www.news9.com Open in urlscan Pro
2600:9000:214f:f000:e:9741:2b40:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Submission: On November 25 via api (November 25th 2021, 2:01:51 am UTC) from US — Scanned from DE

Summary HTTP 266 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 64 IPs in 9 countries across 57 domains to perform 266 HTTP transactions. The main IP is 2600:9000:214f:f000:e:9741:2b40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.news9.com.
TLS certificate: Issued by Amazon on February 28th 2021. Valid for: a year.

This is the only time www.news9.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2600:9000:214... 2600:9000:214f:f000:e:9741:2b40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
5	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
26	104.16.59.230 104.16.59.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.27.221.5 52.27.221.5	16509 (AMAZON-02) (AMAZON-02)
7	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	54.171.114.180 54.171.114.180	16509 (AMAZON-02) (AMAZON-02)
2 6	13.35.253.42 13.35.253.42	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
26	2600:9000:205... 2600:9000:2057:9200:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.84.153.193 54.84.153.193	14618 (AMAZON-AES) (AMAZON-AES)
4	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
5	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	54.77.51.122 54.77.51.122	16509 (AMAZON-02) (AMAZON-02)
2	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
2	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	8.2.111.126 8.2.111.126	46636 (NATCOWEB) (NATCOWEB)
2	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
36	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
2	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
8	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
2	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
2	52.211.199.54 52.211.199.54	16509 (AMAZON-02) (AMAZON-02)
2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
3	2600:1f18:44f... 2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:211... 2600:9000:211e:7000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:9c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	18.214.172.53 18.214.172.53	14618 (AMAZON-AES) (AMAZON-AES)
1	44.239.35.110 44.239.35.110	16509 (AMAZON-02) (AMAZON-02)
1	52.35.106.12 52.35.106.12	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1 9	52.42.90.222 52.42.90.222	16509 (AMAZON-02) (AMAZON-02)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	34.248.11.216 34.248.11.216	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1	54.191.177.235 54.191.177.235	16509 (AMAZON-02) (AMAZON-02)
6	50.17.45.48 50.17.45.48	14618 (AMAZON-AES) (AMAZON-AES)
2	35.227.246.163 35.227.246.163	15169 (GOOGLE) (GOOGLE)
10	54.144.244.112 54.144.244.112	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	35.227.201.248 35.227.201.248	15169 (GOOGLE) (GOOGLE)
1	52.217.163.169 52.217.163.169	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::6815:4466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.21.30 51.89.21.30	16276 (OVH) (OVH)
266	64

16 2600:9000:214f:f000:e:9741:2b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.news9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.medidexs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

griffin-communications.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.16.59.230 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redirect.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.221.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-221-5.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.64.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

voraciousgrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.114.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-114-180.eu-west-1.compute.amazonaws.com

c.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.35.253.42 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-42.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:2057:9200:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.153.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-153-193.compute-1.amazonaws.com

baron.kwtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.51.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-51-122.eu-west-1.compute.amazonaws.com

s.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.111.126 (United States)

ASN46636 (NATCOWEB, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.199.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.214.172.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-172-53.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.35.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-35-110.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.106.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-106-12.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.42.90.222 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-90-222.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.11.216 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-11-216.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.191.177.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-177-235.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.17.45.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-45-48.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
interaction.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.246.163 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 163.246.227.35.bc.googleusercontent.com

rdc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.144.244.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-244-112.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
interaction.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
notifications.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.201.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.201.227.35.bc.googleusercontent.com

geoloc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.163.169 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

hot-town-images.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p25.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	yahoo.com c2shb.ssp.yahoo.com	3 KB
26	viafoura.net cdn.viafoura.net	382 KB
26	field59.com cdn.field59.com redirect.field59.com player.field59.com	755 KB
19	viafoura.co api.viafoura.co livecomments.viafoura.co i.viafoura.co interaction.viafoura.co notifications.viafoura.co	8 KB
16	news9.com www.news9.com	466 KB
12	adnxs.com 2 redirects prebid.adnxs.com ib.adnxs.com secure.adnxs.com	9 KB
12	ad.gt 1 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	17 KB
8	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	144 KB
7	voraciousgrip.com voraciousgrip.com	248 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
6	gstatic.com fonts.gstatic.com	136 KB
5	postrelease.com jadserve.postrelease.com	3 KB
5	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com Failed	181 KB
5	google-analytics.com www.google-analytics.com	22 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	384 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	pubmatic.com 2 redirects hbopenbid.pubmatic.com image2.pubmatic.com	6 KB
4	mediafuse.com player.mediafuse.com hb.mediafuse.com Failed	142 KB
3	m32.media rdc.m32.media geoloc.m32.media	18 KB
3	openx.net adtelligent-d.openx.net u.openx.net	611 B
3	addthis.com s7.addthis.com m.addthis.com	141 KB
2	googlesyndication.com pagead2.googlesyndication.com	26 KB
2	2mdn.net s0.2mdn.net	139 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	961 B
2	onetag-sys.com onetag-sys.com	720 B
2	districtm.io dmx.districtm.io	342 B
2	lijit.com ap.lijit.com	1 KB
2	servenobid.com ads.servenobid.com	1 KB
2	1rx.io tag.1rx.io	338 B
2	creativecdn.com prebid-us.creativecdn.com	350 B
2	betweendigital.com ads.betweendigital.com	1 KB
2	colossusssp.com colossusssp.com	480 B
2	lockerdome.com lockerdome.com	666 B
2	a-mo.net prebid.a-mo.net	614 B
2	google.de www.google.de	564 B
2	google.com www.google.com	564 B
2	jsrdn.com c.jsrdn.com s.jsrdn.com	27 KB
2	akamaized.net griffin-communications.akamaized.net	3 KB
1	id5-sync.com id5-sync.com	531 B
1	getadmiral.com images.getadmiral.com	3 KB
1	amazonaws.com hot-town-images.s3.amazonaws.com	111 KB
1	addthisedge.com v1.addthisedge.com	207 B
1	googletagservices.com www.googletagservices.com	27 KB
1	mathtag.com 1 redirects sync.mathtag.com	684 B
1	contextweb.com 1 redirects bh.contextweb.com	423 B
1	aufp.io aufp.io	3 KB
1	moatads.com z.moatads.com	1 KB
1	adsafeprotected.com static.adsafeprotected.com	481 B
1	quantcount.com rules.quantcount.com	427 B
1	quantserve.com secure.quantserve.com	10 KB
1	kwtv.com baron.kwtv.com	1 KB
1	ntv.io s.ntv.io	114 KB
1	adtelligent.com player.adtelligent.com	4 KB
1	googletagmanager.com www.googletagmanager.com	58 KB
1	medidexs.com sync.medidexs.com	16 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	18 KB
266	57

	Domain	Requested by
36	c2shb.ssp.yahoo.com	player.mediafuse.com
26	cdn.viafoura.net	www.news9.com cdn.viafoura.net
16	www.news9.com	www.news9.com
15	redirect.field59.com	www.news9.com
9	ids.ad.gt	1 redirects www.news9.com
8	livecomments.viafoura.co	cdn.viafoura.net
8	ib.adnxs.com	player.mediafuse.com
7	voraciousgrip.com	www.news9.com voraciousgrip.com
7	cdn.field59.com	www.news9.com player.field59.com
6	sb.scorecardresearch.com	2 redirects www.news9.com cdn.taboola.com
6	fonts.gstatic.com	fonts.googleapis.com
5	jadserve.postrelease.com	s.ntv.io www.news9.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	interaction.viafoura.co	cdn.viafoura.net
4	cdn.taboola.com	www.news9.com cdn.taboola.com
4	player.field59.com	www.news9.com player.field59.com
4	player.mediafuse.com	www.news9.com player.mediafuse.com
3	i.viafoura.co	www.news9.com
3	cm.g.doubleclick.net	2 redirects www.news9.com
3	api.viafoura.co	cdn.viafoura.net
3	fonts.googleapis.com	www.news9.com client voraciousgrip.com
3	securepubads.g.doubleclick.net	www.news9.com securepubads.g.doubleclick.net
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	pagead2.googlesyndication.com	srcdoc
2	imasdk.googleapis.com	s0.2mdn.net
2	rdc.m32.media	cdn.viafoura.net rdc.m32.media
2	s0.2mdn.net	player.field59.com s0.2mdn.net
2	match.prod.bidr.io	2 redirects
2	image2.pubmatic.com	2 redirects
2	match.adsrvr.org	2 redirects
2	secure.adnxs.com	2 redirects
2	onetag-sys.com	player.mediafuse.com
2	dmx.districtm.io	player.mediafuse.com
2	ap.lijit.com	player.mediafuse.com
2	ads.servenobid.com	player.mediafuse.com
2	tag.1rx.io	player.mediafuse.com
2	prebid-us.creativecdn.com	player.mediafuse.com
2	ads.betweendigital.com	player.mediafuse.com
2	colossusssp.com	player.mediafuse.com
2	adtelligent-d.openx.net	player.mediafuse.com
2	lockerdome.com	player.mediafuse.com
2	hbopenbid.pubmatic.com	player.mediafuse.com
2	prebid.a-mo.net	player.mediafuse.com
2	prebid.adnxs.com	player.mediafuse.com
2	www.google.de	www.news9.com
2	www.google.com	www.news9.com
2	s7.addthis.com	www.news9.com s7.addthis.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	griffin-communications.akamaized.net	www.news9.com
1	trc.taboola.com	cdn.taboola.com
1	id5-sync.com	player.mediafuse.com
1	images.getadmiral.com
1	hot-town-images.s3.amazonaws.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	geoloc.m32.media	rdc.m32.media
1	notifications.viafoura.co	cdn.viafoura.net
1	u.openx.net	www.news9.com
1	pixels.ad.gt	p.ad.gt
1	www.googletagservices.com	player.field59.com
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	z.moatads.com	s7.addthis.com
1	static.adsafeprotected.com	www.news9.com
1	rules.quantcount.com	secure.quantserve.com
1	s.jsrdn.com	c.jsrdn.com
1	secure.quantserve.com	c.jsrdn.com
1	baron.kwtv.com	www.news9.com
1	s.ntv.io	www.news9.com
1	player.adtelligent.com	player.mediafuse.com
1	c.jsrdn.com	www.googletagmanager.com
1	www.googletagmanager.com	www.news9.com
1	a.ad.gt	player.mediafuse.com
1	sync.medidexs.com	player.mediafuse.com
1	stackpath.bootstrapcdn.com	www.news9.com
0	15.taboola.com Failed	cdn.taboola.com
0	hb.mediafuse.com Failed	player.mediafuse.com
266	80

This site contains links to these domains. Also see Links.

