd0a9c6d8a163d8169a937296e1da27ed66
ddaa0d52bb744fbadd01e0d802c1703e49d7650eeb66bded570111b6c9752528
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0
e389d734bb33daa0c7a2df92d05b2d9cfa8cd81c81114182a2823702d1afa530
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b034a1fb0b4c0c788754b4b7dfe2a9d16c508aad3d6af284c1a6731feafee9
e6da099f98e79188b479b8e3d8be836b73411e02da2dba4e8ac8ccb8f2b98b59
eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee7fa9758461125ca596582dc9082a355124c94c6b989f188bac28ad1ff5c191
eebaf506675b286edf947ef63b7b0bb388524517fc3fb09694446f2ad7a4cc16
f11363dd4beeef02ac64f9c04f5d95590c1699c21113610f859eab01fbd8f2f2
f6c217cf4a70824e150c9b84635540ccebfacd9f4a6b024d8d3d13e7226ca0ec
f918c48a41e38f0a60a5979a80886f6652627152629af37242e82e4d74198797
fa1b5f122f4540d031362a25e2bb8d1372c9cecb18e1ba7fdfd2ffda0d2d0965
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ffef493459a7a83e6572f9d225924341ae8d6c002bd7ae690d09bec6a9034a21

www.newson6.com Open in urlscan Pro 2600:9000:206f:ca00:1c:8a47:ec00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

96 %HTTPS

42 %IPv6

44 Domains

58 Subdomains

51 IPs

8 Countries

3121 kBTransfer

10232 kBSize

31 Cookies

16 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newson6.com Open in urlscan Pro
2600:9000:206f:ca00:1c:8a47:ec00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

96 %
HTTPS

42 %
IPv6

44
Domains

58
Subdomains

51
IPs

8
Countries

3121 kB
Transfer

10232 kB
Size

31
Cookies

148 HTTP transactions
1 data transactions