www.news9.com Open in urlscan Pro
2600:9000:214f:fe00:7:fd1f:ea00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/qPs05d2T6P
Effective URL:
https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Submission: On April 04 via api (April 4th 2022, 11:24:17 am UTC) from US — Scanned from DE

Summary HTTP 120 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 31 domains to perform 120 HTTP transactions. The main IP is 2600:9000:214f:fe00:7:fd1f:ea00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.news9.com. The Cisco Umbrella rank of the primary domain is 148345.
TLS certificate: Issued by Amazon on February 14th 2022. Valid for: a year.

This is the only time www.news9.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
14	2600:9000:214... 2600:9000:214f:fe00:7:fd1f:ea00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14cc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.61.230 104.16.61.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
7	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	23.35.237.64 23.35.237.64	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	104.16.57.230 104.16.57.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2600:9000:205... 2600:9000:2057:400:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.6.252.104 52.6.252.104	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.197.225 52.217.197.225	16509 (AMAZON-02) (AMAZON-02)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.58.230 104.16.58.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1f18:44f... 2600:1f18:44f0:4840:880:96a6:bfe8:21df	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:214... 2600:9000:214f:d600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	3.213.149.116 3.213.149.116	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2 4	99.86.7.38 99.86.7.38	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	35.170.84.146 35.170.84.146	14618 (AMAZON-AES) (AMAZON-AES)
2	35.227.246.163 35.227.246.163	15169 (GOOGLE) (GOOGLE)
8	34.196.163.206 34.196.163.206	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3037::ac43:c1e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.227.201.248 35.227.201.248	15169 (GOOGLE) (GOOGLE)
120	38

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:214f:fe00:7:fd1f:ea00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.news9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14cc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

griffin-communications.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.61.230 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

images.news9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
griffin-local.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.64.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

voraciousgrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.57.230 (None, )

ASN13335 (CLOUDFLARENET, US)

player.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2057:400:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.252.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-252-104.compute-1.amazonaws.com

baron.kwtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.197.225 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

hot-town-closings.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.58.230 (None, )

ASN13335 (CLOUDFLARENET, US)

redirect.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:44f0:4840:880:96a6:bfe8:21df (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:d600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.213.149.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-149-116.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.7.38 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-38.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.170.84.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-84-146.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.246.163 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 163.246.227.35.bc.googleusercontent.com

rdc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.196.163.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-163-206.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
notifications.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:c1e6 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.201.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.201.227.35.bc.googleusercontent.com

geoloc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 11133	541 KB
17	news9.com www.news9.com — Cisco Umbrella Rank: 148345 images.news9.com — Cisco Umbrella Rank: 394165	520 KB
14	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 11575 livecomments.viafoura.co — Cisco Umbrella Rank: 12047 i.viafoura.co — Cisco Umbrella Rank: 11548 notifications.viafoura.co — Cisco Umbrella Rank: 13186	6 KB
7	voraciousgrip.com voraciousgrip.com — Cisco Umbrella Rank: 190940	225 KB
7	field59.com cdn.field59.com — Cisco Umbrella Rank: 40509 player.field59.com — Cisco Umbrella Rank: 30820 redirect.field59.com — Cisco Umbrella Rank: 119156	399 KB
6	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1179	4 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1506 m.addthis.com — Cisco Umbrella Rank: 1443	218 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 132	1 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	152 KB
3	m32.media rdc.m32.media — Cisco Umbrella Rank: 25080 geoloc.m32.media — Cisco Umbrella Rank: 26963	17 KB
3	gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 imasdk.googleapis.com — Cisco Umbrella Rank: 405	195 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	142 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
2	akamaized.net griffin-communications.akamaized.net — Cisco Umbrella Rank: 162553	2 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1706	743 B
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 95567	3 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	13 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5640	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 7	501 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	28 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 524	482 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 374	1 KB
1	amazonaws.com hot-town-closings.s3.amazonaws.com — Cisco Umbrella Rank: 217828	507 B
1	kwtv.com baron.kwtv.com — Cisco Umbrella Rank: 262123	1 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3465	115 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	59 KB
1	imgix.net griffin-local.imgix.net — Cisco Umbrella Rank: 347474	46 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2381	18 KB
1	taboola.com c2.taboola.com — Cisco Umbrella Rank: 7638	17 KB
1	t.co t.co — Cisco Umbrella Rank: 463	575 B
120	31

	Domain	Requested by
25	cdn.viafoura.net	www.news9.com cdn.viafoura.net
14	www.news9.com	t.co www.news9.com
7	voraciousgrip.com	www.news9.com voraciousgrip.com
6	livecomments.viafoura.co	cdn.viafoura.net
6	jadserve.postrelease.com	s.ntv.io www.news9.com
4	i.viafoura.co	www.news9.com
4	sb.scorecardresearch.com	2 redirects www.news9.com
4	s7.addthis.com	www.news9.com s7.addthis.com
3	api.viafoura.co	cdn.viafoura.net
3	player.field59.com	www.news9.com player.field59.com
3	fonts.gstatic.com	fonts.googleapis.com
3	images.news9.com	www.news9.com
3	cdn.field59.com	www.news9.com player.field59.com
3	securepubads.g.doubleclick.net	www.news9.com securepubads.g.doubleclick.net
2	rdc.m32.media	cdn.viafoura.net rdc.m32.media
2	s0.2mdn.net	player.field59.com s0.2mdn.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	www.news9.com voraciousgrip.com
2	griffin-communications.akamaized.net	www.news9.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	geoloc.m32.media	rdc.m32.media
1	images.getadmiral.com	www.news9.com
1	notifications.viafoura.co	cdn.viafoura.net
1	pagead2.googlesyndication.com	srcdoc
1	imasdk.googleapis.com	s0.2mdn.net
1	www.google.de	www.news9.com
1	www.google.com	www.news9.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	player.field59.com
1	static.adsafeprotected.com	www.news9.com
1	z.moatads.com	s7.addthis.com
1	redirect.field59.com	www.news9.com
1	hot-town-closings.s3.amazonaws.com	www.news9.com
1	baron.kwtv.com	www.news9.com
1	s.ntv.io	www.news9.com
1	www.googletagmanager.com	www.news9.com
1	griffin-local.imgix.net	www.news9.com
1	stackpath.bootstrapcdn.com	www.news9.com
1	c2.taboola.com	www.news9.com
1	t.co
120	41

This site contains links to these domains. Also see Links.

Domain
reviews.news9.com
workforcenow.adp.com
bit.ly
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.google.com
griffincommunications.net
griffin-communications.akamaized.net
optout.aboutads.info
publicfiles.fcc.gov
getadmiral.com
www.addthis.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.news9.com Amazon	`2022-02-14` - `2023-03-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.asharq.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
voraciousgrip.com R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
viafoura.com Amazon	`2021-10-07` - `2022-11-05`	a year	crt.sh
*.kwtv.com Amazon	`2021-12-30` - `2023-01-28`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.m32.media Sectigo RSA Domain Validation Secure Server CA	`2021-12-16` - `2023-01-16`	a year	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2021-05-13` - `2022-05-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Frame ID: 69C29C41AAAFE02792F11CA4FFF9BA8B
Requests: 113 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Frame ID: 71F24E51FB03BD8A6C779FB5C0788BE1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F14A740A162F70D25BFE4EE1FB125004
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1703E9BC5DDAA49A82E4F6B764090D2F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: EC3FB2A18CF5C97498D27F171779E658
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oklahoma City Indian Clinic Suffers Cyber AttackNews 9 user-signalchecklistsettings-toggle-horizontalFacebookTwitterEmailCopy LinkFacebookTwitterEmailCopy Link

Page URL History Show full URLs

https://t.co/qPs05d2T6P Page URL
https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

97 %
HTTPS

51 %
IPv6

31
Domains

41
Subdomains

38
IPs

4
Countries

2815 kB
Transfer

8432 kB
Size

25
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://reviews.news9.com/
Title: Buying Guides

Search URL Search Domain Scan URL

URL: https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=54733210-d9a2-4046-a182-316ad78bb00a&lang=en_US&selectedMenuKey=CurrentOpenings
Title: Job Listings

Search URL Search Domain Scan URL

URL: https://bit.ly/PowerByViafoura

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NEWS9/

Search URL Search Domain Scan URL

URL: https://twitter.com/News9

Search URL Search Domain Scan URL

URL: https://www.instagram.com/news9/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NEWS9OklahomaCity

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/KWTV+News+9/@35.5481854,-97.4986936,17z/data=!3m1!4b1!4m5!3m4!1s0x87b219a733117a87:0x86cf9395c7f1cb3e!8m2!3d35.5481854!4d-97.4965049

Search URL Search Domain Scan URL

URL: http://griffincommunications.net/
Title: Griffin Communications.

Search URL Search Domain Scan URL

URL: https://griffin-communications.akamaized.net/legal/kwtv_eeoReport.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/#!/
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KWTV-DT
Title: KWTV Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/ksbi
Title: KSBI Public Inspection File

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.news9.com&utm_medium=pb&session=5-b5dd642d88d70c5d9d4df63f2f9b7559-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/qPs05d2T6P Page URL
https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://sb.scorecardresearch.com/b?c1=2&c2=15283051&ns__t=1649071449331&ns_c=UTF-8&c8=Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack&c9=https%3A%2F%2Ft.co%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1649071449331&ns_c=UTF-8&c8=Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack&c9=https%3A%2F%2Ft.co%2F

Request Chain 116

https://sb.scorecardresearch.com/c2/15283051/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

120 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 qPs05d2T6P
t.co/ 460 B
575 B 139ms
124ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/qPs05d2T6P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 243
content-type: text/html; charset=utf-8
date: Mon, 04 Apr 2022 11:24:07 GMT
expires: Mon, 04 Apr 2022 11:29:08 GMT
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: e10b5dab99a7854729471ef90149867fd107b777f9149a45cd0a0dcaa6e6f8e2
x-response-time: 116
x-xss-protection: 0

GET
H2 200 Primary Request oklahoma-city-indian-clinic-suffers-cyber-attack Show response
www.news9.com/story/6242690e64d0e8070c7f5907/ 409 KB
70 KB 414ms
258ms Document
text/html 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Requested by

Host: t.co
URL: https://t.co/qPs05d2T6P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

a8258fafc935d218b8c02a2b5be0c5e5deb8e2cb98548fee9d176666a67a8790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: public, max-age=120
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Apr 2022 11:24:09 GMT
etag: UwqStvpDh4N/Ds4IfGb5C4DWxt0=
referrer-policy: same-origin
server: nginx/1.20.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: CryXuosxqWt0gioMvwp7uQzvJKvhF5e4hZP-aR4XEc6_bivqOqdhxA==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bundle-kwtv-production.js Show response
www.news9.com/js/ 382 KB
113 KB 109ms
109ms Script
application/javascript 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/bundle-kwtv-production.js?v=1648493084903

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

c79348027b279198cb93513bd91b77dbeeb3b8fc9c37119fe6e97603e1906c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"5f689-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-timestamp: 1649071449203
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: _5BDhqdX_aG_scR1BGjvACNV-IwxCFYuLnSN4cFSJcFxzIXcJiDwVg==