Domain
reviews.news9.com
workforcenow.adp.com
viafoura.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.google.com
griffincommunications.net
optout.aboutads.info
publicfiles.fcc.gov
getadmiral.com

Subject Issuer	Validity	Valid
*.news9.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
player.mediafuse.com R3	`2021-11-17` - `2022-02-15`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sync.medidexs.com R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
voraciousgrip.com R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.jsrdn.com Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
player.adtelligent.com R3	`2021-11-19` - `2022-02-17`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
viafoura.com Amazon	`2021-10-07` - `2022-11-05`	a year	crt.sh
*.kwtv.com Amazon	`2021-01-29` - `2022-02-27`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.a-mo.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2021-09-27` - `2022-10-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2021-11-07` - `2022-11-07`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
ads.servenobid.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.m32.media Sectigo RSA Domain Validation Secure Server CA	`2020-11-18` - `2021-12-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2021-05-13` - `2022-05-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Frame ID: AA41F01B7B853BA441E53EA5AD033B0C
Requests: 251 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 918439380B8F0B81835F6F2359B1CD1A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 02EBAEC252FA02C2D9A9415FD6F0F120
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4928228D1CE4CFEF0F845FC8D7E448F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EBACFA830118B35B1EF9D75437F6D7F0
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1E187F51AD014C393EA9E9852BB0AC3A
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6078476A5B3C550E08BB0A4799FEAC48
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Watch: Arvest Winterfest To Kick Off In Downtown Tulsa News 9 user-signalchecklistsettings-toggle-horizontal

Page Statistics

266
Requests

91 %
HTTPS

30 %
IPv6

57
Domains

80
Subdomains

64
IPs

9
Countries

3637 kB
Transfer

10875 kB
Size

71
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://reviews.news9.com/
Title: Buying Guides

Search URL Search Domain Scan URL

URL: https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=54733210-d9a2-4046-a182-316ad78bb00a&lang=en_US&selectedMenuKey=CurrentOpenings
Title: Job Listings

Search URL Search Domain Scan URL

URL: https://viafoura.com/?pt=Engagement&pr=LiveCommenting&vfsid=00000000-0000-4000-8000-64d101d2ef8e&vfrsid=undefined&vfdom=https%3A%2F%2Fwww.news9.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NEWS9/

Search URL Search Domain Scan URL

URL: https://twitter.com/News9

Search URL Search Domain Scan URL

URL: https://www.instagram.com/news9/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NEWS9OklahomaCity

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/KWTV+News+9/@35.5481854,-97.4986936,17z/data=!3m1!4b1!4m5!3m4!1s0x87b219a733117a87:0x86cf9395c7f1cb3e!8m2!3d35.5481854!4d-97.4965049

Search URL Search Domain Scan URL

URL: http://griffincommunications.net/
Title: Griffin Communications.

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/#!/
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kwtv-dt
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.news9.com&utm_medium=pb&session=4-79eef98b-57713b07525edfe358881ef6eaac76bf-6763652d6575726f70652d7765737431-619eee89-0
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://sb.scorecardresearch.com/b?c1=2&c2=15283051&ns__t=1637805703641&ns_c=UTF-8&c8=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1637805703641&ns_c=UTF-8&c8=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&c9=

Request Chain 122

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D47cc46ab-cee2-4fde-a282-be2034432b9a%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&adnxs_id=3359715487119889352

Request Chain 123

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=c144686c-10ad-4762-8ca0-f48d7451bc40&id=47cc46ab-cee2-4fde-a282-be2034432b9a

Request Chain 124

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=F2279161-27CA-4DB3-AB90-A4AB4BFAB198&id=47cc46ab-cee2-4fde-a282-be2034432b9a

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=47cc46ab-cee2-4fde-a282-be2034432b9a&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&google_gid=CAESEDJFsjEOQbCz59IgmlE5xiY&google_cver=1&google_ula=450542624,0

Request Chain 126

https://ids.ad.gt/api/v1/g_hosted?id=47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NDdjYzQ2YWItY2VlMi00ZmRlLWEyODItYmUyMDM0NDMyYjlh

Request Chain 127

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=UAdNmOYUayHc&ev=1&pid=562316&id=47cc46ab-cee2-4fde-a282-be2034432b9a

Request Chain 128

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=5bed619e-ee88-4b00-9845-e3356fa8b2c4&id=47cc46ab-cee2-4fde-a282-be2034432b9a

Request Chain 129

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=47cc46ab-cee2-4fde-a282-be2034432b9a HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=47cc46ab-cee2-4fde-a282-be2034432b9a&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=ABSCMU7DPd0AACqk6DCPLQ&id=47cc46ab-cee2-4fde-a282-be2034432b9a

Request Chain 229

https://sb.scorecardresearch.com/c2/15283051/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 250

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news9.com%2F&domain=www.news9.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ATfPu3wrYjhqZ0l3L09CNnRKQk5ZbDdDQ0JZZmtRNlkwRnAxQUJhN1g1eUt0SGM1cWJSVUxHK29MWnNNdVJ4cmhTUDVqOURZc1VMck8wSUMzMVF2TThzYm00L3J1b0taUXJwTzFFQUh5NGljdzNzZ3hLb3RqZk1mQnJibkNHUC9rMGF2QTIvVUdVVGo2VW1MZm0xejNtWmFleUpxNzZ6UktBWkVhelVnaDc2SFdIcmxkYi9XWlExNWNoK2gzcFVRNmJYYXF4NWE5NTdDS1cyN1FqcGJNeExhRms0Q1d2WGlmbnV3YVJ2b2lSM2xmWjdZPXw&cppv=2

266 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa- Show response
www.news9.com/story/6197e26903cd1f0c0fca5fdf/ 395 KB
68 KB 527ms
484ms Document
text/html 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

41b260a03a5df03405d9120167aeae07d471bd894d8466266b6c1bf0ed4ae749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cache-control: public, max-age=120 no-cache="set-cookie"
content-encoding: gzip
date: Thu, 25 Nov 2021 02:01:43 GMT
etag: 4YxPv8tCv4rxdqvBH9yPGt7HLW4=
referrer-policy: same-origin
server: nginx/1.18.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: y7cCQ9SFS14RHpQPmLlcuW2vhdtS0wFlXQ39cBNb73yb77ulKyAUCQ==

GET
H2 200 bundle-kwtv-production.js Show response
www.news9.com/js/ 381 KB
113 KB 201ms
200ms Script
application/javascript 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

29860c35fc9c08719bb8777e71d12ccc8051df496afe3cfa5e8d8e85eec1bf56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"5f5c7-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-timestamp: 1637805703365
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: c0JqytkBhshIsOFastknRT5HXXribK62BODGLyVbtTxrWAFPxpg5dg==

GET
H2 200 below-the-fold-bundle-kwtv.css
www.news9.com/css/ 90 KB
16 KB 216ms
216ms Stylesheet
text/css 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/css/below-the-fold-bundle-kwtv.css?v=1637191579472

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

4ee1dc0652b3caa5b36c10034a4b558de9ea3a5596608b04f043d69b2caf1573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"16627-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-timestamp: 1637805703380
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: LLwIqKBHUenFSw1iSTAeYQU0txg2bERSxUygaedIdtejV6Eu9ths9A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 57ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1054 / 409 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Nov 2021 02:01:43 GMT

GET
H2 200 hb_311442_8088.js Show response
player.mediafuse.com/prebidlink/454946/ 363 KB
109 KB 79ms
8ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 425365f73e24cf04189200211a1277866c6d8d785c52b4889e45fec1ddc7de67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 12:48:42 GMT
server: nginx
etag: W/"618e62aa-5ab87"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 25 Nov 2021 03:01:43 GMT

GET
H2 200 wrapper_hb_311442_8088.js Show response
player.mediafuse.com/prebidlink/454946/ 1 KB
838 B 99ms
28ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.mediafuse.com/prebidlink/454946/wrapper_hb_311442_8088.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ec2efb360d7b9bee859a1ce6b5a9946621280f6b30cd4a3abaf3b774d8c9f60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 23:37:01 GMT
server: nginx
etag: W/"619ecc9d-41c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 25 Nov 2021 03:01:43 GMT

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 39ms
24ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Nov 2021 02:01:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 196 B
149 B 30ms
15ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.news9.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

09ba54532a528547927d74e6427490332112a2a30fe87777b7d8aef89878ef02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124
x-xss-protection: 0
expires: Thu, 25 Nov 2021 02:01:43 GMT

GET
H2 200 above-the-fold-bundle-kwtv.css
www.news9.com/css/ 210 KB
39 KB 415ms
415ms Stylesheet
text/css 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/css/above-the-fold-bundle-kwtv.css?v=1637191579472

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

84fc2a20a2ef48b021bc675fb0111c2a670c0eea104251c7dbb013e806577574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"3460b-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-timestamp: 1637805703719
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: A5y6COInNG4_vuemNR7JHrOoCmDpwpk0nZh-aUj_MFsDJePYZ1Y-Qw==

GET
H2 200 n9logo.svg
www.news9.com/img/ 2 KB
2 KB 116ms
115ms Image
image/svg+xml 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/n9logo.svg

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

42cac8700a4be94d6bddefeaae0adc5566ff988af5aed9b18afe3ef69ea82b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"943-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-timestamp: 1637805703450
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: ALnqFf78pTUXnva0sqL2Zk_6fzQKuoT1xc91O1r-zlwNx86W1k0p3Q==

GET
H2 200 n9logoLarge.svg
www.news9.com/img/ 6 KB
3 KB 212ms
211ms Image
image/svg+xml 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/n9logoLarge.svg

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5771c4607a8b38561287f16cf9051ea82d59775e7be812412e232c6b4e238d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"1633-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-timestamp: 1637805703537
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: bSO3X5KgVwtF36cJb30EW0lpFMpeqT2c0H2vud2SSxPndGyDl4NRjw==

GET
H2 200 notStreaming.svg
www.news9.com/img/ 363 B
1 KB 212ms
211ms Image
image/svg+xml 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/notStreaming.svg

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5e554a79c82d7292297617179cb1ce618b5fc41cb6440da1818d4e521337a186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 363
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"16b-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1637805703537
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: BHS1Es5wEb5FNn3fvE6zh00GIU74lmeWrLeLMPUtON9JKO1W4Yo1-A==

GET
H2 200 streaming.svg
www.news9.com/img/ 419 B
1 KB 212ms
211ms Image
image/svg+xml 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/streaming.svg

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7afd1220823e11508d3f03c32dc889df0202be78768e5f19071f003276d54faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 419
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"1a3-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1637805703549
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: fZyCsi_slDyP7PyaKDGDS98tQuRujLjaLJM59cVBPubl2BOr7cWAFw==

GET
H/1.1 200
OK clear.svg
griffin-communications.akamaized.net/baronIcons/day/ 1 KB
2 KB 202ms
21ms Image
image/svg+xml 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/baronIcons/day/clear.svg
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bdbfd7103de44415a582357fe1360f93792aeb64d61ca2ea35d6b59d92d32b41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 02:01:43 GMT
Last-Modified: Wed, 26 Jun 2019 16:04:30 GMT
Server: AkamaiNetStorage
ETag: "b953377fbfcb22a9fb27ae741a598e43:1580959025.00369"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1502

GET
H2 200 633491626353f3bc92fe906326f2c125cbddba5d_fl9-360p_50.jpg
cdn.field59.com/KOTV/ 22 KB
23 KB 220ms
142ms Image
image/jpeg 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KOTV/633491626353f3bc92fe906326f2c125cbddba5d_fl9-360p_50.jpg
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b80bede5a232aca777d31ae328d2135ddcc954a48fc869e044cee3938c4e370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
last-modified: Fri, 19 Nov 2021 15:50:57 GMT
cf-cache-status: HIT
x-amz-request-id: Q8B9ERAH7SBQ8545
cf-polished: origSize=23573, status=webp_bigger
cf-ray: 6b374a6ec96bd208-MAN
x-amz-replication-status: COMPLETED
content-length: 22973
x-amz-id-2: +O9uYqWSO/qI3v2m3IyOyYzySvU5ixGUkMiK2vXjmu7eaTpxBXcBn6cMC1xVL8sH/QJBKT/RS2M=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "fbd835bd1aa5637ca62ca6435e180b35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: pbdunY_OHnO0UI2haSGgBTtGIM9FA16F
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 25 Dec 2021 02:01:43 GMT

GET
H2 200 fbeb402f523ce28b7e9b584e29def0caf83da289_4P_pkg_Winterfest_Opening_Day_transfer_frame_826_custom.jpeg
cdn.field59.com/KOTV/ 105 KB
106 KB 226ms
148ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KOTV/fbeb402f523ce28b7e9b584e29def0caf83da289_4P_pkg_Winterfest_Opening_Day_transfer_frame_826_custom.jpeg
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 021312a141f1518eff6a9488e9e861213e3528472a7e653153064f17b72dcc18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
cf-cache-status: HIT
x-amz-request-id: QAV2BW9R3C7RG8X7
cf-polished: qual=85, origFmt=jpeg, origSize=278135
cf-ray: 6b374a6ec96cd208-MAN
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="fbeb402f523ce28b7e9b584e29def0caf83da289_4P_pkg_Winterfest_Opening_Day_transfer_frame_826_custom.webp"
content-length: 107964
x-amz-id-2: 7MRx/qY+ayzMl3E5cBCTtaUOaKKhWEsREUObAM1GnE0lKMpfschCiD3+tzML+KmKwUWqQFiaoXw=
last-modified: Fri, 19 Nov 2021 22:45:29 GMT
server: cloudflare
etag: "c50657798de398a161872b6dfc74283c-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: .gU16TSRjoHt0x6henAyXU5Cr2Ut4Grg
expires: Sat, 25 Dec 2021 02:01:43 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/633491626353f3bc92fe906326f2c125cbddba5d/w60/ 818 B
978 B 276ms
119ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/633491626353f3bc92fe906326f2c125cbddba5d/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee849b7f4de9a729bee459cd14b54f711b06bad7fced8abf0214a69268e52f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 42.379ms
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=958
content-length: 818
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.283ms
last-modified: Thu, 25 Nov 2021 00:39:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 00:39:54 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f3e1e40cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/91f0b9b580e8afe7c5fa7d90d678e2a24396f5ec/w60/ 1 KB
2 KB 277ms
120ms Image
image/jpeg 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/91f0b9b580e8afe7c5fa7d90d678e2a24396f5ec/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65d42ccb61bb226cf39d94329f330e6d32efd52b5e2d93b46e09a12da22c91d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 122.05ms
cf-cache-status: HIT
cf-polished: status=not_needed
content-length: 1458
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 17.664ms
last-modified: Thu, 25 Nov 2021 01:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 01:21:28 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f3e2240cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/24da51c9435ea979a22bf0a9e776b9b156185f49/w60/ 598 B
844 B 274ms
117ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/24da51c9435ea979a22bf0a9e776b9b156185f49/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d099ff331fd80ce99362e26888c136f1164d1180095b29de47b9c95ffd2fa02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 110.836ms
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=844
content-length: 598
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.693ms
last-modified: Thu, 25 Nov 2021 01:15:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 01:15:47 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f3e2940cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/f4ba7160bcaa450c82ec45caa3f266730aed83b5/w60/ 790 B
1 KB 273ms
116ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/f4ba7160bcaa450c82ec45caa3f266730aed83b5/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee07f71a184c255aea1022f27404eebd7adbf48a7d32f853aac80ad06f517dc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 103.333ms
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=900
content-length: 790
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.707ms
last-modified: Thu, 25 Nov 2021 01:05:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 01:05:15 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f3e2a40cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/51f53b5c7c4247e2ca1b56fb35cb24078f114a84/w60/ 1 KB
1 KB 267ms
116ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/51f53b5c7c4247e2ca1b56fb35cb24078f114a84/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e61a4760414182560d07c6f9044e724dbe3d0821e1d3e54284ffecc70d7f21c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 62.734ms
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=1106
content-length: 1024
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.708ms
last-modified: Thu, 25 Nov 2021 00:58:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 00:58:41 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f3e2540cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/a4bfcba0a5d57e2fd17aeb633b818a9a939496bf/w60/ 984 B
1 KB 226ms
125ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/a4bfcba0a5d57e2fd17aeb633b818a9a939496bf/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7149b2f6b4122b981da3491cdd4021a072b36f18a8d76fccf7bf05cd104e6097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 114.232ms
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=1015
content-length: 984
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.812ms
last-modified: Thu, 25 Nov 2021 00:53:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 00:53:48 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f3e2440cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/3490fa69d1cacba9b98cc42e570953eaa0dae4b0/w60/ 784 B
1 KB 24ms
23ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/3490fa69d1cacba9b98cc42e570953eaa0dae4b0/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f53913229bc74a06e46b284c0b54a835c667110cda5cab2c38f3e5513eff4f8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 104.834ms
cf-cache-status: HIT
age: 2395
cf-polished: qual=85, origFmt=jpeg, origSize=922
content-length: 784
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.491ms
last-modified: Thu, 25 Nov 2021 00:40:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 00:40:46 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f8e7540cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/989d9eb1fee93043062fc4cfc2e1b68f5a9be630/w60/ 972 B
1 KB 31ms
30ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/989d9eb1fee93043062fc4cfc2e1b68f5a9be630/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2948e734b30234f618ad4f32aaf10ab14043f23e0f3a34fe2fbe17f792b1c5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 70.97ms
cf-cache-status: HIT
age: 4864
cf-polished: qual=85, origFmt=jpeg, origSize=1049
content-length: 972
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 13.901ms
last-modified: Thu, 25 Nov 2021 00:36:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 00:36:25 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f8e7840cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/2c66eef80f8f81a7eb77e117f8a12091db01fff8/w60/ 554 B
719 B 25ms
24ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/2c66eef80f8f81a7eb77e117f8a12091db01fff8/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12213bea98c8084ba17ee563197afccded4180696dd2a937ff5cf331e719bfb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 125.308ms
cf-cache-status: HIT
age: 4864
cf-polished: qual=85, origFmt=jpeg, origSize=802
content-length: 554
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 13.208ms
last-modified: Thu, 25 Nov 2021 00:18:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 00:18:17 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f8e7940cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/bce42a23091f8655028c85aeb0bd72c3ed2023d9/w60/ 924 B
1 KB 30ms
29ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/bce42a23091f8655028c85aeb0bd72c3ed2023d9/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee20a2aecbf355c60a450fb6f3fb14c2a95d0d41d44b777ab4b3b91a1d9a9f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 158.888ms
cf-cache-status: HIT
age: 4864
cf-polished: qual=85, origFmt=jpeg, origSize=1030
content-length: 924
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.677ms
last-modified: Thu, 25 Nov 2021 00:20:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 00:20:34 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f8e7b40cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/58f20edef8da22fb386a97d0cc0b73eac8fd0d3e/w60/ 926 B
1 KB 28ms
28ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/58f20edef8da22fb386a97d0cc0b73eac8fd0d3e/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb474cb0451f2050a36a10aef499676e6975686dc6c5eb64847464836f16e22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 100.233ms
cf-cache-status: HIT
age: 4864
cf-polished: qual=85, origFmt=jpeg, origSize=997
content-length: 926
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.268ms
last-modified: Thu, 25 Nov 2021 00:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 00:21:51 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f8e7c40cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h34
redirect.field59.com/video/thumb/6b5957917bbfa170e42a5fdd1a823513df3a8b1d/w60/ 930 B
1 KB 25ms
25ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/6b5957917bbfa170e42a5fdd1a823513df3a8b1d/w60/h34
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35b7ad540c7293df5e10c7d472d04c1cedff4da5df05f6e976307225c53efb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 96.993ms
cf-cache-status: HIT
age: 9080
cf-polished: qual=85, origFmt=jpeg, origSize=1023
content-length: 930
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 36.936ms
last-modified: Wed, 24 Nov 2021 23:17:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 01 Dec 2021 23:17:55 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a6f8e7d40cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 01:48:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 02:01:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 02:01:43 GMT

GET
H2 200 jquery.min.js Show response
www.news9.com/js/ 85 KB
30 KB 214ms
214ms Script
application/javascript 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/jquery.min.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"15283-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-timestamp: 1637805703559
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: vnZsIhLMsvw8GPAflMyztBWnm9QxF88YiPpfRhN836d8vnuoJcQ1IQ==

GET
H2 200 bootstrap.min.js Show response
www.news9.com/js/ 36 KB
10 KB 206ms
205ms Script
application/javascript 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/bootstrap.min.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"90b5-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-timestamp: 1637805703552
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: KbG5_qjHdc3c4LfYz1DkIDJwAAYi545FbbCmvbJTKIHCvhHrPLBtog==

GET
H2 200 fa-solid-900.woff2
www.news9.com/webfonts/ 74 KB
75 KB 318ms
318ms Font
font/woff2 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/webfonts/fa-solid-900.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 76084
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"12934-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1637805703668
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: LU6AxNq7Ck1-4eaPIc87tffXGS4VlM-gk2kDOA51ZHPjB2k4DGyL8w==