GET
H2 200 below-the-fold-bundle-kwtv.css
www.news9.com/css/ 90 KB
16 KB 201ms
200ms Stylesheet
text/css 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/css/below-the-fold-bundle-kwtv.css?v=1648493084903

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

93e956d9b215273da41b4747167d7d7a1e37660065fa08231f8e950183a5c79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"16625-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-timestamp: 1649071449296
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: orLnlnUmAQE1QvmhLPaJ3AqrFiiwNQlPUIunrUW3szJ6JA8yL2gABw==

GET
H2 200 above-the-fold-bundle-kwtv.css
www.news9.com/css/ 210 KB
39 KB 208ms
208ms Stylesheet
text/css 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/css/above-the-fold-bundle-kwtv.css?v=1648493084903

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

97561eb1b3a7b1dbd6e01e3d83e75213bccfff294885b71d89b61b9352d4fd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"34789-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-timestamp: 1649071449379
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: JO3FhToBOvU9DrFyRl_pWhzGqGEh3vGkahpovyzbvBdy60a8p6lJRQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 144ms
53ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

7f6ecf10e100dfd6648d2dbcb5cd015c12809d10c2179341fb0571bca60a2420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28208
x-xss-protection: 0
server: sffe
etag: "1177 / 195 of 1000 / last-modified: 1649062076"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Apr 2022 11:24:09 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/griffin-news9/ 60 KB
17 KB 48ms
25ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/griffin-news9/newsroom.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2faab373fe09d6c83c6a9078b19021b0049667bf730edf7a4c2f3c98678ad3ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "88921d7f1ddf7db14f6040a9980a4690"
fastly-original-body-size: 0
age: 152
x-cache: HIT
content-length: 17285
x-amz-id-2: AahnNei49PxJrU6IjCKUKTJhZUuIwoXk7z9a47IEA8eoRHwInvGHgOHz2i4c16+YFuXV0VZsuCE=
x-served-by: cache-hhn4049-HHN
last-modified: Fri, 14 Jan 2022 19:44:10 GMT
server: AmazonS3
x-timer: S1649071449.267691,VS0,VE1
date: Mon, 04 Apr 2022 11:24:09 GMT
vary: Accept-Encoding
x-amz-request-id: N85FMFE1YZYW35NF
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 n9logo.svg
www.news9.com/img/ 2 KB
2 KB 210ms
209ms Image
image/svg+xml 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/n9logo.svg

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

42cac8700a4be94d6bddefeaae0adc5566ff988af5aed9b18afe3ef69ea82b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"943-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-timestamp: 1649071449386
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: XAUUL08EUpm-tdltZNfsT_PnCO5Z8K29X5hLVmpHgaXcWFkkqOHOAw==

GET
H2 200 n9logoLarge.svg
www.news9.com/img/ 6 KB
3 KB 211ms
210ms Image
image/svg+xml 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/n9logoLarge.svg

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

5771c4607a8b38561287f16cf9051ea82d59775e7be812412e232c6b4e238d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"1633-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-timestamp: 1649071449386
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: pIMbmrkyAICxkyRowgaud5zYvgODd7O3NwexMxY9HyQnQj27c83NDQ==

GET
H2 200 notStreaming.svg
www.news9.com/img/ 363 B
902 B 205ms
204ms Image
image/svg+xml 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/notStreaming.svg

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

5e554a79c82d7292297617179cb1ce618b5fc41cb6440da1818d4e521337a186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
content-length: 363
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"16b-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
x-timestamp: 1649071449382
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: tm5BppyEGg9yUlOr5M_j8JiHARfQd6Jtbww5ckzw5uenNUiMATJhSg==

GET
H2 200 streaming.svg
www.news9.com/img/ 419 B
957 B 347ms
346ms Image
image/svg+xml 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/streaming.svg

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

7afd1220823e11508d3f03c32dc889df0202be78768e5f19071f003276d54faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
content-length: 419
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"1a3-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
x-timestamp: 1649071449520
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: 7Wr932cUP3On-5oz3YVXciXgoPx-ZZOULteAbu3oueLuyhAN3r6xyg==

GET
H/1.1 200
OK partlycloudy.svg
griffin-communications.akamaized.net/baronIcons/day/ 1 KB
2 KB 558ms
481ms Image
image/svg+xml 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/baronIcons/day/partlycloudy.svg
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 43684042c34ac7c5e8534fcae77a3b453415b80d6b364e1a45a90dab9bdc52d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 11:24:09 GMT
Last-Modified: Wed, 26 Jun 2019 16:04:31 GMT
Server: AkamaiNetStorage
ETag: "94a8a4d817c3572302b1fa97e995e0ad:1580959044.278314"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1278

GET
H2 200 glyphicons-halflings-regular.woff2
stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 55ms
22ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565
age: 1443515
cdn-proxyver: 1.02
cdn-cachedat: 02/05/2022 16:58:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "448c34a56d699c29117adc64c43affeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c9eb6bb3ca87dd1512aa6076ed0a4d6c
accept-ranges: bytes
cf-ray: 6f69ad0dfd1b6928-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4dab956c01a40862ee2915bb81507cf29c439530.jpg
cdn.field59.com/KWTV/ 186 KB
186 KB 287ms
130ms Image
image/pjpeg 104.16.61.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KWTV/4dab956c01a40862ee2915bb81507cf29c439530.jpg
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.61.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c10dbb8682407530fc33c5771b9edd497a3df919408aac9518560289eb99e41a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
cf-cache-status: HIT
x-amz-request-id: FTKF2KW2SWAZ5E3T
cf-ray: 6f69ad0edfe991dd-FRA
x-amz-replication-status: COMPLETED
content-length: 190199
x-amz-id-2: fzhPlylEm56lmoe9tMlhLau+yS3p3cTGgw7Kz0kyGRarRdQKmrQyD4FTba67nlZlr+0xxpCCNaw=
last-modified: Tue, 29 Mar 2022 03:18:27 GMT
server: cloudflare
etag: "264dca189146cd9c801224fbd8f5efae-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 0S66sQfBpn8I4VYeLA5OI5A4UnAvqbnD
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/pjpeg
expires: Wed, 04 May 2022 11:24:09 GMT

GET
H2 200 okc-indian-clinic.1648519422959.jpeg
images.news9.com/kwtv/production/2022/March/28/ 46 KB
46 KB 141ms
9ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9.com/kwtv/production/2022/March/28/okc-indian-clinic.1648519422959.jpeg?w=1050&h=590.617&fit=crop

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

902ffb45a748372fe71fa990db6014d6e0dcb4784a29639b670dced31c328951

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Mar 2022 02:04:09 GMT
server: imgix
age: 551999
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 3c6ce7d7fff701003cb5203aca505f3ea4ca7c6a
accept-ranges: bytes
content-length: 46680
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10065-SJC, cache-hhn4054-HHN

GET
H2 200 okc-indian-clinic.1648519422959.jpeg
griffin-local.imgix.net/kwtv/production/2022/March/28/ 46 KB
46 KB 72ms
31ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://griffin-local.imgix.net/kwtv/production/2022/March/28/okc-indian-clinic.1648519422959.jpeg?w=1050&h=590.617&fit=crop

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

902ffb45a748372fe71fa990db6014d6e0dcb4784a29639b670dced31c328951

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Mar 2022 02:04:09 GMT
server: imgix
age: 551999
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: f19eb6113ec6c94df50087fa11aac66367b24a9f
fastly-original-body-size: 46680
accept-ranges: bytes
content-length: 46680
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10026-SJC, cache-hhn4081-HHN

GET
H2 200 fa-solid-900.woff2
www.news9.com/webfonts/ 74 KB
75 KB 310ms
310ms Font
font/woff2 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/webfonts/fa-solid-900.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 76084
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"12934-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1649071449523
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: WZY8MMY108SHzODh9jL1LYJ37IThtmCYezWrAjAODCjuA6sxU2R2KA==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 200ms
70ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 10:32:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 11:24:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 11:24:09 GMT

GET
H2 200 jquery.min.js Show response
www.news9.com/js/ 85 KB
30 KB 208ms
207ms Script
application/javascript 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/jquery.min.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"15283-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-timestamp: 1649071449475
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: YAVda0a9Hz57M0QFWiCixLO4LIZ9vxZ2VYCIuBL4O2UH9LxnPqyfBA==

GET
H2 200 bootstrap.min.js Show response
www.news9.com/js/ 36 KB
10 KB 257ms
257ms Script
application/javascript 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/bootstrap.min.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"90b5-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-timestamp: 1649071449523
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: SazKUzCGgLqZLLVGoUMrVDRqZ8X-1PpF0qNEp4GEq8yoa36EfvC2rg==

GET
H2 200 fa-brands-400.woff2
www.news9.com/webfonts/ 74 KB
75 KB 196ms
196ms Font
font/woff2 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/webfonts/fa-brands-400.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 75936
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"128a0-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1649071449467
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: f911ZjfwKM7fetoJ0t27ytM0kYCq733PvgHXDnTAUPseQBfkduT-tA==

GET
H2 200 fa-regular-400.woff2
www.news9.com/webfonts/ 13 KB
14 KB 107ms
107ms Font
font/woff2 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/webfonts/fa-regular-400.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 13576
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"3508-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1649071449380
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: Mk8X1_iojZOkFM2TOBabq9Ly7ThoINSfJmKy_Rm51iHgeRKJN6VmQw==

GET
H2 200 v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX Show response
voraciousgrip.com/ 525 KB
91 KB 257ms
213ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

14f9753575e756d19ee1051ff6e61ba3e753784fa28c60e89420b61da2599239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "b7fdd8ac704a18a45415b8950d8ca31c00e7a3732d1bf879e1b31fb34c34c08f"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 04 Apr 2022 11:24:09 GMT
x-buildnumber: 505852149
timing-allow-origin: *

GET
H2 200 v2oqaSX2gQYQX9cIy3WeInyz3wRS9LEToHCR04q6dBtcVSYbAZ2eIn_laN9OwVyuL_mhUAwgLQm1Ds8xhpw Show response
voraciousgrip.com/ 16 KB
6 KB 213ms
204ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2oqaSX2gQYQX9cIy3WeInyz3wRS9LEToHCR04q6dBtcVSYbAZ2eIn_laN9OwVyuL_mhUAwgLQm1Ds8xhpw

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

872d9cf86eb204efad6639e68925ec9e040c100ef975a2177ffdcf4d64873db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "c4145391e90fcf7042b12a0815ca09e8a7647ddb02abbb619c10abc7bb2f2724"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 04 Apr 2022 11:24:09 GMT
x-buildnumber: 505852149
timing-allow-origin: *

GET
H2 200 pubads_impl_2022032903.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
123 KB 34ms
33ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032903.js?cb=31066032

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e0b7c3c640512a60b36d0e42047dcff5f092d062a0263b84e4029bdec2e77612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 08:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126242
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 19:29:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 08:56:33 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 317 B
184 B 86ms
41ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.news9.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ad3c43cb768f9fb7f21afc9ab278b21b1d4a47f57abb97224c6d1aff9ba1909a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159
x-xss-protection: 0
expires: Mon, 04 Apr 2022 11:24:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
59 KB 206ms
73ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20245147956b74b92576978a910fc629a462f5a3f85a3c6d8d6f235d348915be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60231
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Apr 2022 11:24:09 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 394 KB
115 KB 213ms
169ms Script
application/x-javascript 23.35.237.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1648493084903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c884a5117a2d9fe801f55d252b89662eb1f26845df4511fcd36de1d7277e1a59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 11:24:09 GMT
Content-Encoding: gzip
x-amz-request-id: F95901F8BNV1JC37
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: +qObKSZmIy1UxTv69gEWjxAKc7RjHuxrpojkokD1mlNq2+vfAgn+TZJTmEYrZ5kRCBaPCGLmlP8=
Last-Modified: Mon, 28 Mar 2022 14:28:27 GMT
Server: AmazonS3
ETag: "534d35cb4013173bbac478edc92f05d6"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 189ms
59ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 293868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:46:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 195ms
73ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 408470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 17:56:19 GMT

GET
H2 200 31f4a3d959786741fd234d50a0b0fdfad64fc35e Show response
player.field59.com/v4/vp/kwtv/ 5 KB
3 KB 411ms
355ms Script
application/javascript 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/v4/vp/kwtv/31f4a3d959786741fd234d50a0b0fdfad64fc35e
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1648493084903
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43518120782bbcca736108422bd2acc1a4dfe301aeabca867ef925c10f15286a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 Apr 2022 09:15:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 04 Apr 2022 11:39:09 GMT
cache-control: max-age=600, public, s-maxage=600
cf-ray: 6f69ad106a9b9188-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 661 KB
156 KB 38ms
9ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1648493084903
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e89519a4b03c270fa4964f78715f07eed240b7f1a1bbe16ae155aae33123a48c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: Pfo1gyB5GY5Ks5M2MmJcGjfjC5tnsi0Y
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:19 GMT
server: AmazonS3
age: 76
etag: W/"2d8485e26b6a4aea5f049c8dbfb79ba8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 04 Apr 2022 11:22:54 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: CU5P5G8nWFpR3xlySSFtSjwjfZF1Tqgh0hXfvm-Zpi_GUxwCScrKIw==

GET
H2 200 zipInput.ejs Show response
www.news9.com/views/partials/ 648 B
1 KB 110ms
109ms XHR
application/octet-stream 2600:9000:214f:fe00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/views/partials/zipInput.ejs

Requested by

Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1648493084903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:fe00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

320e48973b75574afce198236b2ee06ff1a93843f870334dba25cd7f837af6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Origin
content-length: 648
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Mar 2022 23:44:34 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
etag: W/"288-17fd8111ad0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
cache-control: public, max-age=518400
accept-ranges: bytes
x-amz-cf-id: f3adfhnbNRO-fNL6uXibPEQNeCqo3z3MCWpOXOgBpg9CKdZQBUZwRQ==

GET
H/1.1 200
OK 73179 Show response
baron.kwtv.com/reports/metar/zip/ 1 KB
1 KB 510ms
98ms XHR
application/json 52.6.252.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baron.kwtv.com/reports/metar/zip/73179
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1648493084903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.252.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-252-104.compute-1.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: 5b6abe5c47237c8d715fd3f97e84733d315881c135e7f0a3a2f93e4343e4cf7c

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 11:24:10 GMT
Content-Encoding: gzip
ETag: W/"48a-NflnTZxOxXphD28eGFOgd8vDX6A"
Server: nginx/1.12.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=60
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 650

GET
H/1.1 200
OK kwtv-production.js Show response
hot-town-closings.s3.amazonaws.com/ 2 B
507 B 417ms
113ms XHR
application/json 52.217.197.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hot-town-closings.s3.amazonaws.com/kwtv-production.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1648493084903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.197.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 11:24:10 GMT
Last-Modified: Mon, 04 Apr 2022 11:21:48 GMT
Server: AmazonS3
x-amz-request-id: 20YCRR0D5CWX5JWT
ETag: "d751713988987e9331980363e24189ce"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 2
x-amz-id-2: qiadx7BhXYlWBVru+zfYe6zk3vNZ12sAXYaYStKNV6h/8B0Sz5KVwXql06TfUt2hn+jRIXCHh7g=

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 82ms
30ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1648493084903

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 04 Apr 2022 11:24:09 GMT
x-host: s7.addthis.com
content-length: 116421

GET
H2 200 okc-indian-clinic.1648519422959.jpeg
images.news9.com/kwtv/production/2022/March/28/ 9 KB
9 KB 9ms
8ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9.com/kwtv/production/2022/March/28/okc-indian-clinic.1648519422959.jpeg?width=320&height=180&fit=crop

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

bdf98b2e5e973ecec03446baff506d6a826e27c1f7d52197474680ae766afcc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Mar 2022 02:04:09 GMT
server: imgix
age: 552000
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 6e2a594d637c0600733bb45498639a9c447bd1c9
accept-ranges: bytes
content-length: 9236
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10040-SJC, cache-hhn4054-HHN

GET
H2 200 h180
redirect.field59.com/video/thumb/b9329aeae0c27db0a4ee77b3ac1aab5c3935bfb0/w320/ 9 KB
9 KB 184ms
33ms Image
image/webp 104.16.58.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/b9329aeae0c27db0a4ee77b3ac1aab5c3935bfb0/w320/h180
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.58.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01bb36f93c77657795fe8c2ec81f92bb2e66a8aef114769c0b777f7c10806e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
x-image-transform-time: 90.9ms
cf-cache-status: HIT
age: 26128
cf-polished: qual=85, origFmt=jpeg, origSize=9356
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 168.083ms
last-modified: Mon, 04 Apr 2022 04:05:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 11 Apr 2022 04:05:07 GMT
cache-control: max-age=604800, public, s-maxage=604800
cf-ray: 6f69ad111b739a0c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 -------------.1649035827774.jpeg
images.news9.com/kwtv/production/2022/April/3/ 16 KB
17 KB 9ms
9ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9.com/kwtv/production/2022/April/3/-------------.1649035827774.jpeg?width=320&height=180&fit=crop

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

095bf6b855ffa1001b47d0e426e2850631d6c4e7b782e8416b843137194653ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Apr 2022 01:31:51 GMT
server: imgix
age: 35538
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 088405c78f7fc3f7c645e47a674f21d12cfa36ad
accept-ranges: bytes
content-length: 16796
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10083-SJC, cache-hhn4054-HHN

OPTIONS
H2 204 v2
api.viafoura.co/v2/www.news9.com/bootstrap/ Frame 0
0 296ms
96ms Preflight 2600:1f18:44f0:4840:880:96a6:bfe8:21df
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.news9.com/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4840:880:96a6:bfe8:21df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.news9.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.news9.com
access-control-max-age: 1728000
cache-control: max-age=0
date: Mon, 04 Apr 2022 11:24:09 GMT
expires: Mon, 04 Apr 2022 11:24:09 GMT
server: nginx/1.18.0 (Ubuntu)

POST
H2 200 v2 Show response
api.viafoura.co/v2/www.news9.com/bootstrap/ 6 KB
3 KB 302ms
110ms XHR
application/json 2600:1f18:44f0:4840:880:96a6:bfe8:21df
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.news9.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4840:880:96a6:bfe8:21df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52d62bc48092312697bd7f703bb259947476b4598504ae748f44722592977bda

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-0dd0dcd3f58e5cd89
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.news9.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Mon, 04 Apr 2022 11:24:10 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 54ms
7ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:09 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=47449
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 acv.json Show response
voraciousgrip.com/ 210 KB
46 KB 88ms
22ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/acv.json

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
last-modified: Fri, 01 Apr 2022 03:39:28 GMT
x-datacenter: gce-europe-west1
date: Mon, 04 Apr 2022 11:24:09 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: application/json
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
accept-ranges: bytes

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 60ms
8ms Image
image/gif 2600:9000:214f:d600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
age: 20804975
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: QWth2frMD6DB01iKzoyQWlgZYBnmcpvPkKM1YROHhL4iHcInk_WVlw==

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 318ms
115ms Script
text/javascript 3.213.149.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack&prx_referrer=https%3A%2F%2Ft.co%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-149-116.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 84ad9414ff86a7781f000f3d1b8feddbffc6e7847ea69b2e0a96c4ef22cdc3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 1147
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 190ms
59ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6560
date: Mon, 04 Apr 2022 09:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Apr 2022 11:34:50 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15283051&ns__t=1649071449331&ns_c=UTF-8&c8=Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e6...
https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1649071449331&ns_c=UTF-8&c8=Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e...

0
190 B

9ms
9ms

Image
text/plain

99.86.7.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1649071449331&ns_c=UTF-8&c8=Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack&c9=https%3A%2F%2Ft.co%2F
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Server: 99.86.7.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-38.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: I5vNJvM4VV4ujt9CxvTqLcCJUBvojTRzMxf5xvSDrEoKAVmmO28zjw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=15283051&ns__t=1649071449331&ns_c=UTF-8&c8=Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack&c9=https%3A%2F%2Ft.co%2F
date: Mon, 04 Apr 2022 11:24:10 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: mNKasdY_7boRPKuFCZQYWRHWv-As5UkjKOCKiihjEctVH8DSd9KNHA==
x-cache: Miss from cloudfront

GET
H2 200 main-c335bac439.css
player.field59.com/release-3.19.5/css/ 58 KB
11 KB 24ms
24ms Stylesheet
text/css 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/release-3.19.5/css/main-c335bac439.css
Requested by: Host: player.field59.com
URL: https://player.field59.com/v4/vp/kwtv/31f4a3d959786741fd234d50a0b0fdfad64fc35e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a48885dafbf847141d353245399a4fc91db653213dfef0dded37a7c56442390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 18:13:38 GMT
server: cloudflare
age: 586816
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6f69ad12af699188-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires: Wed, 30 Mar 2022 21:03:34 GMT

GET
H2 200 html5_dfp-131552293d.js Show response
player.field59.com/release-3.19.5/js/ 631 KB
182 KB 41ms
41ms Script
application/javascript 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/release-3.19.5/js/html5_dfp-131552293d.js
Requested by: Host: player.field59.com
URL: https://player.field59.com/v4/vp/kwtv/31f4a3d959786741fd234d50a0b0fdfad64fc35e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcc9e66f50570314f67d8c15efd5e94b83883e7575665200a98712271a0e5e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 18:13:38 GMT
server: cloudflare
age: 400524
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6f69ad12af6c9188-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires: Wed, 06 Apr 2022 20:04:02 GMT

GET
H2 200 fpicons.woff
cdn.field59.com/player/fonts/ 3 KB
4 KB 56ms
24ms Font
application/x-font-woff 104.16.61.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.field59.com/player/fonts/fpicons.woff
Requested by: Host: player.field59.com
URL: https://player.field59.com/release-3.19.5/css/main-c335bac439.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.61.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddaa0d52bb744fbadd01e0d802c1703e49d7650eeb66bded570111b6c9752528

Request headers

Referer: https://player.field59.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
cf-cache-status: HIT
age: 592963
cf-ray: 6f69ad1398969a41-FRA
content-length: 3040
x-amz-id-2: D5uO3WNuudYZEwOooFYVvpy9jJp1/LLj/ekupQ53cecK8XuBf0RVJUWvLuNkFJr8N6bG1qGpF/w=
last-modified: Mon, 18 Apr 2016 20:34:41 GMT
server: cloudflare
etag: "725a886c5970c00ffa65a5d67df6e8d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-request-id: 976KP5RCGKWDNFE9
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-version-id: Rr4yR713iQpY_NTbPM11Z3Q_LeKl8mSf
accept-ranges: bytes
content-type: application/x-font-woff
expires: Mon, 04 Apr 2022 12:24:10 GMT