GET
H2 200 glyphicons-halflings-regular.woff2
stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 64ms
25ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 1391877
cdn-cachedat: 2021-07-24 16:51:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ad653950992d5df1cd4466ddf06bf11b
accept-ranges: bytes
cf-ray: 6b374a6e8a6e59bf-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fa-brands-400.woff2
www.news9.com/webfonts/ 74 KB
75 KB 209ms
208ms Font
font/woff2 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/webfonts/fa-brands-400.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 75936
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"128a0-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1637805703604
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: 5yjk3BqBuVxUhBNJpN_UndYCIfzOuryNx0oGpdjvsbd9IoLYMQfxLw==

GET
H2 200 fa-regular-400.woff2
www.news9.com/webfonts/ 13 KB
14 KB 199ms
199ms Font
font/woff2 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/webfonts/fa-regular-400.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 13576
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"3508-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1637805703594
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: OrUejtr0tq_YdVaMvANpGRek3ZUnAsVyTmTrq6R9wnFbu5prrjYwbQ==

GET
H2 200 hbw_master_311442_8088.js Show response
player.mediafuse.com/prebidlink/454946/ 82 KB
27 KB 7ms
7ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.mediafuse.com/prebidlink/454946/hbw_master_311442_8088.js
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/wrapper_hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 80601538a0ee8a547d5a71ffd7569443c3018ed64a7db33c061dfaac73444582

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 23:37:01 GMT
server: nginx
etag: W/"619ecc9d-146fe"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 25 Nov 2021 03:01:43 GMT

GET
H2 200 7ca.js Show response
sync.medidexs.com/ps/10/ 42 KB
16 KB 29ms
7ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.medidexs.com/ps/10/7ca.js
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hbw_master_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a686f16433a3735348ef810653ed942515cb211def2fcb735bd6fd6460897efa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 15:45:11 GMT
server: nginx
etag: W/"619bbb07-a8b2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 25 Nov 2021 03:01:43 GMT

GET
H2 200 170 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 627ms
218ms Script
application/javascript 52.27.221.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/170
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hbw_master_311442_8088.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.27.221.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-221-5.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 6594ba22d79685e83a0727d5dc34bab12a4be3ebd81e245a0f97518f2760fd13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: nginx/1.18.0
content-length: 3283
content-type: application/javascript

GET /
hb.mediafuse.com/geo/ 0
0

GET tracking
hb.mediafuse.com/adunit/ 0
0

GET
H2 200 v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX Show response
voraciousgrip.com/ 644 KB
115 KB 353ms
316ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

4b9645f8baee2847565faefbec2f3b6af42520ca254ec02fe4072f7880472e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "b80711e60616d3d385a7148dbf052b208eeb0f25b3e49d7fc7c47e69f6f5d7f2"
vary: Accept-Encoding, Accept-Language
x-hostname: 26187baf
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 25 Nov 2021 02:01:43 GMT
timing-allow-origin: *

GET
H2 200 v2oqaSX2gQYQX9cIy3WeInyz3wRS9LEToHCR04q6dBtcVSYbAZ2eIn_laN9OwVyuL_mhUAwgLQm1Ds8xhpw Show response
voraciousgrip.com/ 16 KB
6 KB 212ms
205ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2oqaSX2gQYQX9cIy3WeInyz3wRS9LEToHCR04q6dBtcVSYbAZ2eIn_laN9OwVyuL_mhUAwgLQm1Ds8xhpw

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

222e98227d55604801023dd64bb7df837858f8caa80840cdce8ebc3f88a2785b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "a5a32f13f0f7ea6ffcf7a978b88c2afb699cd86952aec8af7ad8d88f23b904f3"
vary: Accept-Encoding, Accept-Language
x-hostname: 26187baf
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 25 Nov 2021 02:01:43 GMT
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
58 KB 45ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e29676f8ca9a2e43ae3e1be9fdd6125dfa223947b54490692078bc265c5c62f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58604
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Nov 2021 02:01:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 476515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 30ms
12ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 29124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3636
date: Thu, 25 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Nov 2021 03:01:07 GMT

GET
H/1.1 200
OK cs.js Show response
c.jsrdn.com/s/ 82 KB
27 KB 151ms
56ms Script
text/javascript 54.171.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jsrdn.com/s/cs.js?p=22999
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXTXTZN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-114-180.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 8d59f2c7986bc73bf37e3da9d7d9a0cbf7686dede1cb5a1649c43569848bde6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 02:01:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Sep 2021 07:57:24 GMT
Server: Apache
ETag: "40b88-146b6-5cb12a657a349"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 27163

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15283051&ns__t=1637805703641&ns_c=UTF-8&c8=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&c7=https%3A%2F%2Fwww.news9.com%2Fstory...
https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1637805703641&ns_c=UTF-8&c8=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&c7=https%3A%2F%2Fwww.news9.com%2Fstor...

0
221 B

8ms
8ms

Image
text/plain

13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1637805703641&ns_c=UTF-8&c8=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&c9=
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Server: 13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: Swnod46ZDNsUznwRxccilBlO6cb02Zad1c9zfRYGWFC1Gn3GS436jQ==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 25 Nov 2021 02:01:43 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=15283051&ns__t=1637805703641&ns_c=UTF-8&c8=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&c9=
content-length: 311
x-amz-cf-id: zOK3sJzqkA2gYpJsBhTH7Y9_C2ar2-K1fMhetHve0rIJAeBVH9omDQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1708685698&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&ul=en-us&de=UTF-8&dt=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=268724794&gjid=518967510&cid=1223548984.1637805704&tid=UA-572554-6&_gid=1813245467.1637805704&_r=1&gtm=2wgba1NXTXTZN&z=85645460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-572554-6&cid=1223548984.1637805704&jid=268724794&gjid=518967510&_gid=1813245467.1637805704&_u=YEBAAEAAAAAAAC~&z=561902470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Nov 2021 02:01:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279934/ 9 KB
4 KB 42ms
13ms XHR
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279934/config.json?cb=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 673f0c4c6e9d4401fa7177b57c167202af447ce04228a063e161273d2f2ffe6a

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 00:02:54 GMT
server: nginx
etag: W/"619ed2ae-223f"
content-type: application/json
access-control-allow-origin: https://www.news9.com
expires: Thu, 25 Nov 2021 03:01:43 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 392 KB
114 KB 104ms
35ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6a424d31fddf83e59bf6bef7e76582aa3ef2730c06e3b165f9bde255058b48c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 02:01:43 GMT
Content-Encoding: gzip
x-amz-request-id: E3XBPCRTPCB32A2M
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: H1WnUM2PwmWQdQVJj3SiPUegdaeprnnj6QtU3hoA2bC2xQiCUMtSS8HBvylp5dmO3W/T5JPesIs=
Last-Modified: Mon, 22 Nov 2021 15:34:51 GMT
Server: AmazonS3
ETag: "b489e5637690868ad25671ac98727a6c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 633491626353f3bc92fe906326f2c125cbddba5d Show response
player.field59.com/v4/vp/kwtv/ 5 KB
3 KB 279ms
218ms Script
application/javascript 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/v4/vp/kwtv/633491626353f3bc92fe906326f2c125cbddba5d
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32677b68d6c321a220fe682ec250d504cefc7827c97d2d4e590dc6f8369c6111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 25 Nov 2021 01:35:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 25 Nov 2021 02:16:44 GMT
cache-control: max-age=600, public, s-maxage=600
cf-ray: 6b374a713bda4001-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 9bb268a0ed4684bf8eb73218b0bb90a3179cc086 Show response
player.field59.com/v4/vp/kwtv/ 5 KB
2 KB 280ms
221ms Script
application/javascript 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/v4/vp/kwtv/9bb268a0ed4684bf8eb73218b0bb90a3179cc086
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73bef7e87ab472fb1917b6b058f194f2d653aa81e1419f8f6d5274f43c0ae40b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 25 Nov 2021 01:35:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 25 Nov 2021 02:16:44 GMT
cache-control: max-age=600, public, s-maxage=600
cf-ray: 6b374a714bdb4001-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 656 KB
155 KB 44ms
11ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2b72404d0447a03b0deaf4540927edf76316826bf854723de522c9e7c089825

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: rrDT5MDDnfzgZg3GrNrYSHelDwPUKCxC
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:55:09 GMT
server: AmazonS3
age: 11
etag: W/"a69f826ff8909635f10e99216ef7c6c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Thu, 25 Nov 2021 02:01:32 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: JR3bdyDDdwONI_je8vGVLjZkAzgQ9p34FauUUgwCwwKqCWJl6wggCw==

GET
H2 200 zipInput.ejs Show response
www.news9.com/views/partials/ 648 B
1 KB 112ms
111ms XHR
application/octet-stream 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/views/partials/zipInput.ejs

Requested by

Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

320e48973b75574afce198236b2ee06ff1a93843f870334dba25cd7f837af6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 648
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"288-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: E3A7ZNRTiq6c8wN6gpzP5aR3nCwD2aqJ4-KRRvb0FYlg_3tQXVIvsQ==

GET
H/1.1 200
OK 73179 Show response
baron.kwtv.com/reports/metar/zip/ 1 KB
1 KB 513ms
99ms XHR
application/json 54.84.153.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baron.kwtv.com/reports/metar/zip/73179
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.153.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-153-193.compute-1.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: ce831fb353ac6f0ec90bfed0eb0dda5ce18a38acdc95bcc4d404d4871e36cc40

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 02:01:44 GMT
Content-Encoding: gzip
ETag: W/"466-CQWrHO0xecEK2dJVQ3D2oWRy048"
Server: nginx/1.12.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=60
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 633

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 67ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 25 Nov 2021 02:01:43 GMT
x-host: s7.addthis.com
content-length: 116382

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 50ms
21ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-572554-6&cid=1223548984.1637805704&jid=268724794&_u=YEBAAEAAAAAAAC~&z=741006989

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 49ms
20ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-572554-6&cid=1223548984.1637805704&jid=268724794&_u=YEBAAEAAAAAAAC~&z=741006989

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/griffin-news9/ 449 KB
37 KB 137ms
117ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/griffin-news9/loader.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69ed89c2dfc6eb6593d9c11103d07edf68b6aa1d509e3a65bdc1ac883e3874ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: as9ZVkMgNnX8qdRLPCishM4GxoxsdxQG
content-encoding: gzip
etag: "d457173bbfc74a9d6bf315cafad0a73e"
age: 0
x-cache: HIT
content-length: 37021
x-amz-id-2: XUH1PrdD0Ja6RE4APTWnWVW4AokrX+UsC880h662cC7QJXCwDOOpqsUQnNe007pxvrXNdvUgrzQ=
x-served-by: cache-hhn4030-HHN
last-modified: Wed, 24 Nov 2021 10:40:07 GMT
server: AmazonS3
x-timer: S1637805704.857885,VS0,VE111
date: Thu, 25 Nov 2021 02:01:43 GMT
vary: Accept-Encoding
x-amz-request-id: NHZNPED95CGKGX81
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 39
x-cache-hits: 1

GET
H2 200 h180
redirect.field59.com/video/thumb/633491626353f3bc92fe906326f2c125cbddba5d/w320/ 10 KB
10 KB 113ms
113ms Image
image/jpeg 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/633491626353f3bc92fe906326f2c125cbddba5d/w320/h180
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1235bad3461d90b834f1380fba5e3ce0c1ac4b62923006a6c4f4233b38c1d55e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
x-image-transform-time: 59.98ms
cf-cache-status: HIT
cf-polished: origSize=10180, status=webp_bigger
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.359ms
last-modified: Wed, 24 Nov 2021 12:56:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 01 Dec 2021 12:56:24 GMT
cache-control: max-age=604800, public, s-maxage=604800
cf-ray: 6b374a71082340cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 30ms
8ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22999
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 02 Dec 2021 02:01:43 GMT

GET
H/1.1 200
OK 1.js Show response
s.jsrdn.com/s/ 0
563 B 171ms
68ms Script
text/javascript 54.77.51.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.jsrdn.com/s/1.js?p=22999&r=3s6s&k=dmMJMjAyMTAxMjUJdQlkYmU3ZmU1MS0yYmM5LTQwM2UtOWNiOS0wNTE0MjBkNjc3OTgJdW4JMQl2CTdhODlkMzljLTdlMTUtNGE2Ni1hNzg0LTBhYjVmNjVjZTQ4NAl0Zwljcy5qcwlidAkyMDIxLTExLTI1VDAyOjAxOjQzKzAwOjAwCWRjCXV0Zi04CWJsCWVuLXVzCWJmCTMJZHcJMTYwMAlkaAkxMjAwCWJjCTEJYnAJMQliZAkyNAlidwkxNjAwCWJoCTEyMDAJZglodHRwczovL3d3dy5uZXdzOS5jb20vc3RvcnkvNjE5N2UyNjkwM2NkMWYwYzBmY2E1ZmRmL3dhdGNoOi1hcnZlc3Qtd2ludGVyZmVzdC10by1raWNrLW9mZi1pbi1kb3dudG93bi10dWxzYS0JdWQJCXBiCTAJcHYJMAlwcQkwCWN3CQlhY3IJdW5kZWZpbmVkCWRyCQlrdwl3YXRjaCBhcnZlc3Qgd2ludGVyZmVzdCBraWNrIGRvd250b3duIHR1bHNhCXByZgl1bmRlZmluZWQ
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22999
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.51.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-51-122.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:44 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 20
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 233 B
576 B 73ms
34ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: e75c387c3861cf2e96a55bfed9c075e90b33f12f7ed1f5d19c96ee45d93fa858

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:43 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 233
Expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
379 B 571ms
372ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 275
vary: origin, Accept-Encoding

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 4 KB
3 KB 122ms
77ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 72f235433161ea0cf2dbf1adc8d1e5ab74acd22928b110a4197d02f0efec3f40

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-openrtb-version: 2.3
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
333 B 472ms
117ms XHR
application/json 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.news9.com
Date: Thu, 25 Nov 2021 02:01:44 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 31
Content-Type: application/json; charset=utf-8

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
379 B 46ms
23ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=669b0279-a0ed-448c-a60e-6b887104af0b%2Ca514affd-3a89-41bd-bb9d-e8227926e074%2Cd7d312f7-3c4f-4410-bf2a-5992731fec12&nocache=1637805703898&pubcid=afefe99b-f816-46ed-af90-206446cd6d3f&schain=1.0%2C1!adtelligent.com%2C311442%2C1%2C%2C%2C&aus=728x90%7C300x250%2C300x600%7C216x36&divids=header-ad-container-lg%2Cad-container-1%2Cad-container-0&aucs=%2C%2C&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 3950d1e388ce27da40fba3e5f6487e17e77263cda84668dd3897ca977f0b1108

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.news9.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
240 B 365ms
91ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.news9.com
Date: Thu, 25 Nov 2021 02:01:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
909 B 300ms
98ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
291 B 105ms
59ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd44913c00b7&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ed54c0ae4ca8f8ff3681fe15ae558dfcd8227e94fa1a3c82e162f4393e66fe25

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 116ms
70ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd448e7c00b6&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 94f5b5b388c4ec894c739e140d7ac619000744f5ad134f37196711f85b6648fa

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 113ms
67ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a969d82017575bc3922bd448f6c00a6&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 83cb67864b0c8eaab9b1050884b82b0c5becab32d0e707e28366ba86b89c6747

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 118ms
72ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a969d82017575bc3922bd44923c00a7&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 8fa30542bf685cdb924f53b6b1225bc64628080191c9e8a4baa4988696988701

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
65ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a9690f1017575bc3e53bd448da000a0&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 90bdc9c1d8a5dc0421ba323867d2409fb830b3fdb3612e50f455e86c7a9fc966

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 112ms
66ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd448bd500b5&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: abbe756a6737a9739b5be51eebfe7a89d3db8a24f327e98cbb422d90ba0d2019

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 106ms
60ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a9690f1017575bc3e53bd44905600a1&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: af3c6ad816a37d85bc797523815f833f6e0c997fcb5726a918fd7417b4d0bf40

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 103ms
60ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d82017575bc3922bd15f02b0020&pos=8a9690f1017575bc3e53bd44932900a2&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: fb955bf42c9817465d4df126c6836e0fd5bb57e2b37e38281ca64a1215122355

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 121ms
77ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d82017575bc3922bd15f02b0020&pos=8a969d82017575bc3922bd448cbe00a5&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 134000bc474cfa398e5c84b7c210a70d52743769f48ed4470d2f85cf9d380392

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
68ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd44913c00b7&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: efdfb5bb2d5d705028e76bb88094ce82751083667aa1e113ece7d75a91a950ba

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 117ms
74ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd448e7c00b6&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 822b2d9a8657e5d378641c4f6d94f71e5bb839492109ae079326413131073c07

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 106ms
63ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a969d82017575bc3922bd448f6c00a6&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2d77fc02330ac49356623756806e6bbfa94aae1b8bc7b1b426c93c1255007631

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
68ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a969d82017575bc3922bd44923c00a7&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: eb9b2f6eb930b8366b2706fc77474a1abce5d9ae2fcc1e90a4f1f1bd8be670f2

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 108ms
65ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a9690f1017575bc3e53bd448da000a0&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 1c0d9024da2473bb63130b2d0935294f9e7a227465ec9c76359652653426de14

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 112ms
70ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd448bd500b5&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 37c38f52c8e719592c34edf2e2a316c79816de3aaaaaa294e85a75ab24df8e06

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 102ms
59ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a9690f1017575bc3e53bd44905600a1&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 32674304623cff29b77e90c303d394d81be78fcfb7dbf68d4c1ddbc4ab584f57

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 128ms
85ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d82017575bc3922bd15f02b0020&pos=8a9690f1017575bc3e53bd44932900a2&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 89d4a8af51026c0f55a5f5d8f07a71f883b9a210b12fbdb8a0439da1534c0f5c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 110ms
68ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d82017575bc3922bd15f02b0020&pos=8a969d82017575bc3922bd448cbe00a5&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c1ebc73ad4ac6af6dfdc049158d6c38875d080527a1f3c07f753e17a2b5a8cd9

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 119ms
77ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd44913c00b7&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 8cb232efac7b5ed5be1481555f32d1e27e5297870b41d5ac04f167725dc9fd39

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 115ms
73ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd448e7c00b6&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d7ee693d731ccec6b88e44fd405fd9b6b662ad31a8217309b5c2fa261a6b2176

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
69ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a969d82017575bc3922bd448f6c00a6&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 1528d9f2cf3bc47fe68df73fab96c0da113c958a1c2c41d76186ba60ba78c042

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 112ms
70ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a969d82017575bc3922bd44923c00a7&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4e27e6c7d9b541697fa5726f3b214ee454c7ca66547298aff4289ca8f1e321ec

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 115ms
73ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a9690f1017575bc3e53bd448da000a0&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: bd66449ad1c15e314ce865c32f46abc0a2771188f89697609655804bafc05a80

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 108ms
66ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd448bd500b5&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6b18edaf9e9c6513d4ca4fd3b3dcc45d02466da02e7b8ee33e03909468bd3dad

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 103ms
62ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a9690f1017575bc3e53bd44905600a1&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 74cce4dce8fe1ecd160646775e0d025b1af701454c7f93e6ca94327709614c80

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 127ms
86ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d82017575bc3922bd15f02b0020&pos=8a9690f1017575bc3e53bd44932900a2&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 17eb924d22900560a7bf80b118c400137df8af1e4047886890db98a52b8d3958

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 121ms
80ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d82017575bc3922bd15f02b0020&pos=8a969d82017575bc3922bd448cbe00a5&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 3ec14db7ebe78d1451de872a3fe1227bc129e1b6b5300e294f80d4977da0a0aa

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
175 B 297ms
102ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:44 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
695 B 45ms
15ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:43 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3c34d4bd-9bbc-45bb-afeb-8032c320db12
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/214892/0/ 0
169 B 55ms
16ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/214892/0/mvo?z=1r&hbv=5.20,2.1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
pragma: no-cache
date: Thu, 25 Nov 2021 02:01:43 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
695 B 44ms
16ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:43 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 46aa3ddc-f1f0-4673-92a4-68e00b3dec7b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
695 B 50ms
22ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:43 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4b6d4a34-eb5f-4464-b462-8f1503e18614
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 455 B
614 B 137ms
62ms XHR
application/json 52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5639
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5fff2ea18e128fd267f278d114bc3015eebff72ff3a53d2c799c8b6072b83205

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.news9.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
746 B 112ms
70ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.20.0
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 6978d6ed9f35481ca4ecbea829edf97a546383281f1f3f6b75605004829db3ab

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 25 Nov 2021 02:01:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.news9.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
283 B 78ms
24ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
cf-ray: 6b374a71da1a3b07-CDG
access-control-allow-headers: Content-Type, Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 43ms
11ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.news9.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
695 B 46ms
15ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:43 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c555d1aa-2393-4ffc-8f1d-d7a29b2358e0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 v2
api.viafoura.co/v2/www.news9.com/bootstrap/ Frame 0
0 322ms
103ms Preflight 2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.news9.com/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.news9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: nginx/1.18.0 (Ubuntu)
expires: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: max-age=0
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-max-age: 1728000