GET
H2 200 fp6_play_white.png
cdn.field59.com/player/ 3 KB
4 KB 20ms
20ms Image
image/webp 104.16.61.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/player/fp6_play_white.png
Requested by: Host: player.field59.com
URL: https://player.field59.com/release-3.19.5/css/main-c335bac439.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.61.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d286e31993062c84db7d15274216bef3d70b38cf4e25439abe6e2834f12786ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.field59.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
cf-cache-status: HIT
age: 1832113
cf-polished: origFmt=png, origSize=7587
last-modified: Tue, 15 Dec 2015 22:46:58 GMT
content-length: 3414
content-disposition: inline; filename="fp6_play_white.webp"
x-amz-request-id: R69XH5S45GD94NQ2
x-amz-id-2: T7uITSqrg4jnJxfHaw/kDO346VPyLxOs5bl8nKl7iJywcSQhMsQ9CYGW0NGgO0/XezOu158wvyo=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "98a1b8195b25ce442ea127ddeb0b2e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-amz-version-id: wFl7bOHWyEiYwrIqRQCGXEEKkkbsRATT
accept-ranges: bytes
cf-ray: 6f69ad1379ee91dd-FRA
expires: Mon, 04 Apr 2022 12:24:10 GMT

GET
H/1.1 200
OK cloudy.svg
griffin-communications.akamaized.net/baronIcons/day/ 534 B
818 B 402ms
402ms Image
image/svg+xml 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/baronIcons/day/cloudy.svg
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b991c1ea66dc32cad7cd6a7204502bb2f250bd6f572de06a875decfaf7abab90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 11:24:10 GMT
Last-Modified: Wed, 26 Jun 2019 16:04:35 GMT
Server: AkamaiNetStorage
ETag: "41d19645e397941aaea24db0fecae932:1580959042.855185"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 534

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 215ms
72ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: player.field59.com
URL: https://player.field59.com/release-3.19.5/js/html5_dfp-131552293d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09abb36a338941557a6448752c20db1217405105a356b9027a0e93450ec36869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
server: sffe
etag: "1177 / 356 of 1000 / last-modified: 1649062076"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Apr 2022 11:24:10 GMT

GET
H2 200 ima3.js Show response
s0.2mdn.net/instream/html5/ 375 KB
126 KB 220ms
77ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/html5/ima3.js

Requested by

Host: player.field59.com
URL: https://player.field59.com/release-3.19.5/js/html5_dfp-131552293d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8892b221847a8b63f7691aafa26375f8fd8cfa04756f22c0407d9b3ed1299fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127865
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Apr 2022 11:24:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 143ms
70ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1914235067&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=24626123&gjid=290727108&cid=1036299329.1649071450&tid=UA-572554-6&_gid=303375189.1649071450&_r=1&gtm=2wg3u0NXTXTZN&z=2033948365

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2brv6CZNE3gbGS6V5-rd3emWbInsHBgej_NTjK3tWlVmOwyaAA-BdARkcOmnyUSN7DieDkvM Show response
voraciousgrip.com/ 209 B
341 B 26ms
22ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2brv6CZNE3gbGS6V5-rd3emWbInsHBgej_NTjK3tWlVmOwyaAA-BdARkcOmnyUSN7DieDkvM

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

2fd1627d257dbc109425c4098421a6b6895d3badc225a6906f68ae280578f885

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Mon, 04 Apr 2022 11:24:10 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Mon, 04 Apr 2022 11:24:09 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 101ms
98ms Image
image/gif 3.213.149.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8552295&ntv_pl=1073330&prx_referrer=https%3A%2F%2Ft.co%2F
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-149-116.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
99ms Image
image/gif 3.213.149.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=dfe4c752-055b-446c-b8dd-abda97d59388&ntv_fl=CF4se3gYGjAPzQcMJoAeWehIMXjYSzBiq7xgGoY77uI6P6fYQ5Phl3BijzTpViYUZG164W_mosjvzb1LdYqyXjiK_0sl-O8VtdGtBpmiZTZohq5_rBd-s3aXI-GrHOFHSLc2aFvkof8CkNA-qafGm7bJznuZpE6hMpi4w11wLtPfZnidBHINyvSrJtjOEmvhgWOVViWI5YJ2VjFF-t4oxZP8Xsh8B5emZlvc7eKAr68gNJ2ATNbfmqs7yuL7a9fcILXg-qVFoDy6Rq8UPvK_ew==&ntv_ht=WtVKYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAsmAQA&ord=1649071449652&prx_referrer=https%3A%2F%2Ft.co%2F&ntv_it
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-149-116.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 104ms
102ms Image
image/gif 3.213.149.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=dfe4c752-055b-446c-b8dd-abda97d59388&ntv_fl=CF4se3gYGjAPzQcMJoAeWehIMXjYSzBiq7xgGoY77uI6P6fYQ5Phl3BijzTpViYUZG164W_mosjvzb1LdYqyXjiK_0sl-O8VtdGtBpmiZTZohq5_rBd-s3aXI-GrHOFHSLc2aFvkof8CkNA-qafGm7bJznuZpE6hMpi4w11wLtPfZnidBHINyvSrJtjOEmvhgWOVViWI5YJ2VjFF-t4oxZP8Xsh8B5emZlvc7eKAr68gNJ2ATNbfmqs7yuL7a9fcILXg-qVFoDy6Rq8UPvK_ew==&ntv_ht=WtVKYgA&ntv_at=321,322,333&ntv_a=AAAAAAAAAAsmAQA&ntv_jlt=1259&ntv_jad=335&ntv_jte=8&prx_referrer=https%3A%2F%2Ft.co%2F&ntv_it
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-149-116.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
101ms Image
image/gif 3.213.149.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=fb3215b6-117e-48d0-89b0-87fa0637a5ee&ntv_fl=CF4se3gYGjAPzQcMJoAeWYq7dU39QaYvEU0JUEmEHQvawqaSJV9MHSD3rQGShp9I90KOn3L2lqflqPeN4KjInUnGQhg061bF0kmIq1PptRQ6MD9gKu9f0VB4K3JG7xrfjTG4gmFar-unwe9Qx_43N2z12nTdX76NKhsXgOGTj9plCOlzaPIBLmap66eN2Np7qpuvk3sFMCq9xTPG2aEBJaCBCVOXI-k_sZmAECyqkSNhK_nSK_wXqqevPpNeynx9ey9zixaG7nn44iHGCmx_Dg==&ntv_ht=WtVKYgA&ntv_at=303&ntv_a=AAAAAAAAAAwxwRA&ord=1649071449663&prx_referrer=https%3A%2F%2Ft.co%2F&ntv_it
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-149-116.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 104ms
103ms Image
image/gif 3.213.149.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1121475&ntv_gdpr_consent=&prx_referrer=https%3A%2F%2Ft.co%2F&ntv_it
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-149-116.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 v2xoeS8jo-cb3X56-ralCJgbAXAlNlrLmQavVq60t0UmI8QbkkCVgISuHmWpntlxwdT7dvOYZ Show response
voraciousgrip.com/ 2 KB
783 B 297ms
296ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2xoeS8jo-cb3X56-ralCJgbAXAlNlrLmQavVq60t0UmI8QbkkCVgISuHmWpntlxwdT7dvOYZ

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

5e4befb8c314e033b41bdd60dfbe9d131445e609faaab81b4e8542bed1df7f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
date: Mon, 04 Apr 2022 11:24:10 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 742

GET
H2 200 thirdpartycookie Show response
api.viafoura.co/v2/www.news9.com/ 45 B
647 B 105ms
104ms XHR
application/json 2600:1f18:44f0:4840:880:96a6:bfe8:21df
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.news9.com/thirdpartycookie?section=
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4840:880:96a6:bfe8:21df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-09059031bbe325efa
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.news9.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Mon, 04 Apr 2022 11:24:10 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 120ms
38ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-572554-6&cid=1036299329.1649071450&jid=24626123&gjid=290727108&_gid=303375189.1649071450&_u=YEBAAEAAAAAAAC~&z=2123412700

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Apr 2022 11:24:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 intl-messageformat.7abcaad06161efae937e.js Show response
cdn.viafoura.net/chunks/vendors~languages/ 17 KB
5 KB 19ms
18ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.7abcaad06161efae937e.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b317f976264b87cea799544f3af2f329afb6cfeab2c3faf5d78102b182bc5e7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:03 GMT
server: AmazonS3
age: 321943
etag: W/"567ea581e3e1873e5b3a892b9bd3c630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 1U6CV9fsDvFU_95K14e5GJw3kAd.XT02
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: B-t8GLp5JBCewWneAtSa6ndoTZXMGb-xaihcVPXeykjEIQSI4Y8P9w==

GET
H2 200 intl-messageformat.932f5bdd8501f8aca1e9.js Show response
cdn.viafoura.net/chunks/languages/ 134 B
561 B 20ms
20ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/intl-messageformat.932f5bdd8501f8aca1e9.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4668799ab61f49b55165a79befcbeca12bff731584882fa8528b68fcbd0b538a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:29 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 17:57:55 GMT
server: AmazonS3
age: 321942
etag: "1313c52f983f37feab7fb89491493293"
x-cache: Hit from cloudfront
x-amz-version-id: o2.wOibjv5rRtf0YTad7GHn4oKEpgxZJ
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 134
x-amz-cf-id: gZsSCP9lWabqqyhujkSEyZYmBi48mA6g7-8kH7b6jrlT5joiiIZxxQ==

GET
H2 200 en-us-base-json.2ed140ca116dbab98f42.js Show response
cdn.viafoura.net/chunks/languages/ 19 KB
5 KB 20ms
20ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-base-json.2ed140ca116dbab98f42.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6c217cf4a70824e150c9b84635540ccebfacd9f4a6b024d8d3d13e7226ca0ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:29 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:57:56 GMT
server: AmazonS3
age: 321942
etag: W/"dc9b47e81a8086b22edb56f64883dacd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 3eA8K.1rXds9vFyLIxzNdd1G4tGLc7yh
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: gqBl5IZFWpBGjyiUWVJRSevQpg6Z2ydmgcCBhXPMS84AyfJf5T8a4g==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 256ms
87ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-572554-6&cid=1036299329.1649071450&jid=24626123&_u=YEBAAEAAAAAAAC~&z=784393602

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 247ms
87ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-572554-6&cid=1036299329.1649071450&jid=24626123&_u=YEBAAEAAAAAAAC~&z=784393602

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vf-css.80580187040765a9f6e2.js Show response
cdn.viafoura.net/chunks/ 122 KB
17 KB 8ms
8ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vf-css.80580187040765a9f6e2.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77c6763beed81dcf1db78bc1c5d259c97c5468a3c3054a239610c228eedf824c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:11 GMT
server: AmazonS3
age: 321943
etag: W/"b5ac15055cf557f7ab7fb384dd0a5f48"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: BcSsCcYjZevlp_nLHcRKfIgtlrrDr2MR
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: APwtJZikTFrQHrwJ3N6QS42aCSXxRi19F4mWv0DCifxVi9rs3o8sSw==