POST
H2 200 v2 Show response
api.viafoura.co/v2/www.news9.com/bootstrap/ 6 KB
3 KB 351ms
146ms XHR
application/json 2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.news9.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d18aa1defb6c903d276ee46db5caa5d24ef221c2f8dcf8aefff9b5ab7bddad2a

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-076dca5aa0004bbeb
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.news9.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Thu, 25 Nov 2021 02:01:44 GMT

GET
H2 200 rules-p-w9vzu-sGKCA0U.js Show response
rules.quantcount.com/ 3 B
427 B 24ms
6ms Script
application/javascript 2600:9000:211e:7000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-w9vzu-sGKCA0U.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 01:15:54 GMT
via: 1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
age: 2751
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:22:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: PL5cY1YfstUmD_IWT2bow7phs_kDc6RYAN1rXzE5y1ljh8ZAl0MfgQ==

GET
H2 200 acv.json Show response
voraciousgrip.com/ 210 KB
46 KB 44ms
19ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/acv.json

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
last-modified: Wed, 25 Aug 2021 16:19:29 GMT
x-datacenter: gce-europe-west1
date: Thu, 25 Nov 2021 02:01:44 GMT
vary: Accept-Encoding, Origin
x-hostname: 26187baf
content-type: application/json
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 60ms
7ms Image
image/gif 2600:9000:214f:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
age: 9539230
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: yoFPqVjIbJmd5mWN9P_GZMw9Vn_ZgZwJByLcTSSooDk1UDcjpb87Tg==

GET
H2 200 h180
redirect.field59.com/video/thumb/91f0b9b580e8afe7c5fa7d90d678e2a24396f5ec/w320/ 16 KB
16 KB 152ms
151ms Image
image/jpeg 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/91f0b9b580e8afe7c5fa7d90d678e2a24396f5ec/w320/h180
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abe28fd014f7f27af098a5935c489ff0eeeaa4fbe8fb6f9008c7ef8d2bf550f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
x-image-transform-time: 76.378ms
cf-cache-status: HIT
cf-polished: origSize=17144, status=webp_bigger
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.887ms
last-modified: Thu, 25 Nov 2021 01:21:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 01:21:21 GMT
cache-control: max-age=604800, public, s-maxage=604800
cf-ray: 6b374a7279ea40cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 h180
redirect.field59.com/video/thumb/24da51c9435ea979a22bf0a9e776b9b156185f49/w320/ 4 KB
4 KB 115ms
114ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.field59.com/video/thumb/24da51c9435ea979a22bf0a9e776b9b156185f49/w320/h180
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0f4e1f424aaa177397234687b72ab877e2f9c0967ccc7abe5d1593264acc18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
x-image-transform-time: 116.965ms
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=5450
content-length: 4256
x-ua-compatible: IE=Edge,chrome=1
x-db-lookup-time: 12.649ms
last-modified: Thu, 25 Nov 2021 01:15:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Dec 2021 01:15:49 GMT
cache-control: max-age=604800, public, s-maxage=604800
accept-ranges: bytes
cf-ray: 6b374a7279eb40cf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-bgj: imgq:85,h2pri

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 113ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=58005
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 603ms
379ms Script
text/javascript 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 9de1aa7a92b7804147226747e889a8b8493a0b1828a8a3ec45e2c3a601097605

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 1204
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 impl.20211124-11-RELEASE.js Show response
cdn.taboola.com/libtrc/ 612 KB
125 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211124-11-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/griffin-news9/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 15fd592c9c93ee2f5fc7ec099f10f6992144a31e2ac293e395a9fd44d14dba70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: FtRkgy69nIrrmqOdWUI6wpe1Vj.._8NF
content-encoding: br
etag: "0ade19cda2b4dc8d02f6d32e05469392"
age: 28306
x-cache: HIT
content-length: 128101
x-amz-id-2: V+Z2bDhTJWwtGRJu3Dhj1GGo4ZLppTX+NEqA/LujLjMycudfZQMruhW3ojBloiSAJ3IeK7x+iu0=
x-served-by: cache-hhn4030-HHN
last-modified: Wed, 24 Nov 2021 10:09:23 GMT
server: AmazonS3-br
x-timer: S1637805704.184899,VS0,VE0
date: Thu, 25 Nov 2021 02:01:44 GMT
vary: Accept-Encoding
x-amz-request-id: C679BPE3DTEEA85T
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 4
x-cache-hits: 7271

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 9ms
9ms Script
application/javascript 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/griffin-news9/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:26:23 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 161904
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -K7_MD1Tbz6xJnoCA2hETMeh1E1fySFjo1EJgwsOCLvYw2BIe1mEvA==

GET
H2 200 main-3b5198810c.css
player.field59.com/release-3.19.2/css/ 58 KB
11 KB 25ms
25ms Stylesheet
text/css 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/release-3.19.2/css/main-3b5198810c.css
Requested by: Host: player.field59.com
URL: https://player.field59.com/v4/vp/kwtv/633491626353f3bc92fe906326f2c125cbddba5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39f03985a4a6824d555bf6dde413e4a7e915869923da35d64392c0ca4d97c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Oct 2021 10:44:20 GMT
server: cloudflare
age: 491380
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6b374a733d904001-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires: Tue, 23 Nov 2021 19:01:28 GMT

GET
H2 200 html5_dfp-a83fa4d8f6.js Show response
player.field59.com/release-3.19.2/js/ 631 KB
182 KB 39ms
39ms Script
application/javascript 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/release-3.19.2/js/html5_dfp-a83fa4d8f6.js
Requested by: Host: player.field59.com
URL: https://player.field59.com/v4/vp/kwtv/633491626353f3bc92fe906326f2c125cbddba5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8245d54068174260617f2b2ab63635d08393dfb8ac9936c70ee2eea064cda9ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Oct 2021 10:44:20 GMT
server: cloudflare
age: 110904
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6b374a733d924001-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires: Tue, 30 Nov 2021 19:01:29 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 574ms
191ms Script
application/javascript 44.239.35.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.35.110 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-35-110.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 11:10:40 GMT
server: nginx/1.18.0
etag: W/"1637665840.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 25 Nov 2021 14:01:44 GMT

GET
H2 200 170 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 604ms
201ms Script
application/javascript 52.35.106.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/170
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.106.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-106-12.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: c193fa47a8ff355952cd825a6d96074f55614a4cc46e4b7046f12a7cf497bee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 11:08:12 GMT
server: nginx/1.18.0
etag: W/"1637665692.0-25886-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 25 Nov 2021 14:01:44 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D47cc46ab-cee2-4fde-a282-be2034432b9a%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&adnxs_id=3359715487119889352

43 B
563 B

547ms
217ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&adnxs_id=3359715487119889352
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 25 Nov 2021 14:01:44 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:44 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 357ac705-005d-4f6a-8f1d-322244a4b310
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&adnxs_id=3359715487119889352
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=47cc46ab-cee2-4fde-a282-be2034432b9a
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=47cc46ab-cee2-4fde-a282-be2034432b9a
https://ids.ad.gt/api/v1/t_match?tdid=c144686c-10ad-4762-8ca0-f48d7451bc40&id=47cc46ab-cee2-4fde-a282-be2034432b9a

43 B
568 B

407ms
214ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=c144686c-10ad-4762-8ca0-f48d7451bc40&id=47cc46ab-cee2-4fde-a282-be2034432b9a
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 25 Nov 2021 14:01:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=c144686c-10ad-4762-8ca0-f48d7451bc40&id=47cc46ab-cee2-4fde-a282-be2034432b9a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D47cc46ab-cee2-4fde-a282-be2034432b9a
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D47cc46ab-cee2-4fde-a282-be2034432b9a
https://ids.ad.gt/api/v1/pbm_match?pbm=F2279161-27CA-4DB3-AB90-A4AB4BFAB198&id=47cc46ab-cee2-4fde-a282-be2034432b9a

43 B
571 B

628ms
385ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=F2279161-27CA-4DB3-AB90-A4AB4BFAB198&id=47cc46ab-cee2-4fde-a282-be2034432b9a
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 25 Nov 2021 14:01:44 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=F2279161-27CA-4DB3-AB90-A4AB4BFAB198&id=47cc46ab-cee2-4fde-a282-be2034432b9a
date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=47cc46ab-cee2-4fde-a282-be2034432b9a
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=47cc46ab-cee2-4fde-a282-be2034432b9a&google_tc=
https://ids.ad.gt/api/v1/g_match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&google_gid=CAESEDJFsjEOQbCz59IgmlE5xiY&google_cver=1&google_ula=450542624,0

43 B
571 B

629ms
385ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&google_gid=CAESEDJFsjEOQbCz59IgmlE5xiY&google_cver=1&google_ula=450542624,0
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 25 Nov 2021 14:01:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&google_gid=CAESEDJFsjEOQbCz59IgmlE5xiY&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=47cc46ab-cee2-4fde-a282-be2034432b9a
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NDdjYzQ2YWItY2VlMi00ZmRlLWEyODItYmUyMDM0NDMyYjlh

170 B
188 B

17ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NDdjYzQ2YWItY2VlMi00ZmRlLWEyODItYmUyMDM0NDMyYjlh

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NDdjYzQ2YWItY2VlMi00ZmRlLWEyODItYmUyMDM0NDMyYjlh
date: Thu, 25 Nov 2021 02:01:44 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=47cc46ab-cee2-4fde-a282-be2034432b9a
https://ids.ad.gt/api/v1/ppnt_match?uid=UAdNmOYUayHc&ev=1&pid=562316&id=47cc46ab-cee2-4fde-a282-be2034432b9a

43 B
465 B

320ms
218ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=UAdNmOYUayHc&ev=1&pid=562316&id=47cc46ab-cee2-4fde-a282-be2034432b9a
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 25 Nov 2021 14:01:44 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://ids.ad.gt/api/v1/ppnt_match?uid=UAdNmOYUayHc&ev=1&pid=562316&id=47cc46ab-cee2-4fde-a282-be2034432b9a
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-544c4f9c45-pwpnq
expires: -1

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D47cc46ab-cee2-4fde-a282-be2034432b9a
https://ids.ad.gt/api/v1/mediamath_match?user_id=5bed619e-ee88-4b00-9845-e3356fa8b2c4&id=47cc46ab-cee2-4fde-a282-be2034432b9a

43 B
483 B

628ms
384ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=5bed619e-ee88-4b00-9845-e3356fa8b2c4&id=47cc46ab-cee2-4fde-a282-be2034432b9a
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 25 Nov 2021 14:01:44 GMT

Redirect headers

Date: Thu, 25 Nov 2021 02:01:44 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=5bed619e-ee88-4b00-9845-e3356fa8b2c4&id=47cc46ab-cee2-4fde-a282-be2034432b9a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 25 Nov 2021 02:01:43 GMT

GET
H2

200

beeswax_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=47cc46ab-cee2-4fde-a282-be2034432b9a
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=47cc46ab-cee2-4fde-a282-be2034432b9a&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=ABSCMU7DPd0AACqk6DCPLQ&id=47cc46ab-cee2-4fde-a282-be2034432b9a

43 B
477 B

214ms
214ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=ABSCMU7DPd0AACqk6DCPLQ&id=47cc46ab-cee2-4fde-a282-be2034432b9a
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 25 Nov 2021 14:01:45 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=ABSCMU7DPd0AACqk6DCPLQ&id=47cc46ab-cee2-4fde-a282-be2034432b9a
Date: Thu, 25 Nov 2021 02:01:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 204 b
sb.scorecardresearch.com/ 0
336 B 9ms
8ms Image
text/plain 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1637805704235&ns_c=UTF-8&cv=3.5&c8=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&c7=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&c9=
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: ZLby809pBAvGqzsTG2g07JyhgIwaUSQMo8AEjt1C8GCl2NjDZqK3Fg==
x-cache: Miss from cloudfront

GET
H2 200 fpicons.woff
cdn.field59.com/player/fonts/ 3 KB
4 KB 92ms
35ms Font
application/x-font-woff 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.field59.com/player/fonts/fpicons.woff
Requested by: Host: player.field59.com
URL: https://player.field59.com/release-3.19.2/css/main-3b5198810c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddaa0d52bb744fbadd01e0d802c1703e49d7650eeb66bded570111b6c9752528

Request headers

Referer: https://player.field59.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cf-cache-status: HIT
age: 1683372
cf-ray: 6b374a745a2435ef-MAN
content-length: 3040
x-amz-id-2: nOntZHZle9JUD2s7lFwLx4nLGNSxS5Z60O0/8lH2OsMAqDZM/KL6u3WyMiRmSOEphB3hUtUSpjo=
last-modified: Mon, 18 Apr 2016 20:34:41 GMT
server: cloudflare
etag: "725a886c5970c00ffa65a5d67df6e8d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-request-id: BFE3B74E7342085E
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-version-id: Rr4yR713iQpY_NTbPM11Z3Q_LeKl8mSf
accept-ranges: bytes
content-type: application/x-font-woff
expires: Thu, 25 Nov 2021 03:01:44 GMT

GET
H2 200 fp6_play_white.png
cdn.field59.com/player/ 3 KB
4 KB 44ms
44ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/player/fp6_play_white.png
Requested by: Host: player.field59.com
URL: https://player.field59.com/release-3.19.2/css/main-3b5198810c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d286e31993062c84db7d15274216bef3d70b38cf4e25439abe6e2834f12786ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.field59.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cf-cache-status: HIT
age: 1661385
cf-polished: origFmt=png, origSize=7587
last-modified: Tue, 15 Dec 2015 22:46:58 GMT
content-length: 3414
content-disposition: inline; filename="fp6_play_white.webp"
x-amz-request-id: 1D9DD37F315B85D5
x-amz-id-2: twpaJcFxpP3R53kx7Ai8k3jssfVTti2SnlCFtqQg9r9n+/ODnwB4Q7dLNX4rKauXI5C2SaBMM8E=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "98a1b8195b25ce442ea127ddeb0b2e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-amz-version-id: wFl7bOHWyEiYwrIqRQCGXEEKkkbsRATT
accept-ranges: bytes
cf-ray: 6b374a740c0fd208-MAN
expires: Thu, 25 Nov 2021 03:01:44 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: player.field59.com
URL: https://player.field59.com/release-3.19.2/js/html5_dfp-a83fa4d8f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1054 / 126 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Nov 2021 02:01:44 GMT

GET
H2 200 ima3.js Show response
s0.2mdn.net/instream/html5/ 368 KB
123 KB 79ms
18ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/html5/ima3.js

Requested by

Host: player.field59.com
URL: https://player.field59.com/release-3.19.2/js/html5_dfp-a83fa4d8f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ccb64cb52eff9e8c10713a938a73ec2461b8b1e71acef86c52cd7242c3b0090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125138
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Nov 2021 02:01:44 GMT

GET
H/1.1 200
OK cloudy.svg
griffin-communications.akamaized.net/baronIcons/day/ 534 B
818 B 19ms
19ms Image
image/svg+xml 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/baronIcons/day/cloudy.svg
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b991c1ea66dc32cad7cd6a7204502bb2f250bd6f572de06a875decfaf7abab90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 02:01:44 GMT
Last-Modified: Wed, 26 Jun 2019 16:04:35 GMT
Server: AkamaiNetStorage
ETag: "41d19645e397941aaea24db0fecae932:1580959042.855185"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 534

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 233 B
576 B 33ms
33ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 82872942670ff42dcfb0ef956ff55a8254ebb6a5f459340862136b466ba8f14b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:44 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 233
Expires: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/214892/0/ 0
169 B 16ms
16ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/214892/0/mvo?z=1r&hbv=5.20,2.1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
850 B 16ms
16ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:44 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fdecf52d-4a98-4a09-9175-d4fb9db775d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
303 B 96ms
96ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
746 B 77ms
77ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.20.0
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 74b76e212e893c2899d00c906e3645d682633ceea23f6a34e369f701d3b3a4b1

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 25 Nov 2021 02:01:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.news9.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
235 B 324ms
324ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 224
vary: origin, Accept-Encoding

GET
H3 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
101 B 28ms
18ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=eee81538-f34b-44e5-9f59-e965c4393e25&nocache=1637805704393&pubcid=afefe99b-f816-46ed-af90-206446cd6d3f&schain=1.0%2C1!adtelligent.com%2C311442%2C1%2C%2C%2C&aus=300x250&divids=field-59-companion-ad&aucs=&auid=541177132
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 713760822db9e6209e5d9f0c2bd386fa69b5de91cf79ba970e24318a3f7d3069

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.news9.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 62ms
60ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd44913c00b7&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 76011718680d039abf4f8a9c10e633658dbec8f84c146025ed36b1adbb9f239d

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 68ms
67ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd448e7c00b6&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ee58b25cc007e315b31d035f6bc66a8f81764590c4bf39777bf3c2088fd394f5

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 87ms
86ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a969d82017575bc3922bd448f6c00a6&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 246c42cd0cb013e03f8616c3f3f41b0e4a75ba722c6c883a91e5990cdddbd3a7

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 68ms
67ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a969d82017575bc3922bd44923c00a7&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: feec6e4629bdc113a4dcad659bb722feea16ddd23724c5c36cf8fb30089ce4d2

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 77ms
76ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a9690f1017575bc3e53bd448da000a0&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f38fe068544020288dbc729ab2e8e2f41e0fdc9236a32148846a2fd678cfd3f5

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 73ms
72ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a96940d017575bc4351bd448bd500b5&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: bbc90ca308f343ae84240d24d830836aa2da323edabf08e9f5e81d79b2468b28

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 61ms
60ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017575bc3e53bd15ef580015&pos=8a9690f1017575bc3e53bd44905600a1&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 39b113d2a49d58a3c68893b1913979187cdd407f8bcb17e344093d85b8ad4868

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
94 B 58ms
58ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d82017575bc3922bd15f02b0020&pos=8a9690f1017575bc3e53bd44932900a2&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: aa0cc96ef38973360d16ea89d3085e4d19af315405bffa2dc0dd61b3a0a46849

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 64ms
64ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d82017575bc3922bd15f02b0020&pos=8a969d82017575bc3922bd448cbe00a5&cmd=bid&secure=1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 84ca5d2510165bb299e1b16c802885394ef50136344eac023834ab9483ab2793

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
850 B 25ms
25ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:44 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e3cff889-0564-4884-9f0a-8079ef86176d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
59 B 24ms
24ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
cf-ray: 6b374a748bb03b07-CDG
access-control-allow-headers: Content-Type, Origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 455 B
604 B 81ms
81ms XHR
application/json 52.211.199.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10344
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5fff2ea18e128fd267f278d114bc3015eebff72ff3a53d2c799c8b6072b83205

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.news9.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 9ms
9ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.news9.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 5 KB
3 KB 62ms
62ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: bf15f38177d9c9cd104d3ad6f2af6c347eec35d74a615ba56a897ab6513d5fb7

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:43 GMT
content-encoding: gzip
x-openrtb-version: 2.3
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
175 B 96ms
96ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:44 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
333 B 120ms
119ms XHR
application/json 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.news9.com
Date: Thu, 25 Nov 2021 02:01:44 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 31
Content-Type: application/json; charset=utf-8

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
240 B 89ms
89ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.news9.com
Date: Thu, 25 Nov 2021 02:01:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
850 B 16ms
15ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:44 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b135b5c0-a8af-49e3-b691-d8291496d4fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
850 B 16ms
15ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 02:01:44 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b41ba0b7-a3d6-4680-b097-1fedccf2713a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.news9.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 thirdpartycookie Show response
api.viafoura.co/v2/www.news9.com/ 45 B
646 B 106ms
105ms XHR
application/json 2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.news9.com/thirdpartycookie?section=
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-05276ff9d601110c2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.news9.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Thu, 25 Nov 2021 02:01:44 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
101ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=7965478&ntv_pl=1073330
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
101ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=33681c34-3c3f-4cb2-b9c9-6ba7a7dcb7cd&ntv_fl=CF4se3gYGjAPzQcMJoAeWehIMXjYSzBiq7xgGoY77uI6P6fYQ5Phl3BijzTpViYUZG164W_mosjvzb1LdYqyXjiK_0sl-O8VtdGtBpmiZTZohq5_rBd-s3aXI-GrHOFHSLc2aFvkof8CkNA-qafGm3JxVYX7UxzSe--HTnr5FybH-Sfxq4x5G2Ded5ThzAoLDwNrcj082BBDu49FMSqeal6biocR8ZivCaBwMsQ0ZCj4pnP-nv4TCZtc6CwC_lbOfLXdap6JjsJYSZu1-1O3bg==&ntv_ht=iO6eYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAsmAQA&ord=1637805704748&ntv_dpl=1011,1050,1003,1019,101951,1006,1007&ntv_it
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 115ms
114ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=ca069111-c39a-4b9f-a079-0c7a2f595508&ntv_fl=CF4se3gYGjAPzQcMJoAeWYq7dU39QaYvEU0JUEmEHQvawqaSJV9MHSD3rQGShp9I90KOn3L2lqflqPeN4KjInUnGQhg061bF0kmIq1PptRQ6MD9gKu9f0VB4K3JG7xrfjTG4gmFar-unwe9Qx_43N4eDmJSaDFSPhicfOqLtix7ANbKb_uBkWRPttPDSY1qAFIa3adreLKpjopaF_V8Qzm8EfVqKqizFusaAWjPLkNOf6EUWUsXIbJkk5En8Z9TPwfDSIyFwG6-ZEPwAAKRgMw==&ntv_ht=iO6eYQA&ntv_at=303&ntv_a=AAAAAAAAAAwxwRA&ord=1637805704752&ntv_dpl=1027,1011,1028,1050,1003,1019,1038,101951,1006,1007&ntv_it
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 102ms
102ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1121475&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 intl-messageformat.fb96561e20469d7d1ffd.js Show response
cdn.viafoura.net/chunks/vendors~languages/ 17 KB
5 KB 7ms
7ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.fb96561e20469d7d1ffd.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed21abfa886775b7c7574549aa2f73bbfa790d41e45c33271ef18e57ef27b1a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:44 GMT
server: AmazonS3
age: 198386
etag: W/"dbe3ee0571f6691f6e220656a8d9a7fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: x3jP8K_tbUneg9p.60I._ygc_2wVtQf6
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: CWTsyGTze5g9WC2x9vVcLR3e7tl1WiEUbKOsSaUnmfWTS2enKY4iVw==