GET
H2 200 bridge3.508.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 71F2 592 KB
193 KB 208ms
60ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e21c0b93290490c1b1bcd3c541dc358b4f5bb43b24d954dc075e82fe48dcaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 180590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 197186
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Apr 2022 09:14:20 GMT
expires: Sun, 02 Apr 2023 09:14:20 GMT
last-modified: Mon, 28 Mar 2022 15:10:05 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 158ms
80ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Apr 2022 11:24:10 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F14A 37 KB
13 KB 212ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 04 Apr 2022 11:52:12 GMT

OPTIONS
H2 200 id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/contentcontainer/ Frame 0
0 318ms
96ms Preflight 35.170.84.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/contentcontainer/id?container_id=story-6242690e64d0e8070c7f5907
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.84.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-84-146.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.news9.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: DELETE,PATCH,POST,GET,PUT
access-control-allow-origin: https://www.news9.com
access-control-max-age: 43200
content-length: 0
date: Mon, 04 Apr 2022 11:24:10 GMT

GET
H2 200 0.5f00e6801f66f4370964.css
cdn.viafoura.net/ 86 KB
10 KB 8ms
7ms Stylesheet
text/css 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/0.5f00e6801f66f4370964.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8971b76f8f001094d93e582a3b161fdb36f8f2be1596a46b832598d229a5f308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:29 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:17 GMT
server: AmazonS3
age: 321942
etag: W/"d6428e6fd23320c217fed10bff63545e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WjnmkpekO.8IFPHMs966drBjHbznhI_.
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: 72Puoz3hB8x5Ar9luIt7be1ldxrKqjvtpthPTlBSR6HVD5K5gqs5Hg==

GET
H2 200 da.45bd94498966a2706ced.js Show response
cdn.viafoura.net/chunks/ 143 KB
34 KB 9ms
8ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/da.45bd94498966a2706ced.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 370643553d67d699cb2e06f15633a6e0bcd366b7e14deb71066b911a8e7a0b1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:07 GMT
server: AmazonS3
age: 321942
etag: W/"cab89d0c7156bef8775a1cb71366de92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 9OeqrACKS93Zve72cqQu37aRr3w5BfKL
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 1uzxkgoNLgt_4ntETQOXmDWTkwvGF46bUFPOCk8PUPk56YC5-NTbkw==

GET
H2 200 134.7eb70ed54018967fa0ee.css
cdn.viafoura.net/ 1 KB
855 B 10ms
9ms Stylesheet
text/css 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/134.7eb70ed54018967fa0ee.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d369ebcbbfca180c5e687dff8011a4d524b9490f21aaaeb7b8b5f79685778b17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:29 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:17 GMT
server: AmazonS3
age: 321942
etag: W/"cd319e3357668ac070b24c2c39dc949e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: nH2z8MUW90E0svXQjAVt.XVR5ZOtsfBJ
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: 46nu279eNTnyZBsya6m59qR3DSlr49TRHF3zJpo8bdmHgc5Oy7lwjg==

GET
H2 200 tray-trigger.38cb8e2ceb1b25a1faa7.js Show response
cdn.viafoura.net/chunks/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/tray-trigger.38cb8e2ceb1b25a1faa7.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b273ef870332c963ecfac6a7fd48fa13c0b58d1c3cc513c00ad9c0680aff738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:29 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:10 GMT
server: AmazonS3
age: 321942
etag: W/"19089605150a99d668eecfc6afe28598"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: a4NVlu_5mcmqUG9FwxBl740bNHMufuUx
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: CtImFI5sHRvqz1hka2289-3X-I4sLozSocs_iGCgy3jLEk_dAZqXag==

GET
H2 200 en-us-conversations-json.40fe2ec9a126c6034f66.js Show response
cdn.viafoura.net/chunks/languages/ 14 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.40fe2ec9a126c6034f66.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee7fa9758461125ca596582dc9082a355124c94c6b989f188bac28ad1ff5c191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:29 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:57:59 GMT
server: AmazonS3
age: 321942
etag: W/"90961159f3d814380877bc80bcc47368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: UoTvhX1tZ8tjO5UHJeGESgCdMGmSRPMJ
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: v1C35A-NBNActrmgPaAL5PmRn-Ejqau3pvWeVsPPRIr5rOgukumUZQ==

GET
H2 200 madops.min.js Show response
rdc.m32.media/ 56 KB
16 KB 271ms
140ms Script
application/javascript 35.227.246.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdc.m32.media/madops.min.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.246.163 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.246.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 /
Resource Hash: 33e241bd3dc5eac96f6be0fa45963738f60219779d7c7796761cb87d3315eb8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 15:50:54 GMT
server: nginx/1.10.3
etag: W/"6245cdde-deb8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
expires: Mon, 04 Apr 2022 11:39:10 GMT

GET
H2 200 content_container-module-js.7f71e67b6b6b5604d7f9.js Show response
cdn.viafoura.net/chunks/vuex_store/ 2 KB
1 KB 24ms
23ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.7f71e67b6b6b5604d7f9.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c12ff576ee8522456cb01bb8b5e84490927f632d887bdcb320b74d207c4ee5e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:02 GMT
server: AmazonS3
age: 321943
etag: W/"c768b34e35b5d07c8da5128418280995"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WGzEx.sGm4VMs_7gm07jxdeZwNL.iAV9
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yieeNG-J0M-1FR9BouKBeeGChINWkgtffA8D1r9LDKK9wEMl8V_XVw==

GET
H2 200 id Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/contentcontainer/ 762 B
461 B 107ms
106ms XHR
application/json 34.196.163.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/contentcontainer/id?container_id=story-6242690e64d0e8070c7f5907
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.163.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-163-206.compute-1.amazonaws.com
Software: /
Resource Hash: 0bfd435d428c9a21241282448d24266c0ae03fcc59f60b1005b2aed97bfeb3e3

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Mon, 04 Apr 2022 11:24:11 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 308
content-type: application/json

GET
H2 200 ingest
i.viafoura.co/v3/www.news9.com/ 67 B
325 B 307ms
97ms Image
image/png 34.196.163.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.news9.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1649071450%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1649071450%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22referral%22%2C%22source%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%222f615aee-d27a-459d-8da1-ee9e5ce25ec1%22%2C%22firstVisit%22%3A1649071450%2C%22previousVisit%22%3A1649071450%2C%22currentVisit%22%3A1649071450%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22section%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageImage%22%3A%22https%3A%2F%2Fhot-town-images.s3.amazonaws.com%2Fkwtv%2Fproduction%2F2022%2FMarch%2F28%2Fokc-indian-clinic.1648519422959.jpeg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack%22%2C%22path%22%3A%22%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack%22%2C%22title%22%3A%22Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22A%20ransomware%20group%20has%20claimed%20responsibility%20for%20a%20cyber%20attack%20that%20put%20Oklahoma%20City%20residents%20financial%20data%20at%20risk.%22%2C%22topics%22%3A%5B%22Oklahoma%20City%20Indian%20Clinic%22%2C%22Suncrypt%22%2C%22OKCIC%22%5D%2C%22git%22%3A%22cc1fc7c048475703a03a5ead6173e00b18c9fa45%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.60%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22dc6ef560-a578-4dea-ae7e-2593d3b22bd4%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.163.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-163-206.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET roboto-500.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 0
0

GET
H2 200 roboto-italic.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 53 KB
53 KB 43ms
26ms Font
font/woff2 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-italic.woff2
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d81cea0747b72749235dbf26147ef5f8391f9b5c30497b6fb2d1881486512d4d

Request headers

Referer: https://www.news9.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:31 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
age: 321940
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 54136
last-modified: Wed, 16 Mar 2022 19:14:53 GMT
server: AmazonS3
etag: "d6014e8c7bc6e309f52ef06bd16549f4"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: T9FkvTpWYNLTEuaO9f9og7Ls0sqBTZbr
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: jKBw3ZaRrCdTchjkTDU9948Dr3i6bX-zNj6Z3znwOV3THUXGj6u7JQ==

GET
H2 200 vendors~chat_js~comments_js~liveblog_js.912e33be1b9c41623ce9.js Show response
cdn.viafoura.net/chunks/ 23 KB
8 KB 19ms
4ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~chat_js~comments_js~liveblog_js.912e33be1b9c41623ce9.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d561d3818d8d1bba19675db767ac3b4384f0670e39d722d212e72175dbe54154

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:15 GMT
server: AmazonS3
age: 321942
etag: W/"33bf3abc3086339b31724b39f12374f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: mcHEmTxpp6w_IfsmzjnJXC2NiJLvAI3v
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Wz9AsmviHFQB1g4t1krKTpF8mCW6oNJqExRA8mhqJv8kpggRUpSadw==

GET
H2 200 vendors~comments_js~liveblog_js.3818ed883ef19a9d0b5e.js Show response
cdn.viafoura.net/chunks/ 268 KB
55 KB 21ms
8ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~comments_js~liveblog_js.3818ed883ef19a9d0b5e.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e1228ec53d00d5066167b8a39e8f2bec70abf0c97e0972ea0a099494b395dd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:11 GMT
server: AmazonS3
age: 321942
etag: W/"80ca114ad5a074e521a99877029a80ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: GHE9zT59EbS8oIFlAnoZ0uorktWVNAWY
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: m6gDoCxM6dUsnMMnMq3GE_rlqlrZJX9jTiLqGor2jF57WpYkIWHxFA==

GET
H2 200 4.6a67359a2447ec5284fc.css
cdn.viafoura.net/ 4 KB
1 KB 18ms
6ms Stylesheet
text/css 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/4.6a67359a2447ec5284fc.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb0a90dd01b8934f8106c94bf458e052fd7f495159b9046c9a5bec0123d72915

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:16 GMT
server: AmazonS3
age: 321942
etag: W/"0a3ab5f716ac6871b8671c387da6abef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: rsvcNnnSEwUK2KclKElmqDgs1GPTwFJ2
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: 1RgiPEU9FQm85tZM3kCqA4l54kBuP9YpElO4jsI8j_rlV1uDgy8QDQ==

GET
H2 200 default~chat_js~comments_js~liveblog_js.84a05c8fb6e52ed27f31.js Show response
cdn.viafoura.net/chunks/ 14 KB
5 KB 31ms
18ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/default~chat_js~comments_js~liveblog_js.84a05c8fb6e52ed27f31.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 791fdc84ddbedaa55e42d4b24d5d77dc052c7c4dd9fe4d4fceb75e1bf0ac2d40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:07 GMT
server: AmazonS3
age: 321943
etag: W/"957e79982a20381048d2ecac65334f48"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WPehqdyo5vWOmRYTDO54pOuHjutO33r5
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: H3UzwlRCFB9rMfTHKySZsVoq0EtIxT8Uaj0uDhHoyuSjywXP5HXxIA==

GET
H2 200 31.2778e3c601a5ea26cb76.css
cdn.viafoura.net/ 69 KB
10 KB 19ms
7ms Stylesheet
text/css 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/31.2778e3c601a5ea26cb76.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83fc36d42aac26c24cd9772c8bd11a65e3f7f2cc0e687755151d72f2dbea3f89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:16 GMT
server: AmazonS3
age: 321943
etag: W/"2ebec4bfa2599811dba3148383625567"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 8DqHPjbInZJLNyRtKUiTsAsGVMzWyGSA
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: 817esPnw8OFlHwMroK3xlH5071t-nQbxwMoDYI029J9uQFO0INTKUA==

GET
H2 200 comments_js.a42caeb491161e439f52.js Show response
cdn.viafoura.net/chunks/ 231 KB
44 KB 30ms
19ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/comments_js.a42caeb491161e439f52.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43bff1a54870a301e61074e22497a8ca9773b44e01e2f3355f348095f9ac157c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:06 GMT
server: AmazonS3
age: 321943
etag: W/"40a15eaa79a4c27d75feab8114de9aa9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: o1wH3nDyCQubsyu0NEmf4XIHVz5Kh1_8
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: _zkEkzqdqVS4jgWbYVysCA8767XiCDPUUsQyYMJlgUa8Fd2_pe6uMQ==

GET
H2 200 livecomments-module-js.cefae952e4cbd786a4e4.js Show response
cdn.viafoura.net/chunks/vuex_store/ 30 KB
7 KB 35ms
27ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/livecomments-module-js.cefae952e4cbd786a4e4.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2073b23ab67fa8875a43be75f06369e507473b0c8f2ac11b888ddfa938d4328e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:02 GMT
server: AmazonS3
age: 321943
etag: W/"1ef1cf595fdf6cf278751d3268d95afd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: PTKS2gI1GIK6P7EV2mGQjAJ_Y07HuEoJ
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: LZ8R7kX0aLmOVSm3exEEAmS963qDiJ5XVQkwEp5PPf36WOqikFvQmg==

GET
H2 200 content-module-js.cfcd83e1aa95dd7670ce.js Show response
cdn.viafoura.net/chunks/vuex_store/ 11 KB
3 KB 35ms
28ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/content-module-js.cfcd83e1aa95dd7670ce.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b34121da736f50831c521fe0cb89e495b0d368a08b006b11b72c9cebf2aa8f12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:02 GMT
server: AmazonS3
age: 321943
etag: W/"4d946f19c1926eba7aa65047a608af49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: N7Xo4rHh1ywPt5EaQAh0ywNSms75wfy0
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: jNNl4vfp4Ya-fHcEkS8i4vXg6kTdHrF-vChZD4LEegIYxyV0vfOHGw==

GET
H2 200 threads-module-js.25c9a52192a2b52e0b11.js Show response
cdn.viafoura.net/chunks/vuex_store/ 12 KB
4 KB 35ms
28ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/threads-module-js.25c9a52192a2b52e0b11.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9a2c9deec7d632d704697714081a3ace859d2f01e4fd7d323c053711d39b6ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:03 GMT
server: AmazonS3
age: 321943
etag: W/"6012cf7fdcdbfe3d821df72e494c97d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: YM2v0ty2tZmmnaWVNg_cDrrdvzwrBLPo
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: bTYNQaL4Hf-H0YhR3Rgyec83dtUrQ1IW_lvHWCSsamlj1ElwiSrZZQ==

GET
H2 200 interaction-module-js.ad1879ce67d5356d28c3.js Show response
cdn.viafoura.net/chunks/vuex_store/ 1 KB
1 KB 35ms
29ms Script
application/javascript 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/interaction-module-js.ad1879ce67d5356d28c3.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ffa64a4c20126ab0edb8432e5d90d7c66ecd9066e42b271c82aa90df3920f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 17:58:02 GMT
server: AmazonS3
age: 321943
etag: W/"3c0e22c4aa263a908ea51d9f811a9fb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: smgm.cnlrwAHYOWOrGeB0d6Ccs4zQ7RE
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: -2wbsGA3bkN-5610vkg7ZAn3m8J_VXmhmArbo1r5UPHg3HRbiwQjDw==

GET
H2 200 00000000-0000-4000-8000-64d101d2ef8e Show response
livecomments.viafoura.co/v4/livecomments/ 877 B
494 B 124ms
123ms XHR
application/json 34.196.163.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e?limit=3&container_id=story-6242690e64d0e8070c7f5907&reply_limit=2&sorted_by=newest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.163.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-163-206.compute-1.amazonaws.com
Software: /
Resource Hash: bdb9e00e3a9cf710385a379700831ef957a2c3e9dec4473bf5da13fbc2a36a42

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Mon, 04 Apr 2022 11:24:11 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 341
content-type: application/json

GET
H2 200 roboto-500.woff
cdn.viafoura.net/front/assets/fonts/roboto/ 64 KB
64 KB 13ms
12ms Font
font/woff 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-500.woff
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c93f4332daa92f95a2c2446599d6cf9e87b00b20d60db827af63b0e4a3feb22b

Request headers

Referer: https://www.news9.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:45 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
age: 321926
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 65492
last-modified: Wed, 16 Mar 2022 19:14:53 GMT
server: AmazonS3
etag: "08926d7a008503f9c640b1772c225476"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: N8Tv8G4uCtqlmBXmWjbMRdT7Jf897f7P
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: font/woff
x-amz-cf-id: aayBVBBpJxsEsC9hXoKClE3CIoCwMzYBRUVjllffSBpMtDqxAekSUQ==

OPTIONS
H2 200 00000000-0000-4000-8000-64d101d2ef8e
livecomments.viafoura.co/v4/livecomments/ Frame 0
0 232ms
97ms Preflight 35.170.84.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e?limit=3&container_id=story-6242690e64d0e8070c7f5907&reply_limit=2&sorted_by=newest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.84.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-84-146.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.news9.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: PUT,POST,GET,PATCH,DELETE
access-control-allow-origin: https://www.news9.com
access-control-max-age: 43200
content-length: 0
date: Mon, 04 Apr 2022 11:24:10 GMT

GET
H2 200 ingest
i.viafoura.co/v3/www.news9.com/ 67 B
324 B 100ms
97ms Image
image/png 34.196.163.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.news9.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1649071450%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1649071450%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22referral%22%2C%22source%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%222f615aee-d27a-459d-8da1-ee9e5ce25ec1%22%2C%22firstVisit%22%3A1649071450%2C%22previousVisit%22%3A1649071450%2C%22currentVisit%22%3A1649071450%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22section%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageImage%22%3A%22https%3A%2F%2Fhot-town-images.s3.amazonaws.com%2Fkwtv%2Fproduction%2F2022%2FMarch%2F28%2Fokc-indian-clinic.1648519422959.jpeg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack%22%2C%22path%22%3A%22%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack%22%2C%22title%22%3A%22Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22A%20ransomware%20group%20has%20claimed%20responsibility%20for%20a%20cyber%20attack%20that%20put%20Oklahoma%20City%20residents%20financial%20data%20at%20risk.%22%2C%22topics%22%3A%5B%22Oklahoma%20City%20Indian%20Clinic%22%2C%22Suncrypt%22%2C%22OKCIC%22%5D%2C%22git%22%3A%22cc1fc7c048475703a03a5ead6173e00b18c9fa45%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.60%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22dc6ef560-a578-4dea-ae7e-2593d3b22bd4%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22widget_type%22%3A%22vf-tray-trigger%22%2C%22v%22%3A1%2C%22event_type%22%3A%22analytics.bell_load%22%7D
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.163.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-163-206.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ConsentManager,Sticky2 Show response
voraciousgrip.com/v2pipEeMKO6Yjm5nfq3WWX3wyiUzfj_WUXyKjmpOee8N7j9rVtgy2-pBAPFgeD2a6PWEj1M0/ 274 KB
80 KB 34ms
34ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2pipEeMKO6Yjm5nfq3WWX3wyiUzfj_WUXyKjmpOee8N7j9rVtgy2-pBAPFgeD2a6PWEj1M0/ConsentManager,Sticky2

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

3f69bc2b3281bff6fc2af842c58310b09ab5f7fe9a7e2a5c452b1bd99c7ff32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "56524049d3e836e2855a8205dee65314c93d2f1f2a642617d09647f26df1a0e0"
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.news9.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Mon, 04 Apr 2022 11:24:10 GMT

GET
H2 200 all Show response
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-64d101d2ef8e/ 36 B
222 B 107ms
100ms XHR
application/json 34.196.163.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-64d101d2ef8e/all
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.163.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-163-206.compute-1.amazonaws.com
Software: /
Resource Hash: b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://www.news9.com
date: Mon, 04 Apr 2022 11:24:11 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 59
content-type: application/json; charset=utf-8

GET
H3 200 custom.json Show response
rdc.m32.media/adops/custom_files/news9.com/ 2 KB
891 B 174ms
138ms XHR
application/json 35.227.246.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdc.m32.media/adops/custom_files/news9.com/custom.json
Requested by: Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.246.163 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.246.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 /
Resource Hash: 318be3531145699bad141da61c6c144376ebdeada830b473d191b41ce2c88dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:11 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 10:41:24 GMT
server: nginx/1.10.3
etag: W/"624acb54-99d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
expires: Mon, 04 Apr 2022 11:39:11 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
653 B 145ms
73ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2pipEeMKO6Yjm5nfq3WWX3wyiUzfj_WUXyKjmpOee8N7j9rVtgy2-pBAPFgeD2a6PWEj1M0/ConsentManager,Sticky2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 10:10:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 11:24:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 11:24:11 GMT

GET
H2 200 ingest
i.viafoura.co/v3/www.news9.com/ 67 B
324 B 99ms
99ms Image
image/png 34.196.163.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.news9.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1649071450%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1649071450%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22referral%22%2C%22source%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%222f615aee-d27a-459d-8da1-ee9e5ce25ec1%22%2C%22firstVisit%22%3A1649071450%2C%22previousVisit%22%3A1649071450%2C%22currentVisit%22%3A1649071450%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22section%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageImage%22%3A%22https%3A%2F%2Fhot-town-images.s3.amazonaws.com%2Fkwtv%2Fproduction%2F2022%2FMarch%2F28%2Fokc-indian-clinic.1648519422959.jpeg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack%22%2C%22path%22%3A%22%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack%22%2C%22title%22%3A%22Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22A%20ransomware%20group%20has%20claimed%20responsibility%20for%20a%20cyber%20attack%20that%20put%20Oklahoma%20City%20residents%20financial%20data%20at%20risk.%22%2C%22topics%22%3A%5B%22Oklahoma%20City%20Indian%20Clinic%22%2C%22Suncrypt%22%2C%22OKCIC%22%5D%2C%22git%22%3A%22cc1fc7c048475703a03a5ead6173e00b18c9fa45%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.60%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22dc6ef560-a578-4dea-ae7e-2593d3b22bd4%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22content_container_uuid%22%3A%223218a0a0-b471-43a3-b590-f54aa70546fd%22%2C%22content_container_type%22%3A%22comments%22%2C%22widget_type%22%3A%22vf-conversations%22%2C%22v%22%3A1%2C%22event_type%22%3A%22analytics.container.load%22%7D
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.163.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-163-206.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 comments Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/3218a0a0-b471-43a3-b590-f54aa70546fd/ 38 B
216 B 103ms
102ms XHR
application/json 34.196.163.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/3218a0a0-b471-43a3-b590-f54aa70546fd/comments?limit=3&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.163.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-163-206.compute-1.amazonaws.com
Software: /
Resource Hash: accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Mon, 04 Apr 2022 11:24:11 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 64
content-type: application/json

OPTIONS
H2 200 comments
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/3218a0a0-b471-43a3-b590-f54aa70546fd/ Frame 0
0 98ms
97ms Preflight 35.170.84.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/3218a0a0-b471-43a3-b590-f54aa70546fd/comments?limit=3&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.84.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-84-146.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.news9.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: PATCH,PUT,POST,DELETE,GET
access-control-allow-origin: https://www.news9.com
access-control-max-age: 43200
content-length: 0
date: Mon, 04 Apr 2022 11:24:11 GMT

GET
H2 200 MSwwY2M0NjQ2ODllODM
images.getadmiral.com/ 3 KB
3 KB 80ms
37ms Image
image/png 2606:4700:3037::ac43:c1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MSwwY2M0NjQ2ODllODM

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b460056ee814c31634d52ab2725083363be94f487b706cddcc729aeacd7bec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-buildnumber: 456232094
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2579
server: cloudflare
x-datacenter: gce-europe-west1
etag: "c8a53abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9o0Z7zaDLxEUoDPuvY7YkbGovHP8o31qjbYs4pC89V4Ybj26a11K0P9OeCk%2BPvWe%2FCSUuOEiFN4LdMOHoi%2FLaUpotaO66sVW4fU1Z8trAOqrJ8I5ZOeMkS3meabOlWBri69%2BFDdlCaoksflRUX5kj9uIbTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=300
x-hostname: cole
cf-ray: 6f69ad1a78269bbf-FRA

GET
H2 200 / Show response
geoloc.m32.media/json/ 243 B
449 B 253ms
122ms XHR
application/json 35.227.201.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geoloc.m32.media/json/

Requested by

Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.201.248 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

248.201.227.35.bc.googleusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

456d3646ee55fb7937a52bf405af06c5aa4cb0196bac799047166a7bd5a71827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:11 GMT
content-encoding: gzip
x-database-date: Mon, 04 Apr 2022 02:00:13 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubdomains;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 37 KB
37 KB 132ms
60ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 18:02:08 GMT
x-content-type-options: nosniff
age: 408123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:02:08 GMT

POST
H2 200 v2brv6CZNE3gbGS6V5-rd3emWbInsHBgej_NTjK3tWlVmOwyaAA-BdARkcOmnyUSN7DieDkvM Show response
voraciousgrip.com/ 254 B
338 B 39ms
39ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2brv6CZNE3gbGS6V5-rd3emWbInsHBgej_NTjK3tWlVmOwyaAA-BdARkcOmnyUSN7DieDkvM

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

ee1a241caabc66bb347d6b64ac8367db9c84989003982ebfc004805cbaa2782f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Mon, 04 Apr 2022 11:24:11 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 254
expires: Mon, 04 Apr 2022 11:24:10 GMT

GET
H2 200 roboto-300.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 49 KB
49 KB 8ms
7ms Font
font/woff2 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-300.woff2
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5

Request headers

Referer: https://www.news9.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:29 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
age: 321943
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 50084
last-modified: Wed, 16 Mar 2022 19:14:53 GMT
server: AmazonS3
etag: "cb360a9e4e7b13ce18ddf311ba981d3f"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ocg_m_k4TTvJ0DWyVkdgIWW6oVxVa8Yx
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: bxS4EHGJXglPjC12O0fnA-sSnzNHY1WyVwtfl8J_pj0FJej2X9Yj9w==

GET
H2 200 defaultavatar.28fea6b8b2b5fdb61025943a5aac4c45.png
cdn.viafoura.net/assets/ 676 B
1 KB 8ms
7ms Image
image/png 2600:9000:2057:400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viafoura.net/assets/defaultavatar.28fea6b8b2b5fdb61025943a5aac4c45.png
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 17:58:28 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 17:57:50 GMT
server: AmazonS3
age: 321944
etag: "28fea6b8b2b5fdb61025943a5aac4c45"
x-cache: Hit from cloudfront
x-amz-version-id: 83A.J_9Hj7SKI3PF10hP_pH.I5wA7hdB
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 676
x-amz-cf-id: xThBCDa8-Q7dgaXSSTBrLXvpwcJ3DWsrgXLfIHzk_2n3XfmG27XpTw==

GET
H2 200 ingest
i.viafoura.co/v3/www.news9.com/ 67 B
324 B 100ms
100ms Image
image/png 34.196.163.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.news9.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1649071450%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1649071450%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22referral%22%2C%22source%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%222f615aee-d27a-459d-8da1-ee9e5ce25ec1%22%2C%22firstVisit%22%3A1649071450%2C%22previousVisit%22%3A1649071450%2C%22currentVisit%22%3A1649071450%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22section%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageImage%22%3A%22https%3A%2F%2Fhot-town-images.s3.amazonaws.com%2Fkwtv%2Fproduction%2F2022%2FMarch%2F28%2Fokc-indian-clinic.1648519422959.jpeg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack%22%2C%22path%22%3A%22%2Fstory%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack%22%2C%22title%22%3A%22Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22A%20ransomware%20group%20has%20claimed%20responsibility%20for%20a%20cyber%20attack%20that%20put%20Oklahoma%20City%20residents%20financial%20data%20at%20risk.%22%2C%22topics%22%3A%5B%22Oklahoma%20City%20Indian%20Clinic%22%2C%22Suncrypt%22%2C%22OKCIC%22%5D%2C%22git%22%3A%22cc1fc7c048475703a03a5ead6173e00b18c9fa45%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.60%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Oklahoma%20City%20Indian%20Clinic%20Suffers%20Cyber%20Attack%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22dc6ef560-a578-4dea-ae7e-2593d3b22bd4%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22widget_type%22%3A%22vf-conversations%22%2C%22v%22%3A1%2C%22event_type%22%3A%22analytics.bell_load%22%7D
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.163.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-163-206.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/griffinnewmedia/ 2 KB
743 B 48ms
41ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/griffinnewmedia/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20638b42fdffc8dd9040c0ddecd25184b1d67cd5051cefe4d32e7131b39164d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:24:11 GMT
content-encoding: gzip
etag: -2051436664--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=21, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 566

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 211ms
187ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=624ad5590aa1a157&bkl=0&bl=1&pdt=898&sid=624ad5590aa1a157&pub=griffinnewmedia&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.news9.com&dr=t.co&fp=story%2F6242690e64d0e8070c7f5907%2Foklahoma-city-indian-clinic-suffers-cyber-attack&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&mk=Oklahoma%20City%20Indian%20Clinic%2CSuncrypt%2COKCIC&colc=1649071450960&jsl=1&uvs=624ad559fb6e68dd000&skipb=1&callback=addthis.cbs.jsonp__050762627268702730
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3e0bc13630c133ee39d46e2cba921a6bb76a65fb35469bce654c19a3fee7d57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:24:11 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1703 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame EC3F 71 KB
26 KB 10ms
10ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Mon, 04 Apr 2022 11:24:11 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/15283051/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
351 B

7ms
7ms

Script
application/javascript

99.86.7.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 99.86.7.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-38.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:17:07 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 425
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: SsXvYjvpZAVP79IKGr5ZZ5TyNXXlrsaU4l6FTrxldOQCqD_N-CDB5Q==

Redirect headers

location: /internal-c2/default/cs.js
date: Mon, 04 Apr 2022 11:24:11 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: 3ZWuXMsEJC9A-pSM-Cpnu2-3ihXAJbZQ7riyiSpze99Qi7ZQoVL4PQ==
x-cache: Miss from cloudfront

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 9ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 04 Apr 2022 11:24:11 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 9ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 04 Apr 2022 11:24:11 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.viafoura.net
URL: https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-500.woff2

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.news9.com/story/6242690e64d0e8070c7f5907	1969-12-31 23:59:59	Name: ntvSession Value: {"id":8552295,"placementID":1073330,"lastInteraction":1649071449646,"sessionStart":1649071449646,"sessionEndDate":1649116800000,"experiment":""}
.t.co/	1970-01-20 11:34:45	Name: muc Value: f327fc1b-421a-4590-bac8-745040bb2d4c
www.news9.com/	1970-01-20 02:24:41	Name: connect.sid Value: s%3AS3w-u6NSq9WC9rngLB-njrxJh35BDdgb.ACPY8IdExWITbYBtqoET0k2kSySxhVnBmXLjtWXFtWo
www.news9.com/	1970-01-20 10:50:07	Name: usprivacy Value: 1---
www.news9.com/	1970-01-20 10:50:07	Name: ntv_as_us_privacy Value: 1---
.scorecardresearch.com/	1970-01-20 19:21:19	Name: UID Value: 114a74a0d297bcb942fc3a21649071450
.news9.com/	1970-01-20 19:35:43	Name: _ga Value: GA1.2.1036299329.1649071450
.news9.com/	1970-01-20 02:05:57	Name: _gid Value: GA1.2.303375189.1649071450
.news9.com/	1970-01-20 02:04:31	Name: _gat_UA-572554-6 Value: 1
.postrelease.com/	1970-01-20 10:50:07	Name: opt_out Value: 1
.viafoura.co/	1970-01-20 02:47:43	Name: VfSess Value: elfi9146s3t0i3hh3g10gbf35k
.viafoura.co/	1969-12-31 23:59:59	Name: vfThirdpartyCookiesEnabled Value: true
www.news9.com/	1970-01-20 02:04:33	Name: _vfb Value: www%2Enews9%2Ecom.00000000-0000-4000-8000-64d101d2ef8e.1.10.1649071450....
www.news9.com/	1970-01-20 02:04:31	Name: _vfz Value: www%2Enews9%2Ecom.00000000-0000-4000-8000-64d101d2ef8e.1649071450.1.medium=referral\|source=https%3A%2F%2Ft%2Eco%2F\|sharer_uuid=\|terms=
www.news9.com/	1970-01-20 10:50:07	Name: _vfa Value: www%2Enews9%2Ecom.00000000-0000-4000-8000-64d101d2ef8e.2f615aee-d27a-459d-8da1-ee9e5ce25ec1.1649071450.1649071450.1649071450.1
.viafoura.co/	1970-01-20 10:50:07	Name: vfDeviceId Value: c6717e61-320e-4067-8c95-72b1cff9d0dc
.news9.com/	1970-01-21 04:21:19	Name: _awl Value: 2.1649071451.0.5-b5dd642d88d70c5d9d4df63f2f9b7559-6763652d6575726f70652d7765737431-0
.news9.com/	1970-01-21 04:21:19	Name: _admrla Value: 2.0-b5dd642d-88d7-0c5d-9d4d-f63f2f9b7559
www.news9.com/	1970-01-20 02:04:31	Name: m32_pubgeo Value: JTdCJTIyaXAlMjIlM0ElMjIxODUuMjEzLjE1NS4xNjklMjIlMkMlMjJjb3VudHJ5X2NvZGUlMjIlM0ElMjJERSUyMiUyQyUyMmNvdW50cnlfbmFtZSUyMiUzQSUyMkRldXRzY2hsYW5kJTIyJTJDJTIycmVnaW9uX2NvZGUlMjIlM0ElMjJIRSUyMiUyQyUyMnJlZ2lvbl9uYW1lJTIyJTNBJTIySGVzc2VuJTIyJTJDJTIyY2l0eSUyMiUzQSUyMkZyYW5rZnVydCUyMGFtJTIwTWFpbiUyMiUyQyUyMnRpbWVfem9uZSUyMiUzQSUyMkV1cm9wZSUyRkJlcmxpbiUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTAuMTA0OSUyQyUyMmxvbmdpdHVkZSUyMiUzQTguNjI5NSUyQyUyMm1ldHJvX2NvZGUlMjIlM0EwJTJDJTIycG9zdGFsX2NvZGUlMjIlM0ElMjI2MDMyNiUyMiU3RA==
www.news9.com/	1970-01-20 11:33:19	Name: __atuvc Value: 1%7C14
www.news9.com/	1970-01-20 02:04:33	Name: __atuvs Value: 624ad559fb6e68dd000
www.news9.com/	1970-01-20 11:33:19	Name: __atssc Value: twitter%3B1
.addthis.com/	1970-01-20 11:33:19	Name: uvc Value: 1%7C14
.addthis.com/	1970-01-20 11:33:19	Name: ssc Value: twitter%3B1
.addthis.com/	1970-01-20 11:33:19	Name: loc Value: MDAwMDBFVURFTlcyMzIyMTg4ODAwMjAwMDBDSA==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack Message: Access to font at 'https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-500.woff2' from origin 'https://www.news9.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-500.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://www.news9.com/story/6242690e64d0e8070c7f5907/oklahoma-city-indian-clinic-suffers-cyber-attack Message: The resource https://www.news9.com/css/above-the-fold-bundle-kwtv.css?v=1648493084903 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.viafoura.co
baron.kwtv.com
c2.taboola.com
cdn.field59.com
cdn.viafoura.net
fonts.googleapis.com
fonts.gstatic.com
geoloc.m32.media
griffin-communications.akamaized.net
griffin-local.imgix.net
hot-town-closings.s3.amazonaws.com
i.viafoura.co
images.getadmiral.com
images.news9.com
imasdk.googleapis.com
jadserve.postrelease.com
livecomments.viafoura.co
m.addthis.com
notifications.viafoura.co
pagead2.googlesyndication.com
player.field59.com
rdc.m32.media
redirect.field59.com
s.ntv.io
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
v1.addthisedge.com
voraciousgrip.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.news9.com
z.moatads.com
cdn.viafoura.net
s7.addthis.com
104.16.57.230
104.16.58.230
104.16.61.230
104.244.42.197
104.75.88.126
142.250.181.226
151.101.1.44
23.35.237.151
23.35.237.64
2600:1f18:44f0:4840:880:96a6:bfe8:21df
2600:9000:2057:400:8:2ae1:d740:93a1
2600:9000:214f:d600:8:48e:53c0:93a1
2600:9000:214f:fe00:7:fd1f:ea00:93a1
2606:4700:3037::ac43:c1e6
2606:4700::6812:acf
2a00:1450:4001:802::2008
2a00:1450:4001:803::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:400c:c07::9b
2a02:26f0:3500:11::215:14cc
2a04:4e42:1b::720
3.213.149.116
34.196.163.206
35.170.84.146
35.190.64.11
35.227.201.248
35.227.246.163
52.217.197.225
52.6.252.104
99.86.7.38
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
095bf6b855ffa1001b47d0e426e2850631d6c4e7b782e8416b843137194653ad
09abb36a338941557a6448752c20db1217405105a356b9027a0e93450ec36869
0bfd435d428c9a21241282448d24266c0ae03fcc59f60b1005b2aed97bfeb3e3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
14f9753575e756d19ee1051ff6e61ba3e753784fa28c60e89420b61da2599239
1e1228ec53d00d5066167b8a39e8f2bec70abf0c97e0972ea0a099494b395dd9
20245147956b74b92576978a910fc629a462f5a3f85a3c6d8d6f235d348915be
20638b42fdffc8dd9040c0ddecd25184b1d67cd5051cefe4d32e7131b39164d8
2073b23ab67fa8875a43be75f06369e507473b0c8f2ac11b888ddfa938d4328e
2faab373fe09d6c83c6a9078b19021b0049667bf730edf7a4c2f3c98678ad3ad
2fd1627d257dbc109425c4098421a6b6895d3badc225a6906f68ae280578f885
318be3531145699bad141da61c6c144376ebdeada830b473d191b41ce2c88dad
320e48973b75574afce198236b2ee06ff1a93843f870334dba25cd7f837af6a6
33e241bd3dc5eac96f6be0fa45963738f60219779d7c7796761cb87d3315eb8e
370643553d67d699cb2e06f15633a6e0bcd366b7e14deb71066b911a8e7a0b1e
3b460056ee814c31634d52ab2725083363be94f487b706cddcc729aeacd7bec1
3f69bc2b3281bff6fc2af842c58310b09ab5f7fe9a7e2a5c452b1bd99c7ff32e
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42cac8700a4be94d6bddefeaae0adc5566ff988af5aed9b18afe3ef69ea82b9b
43518120782bbcca736108422bd2acc1a4dfe301aeabca867ef925c10f15286a
43684042c34ac7c5e8534fcae77a3b453415b80d6b364e1a45a90dab9bdc52d0
43bff1a54870a301e61074e22497a8ca9773b44e01e2f3355f348095f9ac157c
456d3646ee55fb7937a52bf405af06c5aa4cb0196bac799047166a7bd5a71827
4668799ab61f49b55165a79befcbeca12bff731584882fa8528b68fcbd0b538a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ffa64a4c20126ab0edb8432e5d90d7c66ecd9066e42b271c82aa90df3920f17
52d62bc48092312697bd7f703bb259947476b4598504ae748f44722592977bda
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56e21c0b93290490c1b1bcd3c541dc358b4f5bb43b24d954dc075e82fe48dcaf
5771c4607a8b38561287f16cf9051ea82d59775e7be812412e232c6b4e238d79
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5b6abe5c47237c8d715fd3f97e84733d315881c135e7f0a3a2f93e4343e4cf7c
5e4befb8c314e033b41bdd60dfbe9d131445e609faaab81b4e8542bed1df7f19
5e554a79c82d7292297617179cb1ce618b5fc41cb6440da1818d4e521337a186
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
77c6763beed81dcf1db78bc1c5d259c97c5468a3c3054a239610c228eedf824c
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
791fdc84ddbedaa55e42d4b24d5d77dc052c7c4dd9fe4d4fceb75e1bf0ac2d40
7afd1220823e11508d3f03c32dc889df0202be78768e5f19071f003276d54faa
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7dcc9e66f50570314f67d8c15efd5e94b83883e7575665200a98712271a0e5e4
7f6ecf10e100dfd6648d2dbcb5cd015c12809d10c2179341fb0571bca60a2420
83fc36d42aac26c24cd9772c8bd11a65e3f7f2cc0e687755151d72f2dbea3f89
84ad9414ff86a7781f000f3d1b8feddbffc6e7847ea69b2e0a96c4ef22cdc3dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872d9cf86eb204efad6639e68925ec9e040c100ef975a2177ffdcf4d64873db9
8971b76f8f001094d93e582a3b161fdb36f8f2be1596a46b832598d229a5f308
8b273ef870332c963ecfac6a7fd48fa13c0b58d1c3cc513c00ad9c0680aff738
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
902ffb45a748372fe71fa990db6014d6e0dcb4784a29639b670dced31c328951
93e956d9b215273da41b4747167d7d7a1e37660065fa08231f8e950183a5c79a
97561eb1b3a7b1dbd6e01e3d83e75213bccfff294885b71d89b61b9352d4fd4e
9a48885dafbf847141d353245399a4fc91db653213dfef0dded37a7c56442390
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8258fafc935d218b8c02a2b5be0c5e5deb8e2cb98548fee9d176666a67a8790
a8892b221847a8b63f7691aafa26375f8fd8cfa04756f22c0407d9b3ed1299fa
a9a2c9deec7d632d704697714081a3ace859d2f01e4fd7d323c053711d39b6ac
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad3c43cb768f9fb7f21afc9ab278b21b1d4a47f57abb97224c6d1aff9ba1909a
ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5
b317f976264b87cea799544f3af2f329afb6cfeab2c3faf5d78102b182bc5e7a
b34121da736f50831c521fe0cb89e495b0d368a08b006b11b72c9cebf2aa8f12
b3e0bc13630c133ee39d46e2cba921a6bb76a65fb35469bce654c19a3fee7d57
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
b991c1ea66dc32cad7cd6a7204502bb2f250bd6f572de06a875decfaf7abab90
bdb9e00e3a9cf710385a379700831ef957a2c3e9dec4473bf5da13fbc2a36a42
bdf98b2e5e973ecec03446baff506d6a826e27c1f7d52197474680ae766afcc2
c10dbb8682407530fc33c5771b9edd497a3df919408aac9518560289eb99e41a
c12ff576ee8522456cb01bb8b5e84490927f632d887bdcb320b74d207c4ee5e3
c79348027b279198cb93513bd91b77dbeeb3b8fc9c37119fe6e97603e1906c74
c884a5117a2d9fe801f55d252b89662eb1f26845df4511fcd36de1d7277e1a59
c93f4332daa92f95a2c2446599d6cf9e87b00b20d60db827af63b0e4a3feb22b
cb0a90dd01b8934f8106c94bf458e052fd7f495159b9046c9a5bec0123d72915
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d01bb36f93c77657795fe8c2ec81f92bb2e66a8aef114769c0b777f7c10806e2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d286e31993062c84db7d15274216bef3d70b38cf4e25439abe6e2834f12786ea
d369ebcbbfca180c5e687dff8011a4d524b9490f21aaaeb7b8b5f79685778b17
d561d3818d8d1bba19675db767ac3b4384f0670e39d722d212e72175dbe54154
d81cea0747b72749235dbf26147ef5f8391f9b5c30497b6fb2d1881486512d4d
ddaa0d52bb744fbadd01e0d802c1703e49d7650eeb66bded570111b6c9752528
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0b7c3c640512a60b36d0e42047dcff5f092d062a0263b84e4029bdec2e77612
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89519a4b03c270fa4964f78715f07eed240b7f1a1bbe16ae155aae33123a48c
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee1a241caabc66bb347d6b64ac8367db9c84989003982ebfc004805cbaa2782f
ee7fa9758461125ca596582dc9082a355124c94c6b989f188bac28ad1ff5c191
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6c217cf4a70824e150c9b84635540ccebfacd9f4a6b024d8d3d13e7226ca0ec
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.news9.com Open in urlscan Pro 2600:9000:214f:fe00:7:fd1f:ea00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

97 %HTTPS

51 %IPv6

31 Domains

41 Subdomains

38 IPs

4 Countries

2815 kBTransfer

8432 kBSize

25 Cookies

15 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.news9.com Open in urlscan Pro
2600:9000:214f:fe00:7:fd1f:ea00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

97 %
HTTPS

51 %
IPv6

31
Domains

41
Subdomains

38
IPs

4
Countries

2815 kB
Transfer

8432 kB
Size

25
Cookies

120 HTTP transactions
1 data transactions