GET
H2 200 intl-messageformat.b1ccd467d47f4d2c1335.js Show response
cdn.viafoura.net/chunks/languages/ 134 B
561 B 8ms
7ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/intl-messageformat.b1ccd467d47f4d2c1335.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc1954c12721fcd9ad8b3551790887b9ac792d365de488a23bff2efe4611a2e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:18 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 18:54:51 GMT
server: AmazonS3
age: 198387
etag: "448617fd88b3245b84950e57e145ef01"
x-cache: Hit from cloudfront
x-amz-version-id: 9SzmR6m5MJYQd_UUe7yAjHiet17fkHr1
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 134
x-amz-cf-id: EOp1Ve3HW_XsvDPU8t4C-aPZM-dC4lwan5No7wPiz-PsGFuu33OKuA==

GET
H2 200 en-us-base-json.ab77cc21f7b8a678aae6.js Show response
cdn.viafoura.net/chunks/languages/ 19 KB
5 KB 7ms
7ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-base-json.ab77cc21f7b8a678aae6.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a142521c963aa85dcb971035ff05ddff5cc56cbce2b56dac1ee5d43e219b24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:49 GMT
server: AmazonS3
age: 198386
etag: W/"2e6f182c744800c438e7f8edd947c846"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: usDDbTol_XOiEXt8f36_p3kmnGc7BQsP
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: alqaKC7W4tN2AMSE3gBnwlg-YjUIsdjzhrMubTZICxE5TCaAlcH2Rg==

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
651 B 214ms
213ms Image
image/gif 52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=47cc46ab-cee2-4fde-a282-be2034432b9a&halo_id=0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 25 Nov 2021 14:01:44 GMT

GET
H2 200 vf-css.f654f0f668b0ae8db406.js Show response
cdn.viafoura.net/chunks/ 119 KB
17 KB 9ms
8ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vf-css.f654f0f668b0ae8db406.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 681697e0dc2243d1e62981c6875cf5b9cbf76ec136d8ea70ed0c1b0c2013f936

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:56 GMT
server: AmazonS3
age: 198386
etag: W/"5335931fc2b854ebb130b7fa9e670ce0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 22g7QAbI8KHkIIbhrQogkYdYQLTTwbgV
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: u365Ot-r4r9mKYgQ1nR3hiS9cUE8sjZKPde3AnkNjGcvNQ1S6-cs4g==

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 594ms
198ms Script
text/plain 54.191.177.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=20fe803606282dab73cd930ad9b68f4e&url=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.177.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-191-177-235.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Nov 2021 02:01:45 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 01:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 25 Nov 2021 02:48:28 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 01:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 25 Nov 2021 02:52:30 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
131 B 28ms
20ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D47cc46ab-cee2-4fde-a282-be2034432b9a
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/contentcontainer/ Frame 0
0 327ms
111ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/contentcontainer/id?container_id=story-6197e26903cd1f0c0fca5fdf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.news9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.news9.com
access-control-allow-methods: POST,PUT,GET,DELETE,PATCH
access-control-allow-headers: content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age: 43200

GET
H3 200 css
fonts.googleapis.com/ 16 KB
952 B 33ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 01:53:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 02:01:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 02:01:44 GMT

GET
H2 200 0.14315e14057ef1169f50.css
cdn.viafoura.net/ 85 KB
11 KB 7ms
7ms Stylesheet
text/css 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/0.14315e14057ef1169f50.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ec855206935e32d9ad48b5919e4c66b5f4366e04ab07fdade79bab9ff58033c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:18 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 18:55:09 GMT
server: AmazonS3
age: 198386
etag: W/"e49f659039883c906a18c5cf42510824"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Ezux0_QObxzDI_b3CdkX7_RXZK3xut_Y
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: ve_3PhiUq7QKh9b4XM8TtY8-3EZLOYW9CHA9m347odiRIVHadd7HWQ==

GET
H2 200 da.3f02e0eb7bb96bc84fb4.js Show response
cdn.viafoura.net/chunks/ 143 KB
34 KB 8ms
8ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/da.3f02e0eb7bb96bc84fb4.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dad2f241aa89fdc9cebe0090e9d0588dc1fa425c95dac52f0fba3a6f2a761fb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:18 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:55:01 GMT
server: AmazonS3
age: 198387
etag: W/"322e5d43127aef98744eb6581e409fcc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: M2VhLo2u.8JmDKlN_XBskZEhmpuxPRcs
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: tpOnVHXt-HrBur187hXhdmOamqgP5-Cn7ebxceUX_ZPoRx0dkCbu5Q==

GET
H2 200 134.8b79879f3451251f1383.css
cdn.viafoura.net/ 1 KB
856 B 10ms
10ms Stylesheet
text/css 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/134.8b79879f3451251f1383.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9e2fefadf988dca2c87bffd051ea7b25f02d776056128a8ce9b7970f55ca5b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:55:07 GMT
server: AmazonS3
age: 198386
etag: W/"e068adfaef403ad9a8968cf7eff6c96a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: pcI3kpYFi9K_HBcby4KCma7n3tCgoul9
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: 8pgz11Ibuzer9SBTFGA6M_6DG_PkGF7ce-SLpndVj2Fyl1f80rl1EQ==

GET
H2 200 tray-trigger.c4f5ea480b32b97b6616.js Show response
cdn.viafoura.net/chunks/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/tray-trigger.c4f5ea480b32b97b6616.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b4c71785b32b297ebb0bcd011b1f2e7e27ab7a58364b5f12abf16bf9c9dec0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:18 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:59 GMT
server: AmazonS3
age: 198387
etag: W/"0ba6fa5f73bee9e941b9e91c47b21981"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: jjE2wp.XZaLKktTXyxQRgllcGTgffQx_
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: JD27cMgcybK9LQPHNS4bgcAss5ETZ5zqGnDOWW74ONWFM76aFVv2Ag==

GET
H2 200 en-us-conversations-json.34ef9f47b7e72a8e5adb.js Show response
cdn.viafoura.net/chunks/languages/ 13 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.34ef9f47b7e72a8e5adb.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 410ede96574deff70f06480aa12ef5436affe93d2e611a728af16eafa082028d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:45 GMT
server: AmazonS3
age: 198386
etag: W/"04ce218492edcfa555a47f25eb2b739a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: wP93_OTMoXG7IyMYfee1ThE2UBv.YKG8
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: HQ9Ounw6xyRRGYFgf78kvT39xzQZo5yIcSpllRAxb0c4Ya08RAhq-g==

GET
H2 200 madops.min.js Show response
rdc.m32.media/ 60 KB
17 KB 163ms
128ms Script
application/javascript 35.227.246.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdc.m32.media/madops.min.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.246.163 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.246.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 /
Resource Hash: f3cd4dfe6f2850712e6284d9b7c39859d93c45a3aa9c60c3aa9f2fc6346a377b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:44 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 16:10:21 GMT
server: nginx/1.10.3
etag: W/"618405ed-f091"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
alt-svc: clear
via: 1.1 google
expires: Thu, 25 Nov 2021 02:16:44 GMT

GET
H2 200 en-us-trending_articles-json.0c764cd8ed589e7de78c.js Show response
cdn.viafoura.net/chunks/languages/ 1 KB
960 B 18ms
7ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-trending_articles-json.0c764cd8ed589e7de78c.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1238ba124c3b2d0da8185a42e18f5a17782378a1582ba6ee948c2564a620b2f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:49 GMT
server: AmazonS3
age: 198385
etag: W/"ac08e8a956fe2cfe0ca2cc3c48be47ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Bo4mVL_mLIYOI9F.w4nKrIL7XSZg00FF
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Jg0l4o3YpOJ-WYbJ6Y2ewAFzKuPIFPF7n3hg_s_D1SRuAgZZXCNVUA==

GET
H2 200 content_container-module-js.d3d178049d99658f5f79.js Show response
cdn.viafoura.net/chunks/vuex_store/ 2 KB
1 KB 13ms
7ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.d3d178049d99658f5f79.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39610e42b4615bc8ff36e4803a872df22a2da08bed3e2d57ee801042c69de97f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:54 GMT
server: AmazonS3
age: 198386
etag: W/"a1081cb9a8d111688e07277a867713f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: lpoNZ1bYA7FUXBp.n3ZIKnlC7g3khAkT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: liAZjRbGYIKnEJ9OrhxomvAOCnjp0etCUdqvPOa7UZPkBXDvZB7evA==

GET
H2 200 id Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/contentcontainer/ 762 B
462 B 118ms
109ms XHR
application/json 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/contentcontainer/id?container_id=story-6197e26903cd1f0c0fca5fdf
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: 868b8c26f4178f6aec1eed2e6c782df4f6393907b386fd4d0d0eacce8985487d

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 309
content-type: application/json

GET
H2 200 ingest
i.viafoura.co/v3/www.news9.com/ 67 B
325 B 323ms
106ms Image
image/png 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.news9.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1637805705%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1637805705%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%229ba8faba-509f-40ab-90ff-a78832100202%22%2C%22firstVisit%22%3A1637805705%2C%22previousVisit%22%3A1637805705%2C%22currentVisit%22%3A1637805705%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22section%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageImage%22%3A%22https%3A%2F%2Fcdn.field59.com%2FKOTV%2F633491626353f3bc92fe906326f2c125cbddba5d_fl9-360p_50.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22path%22%3A%22%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22title%22%3A%22Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22Arvest%20Winterfest%20kicks%20off%20on%20Friday%20in%20downtown%20Tulsa.%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%22f7270d45101b95c0453f998a9c70e0f4c43c1f4d%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22a8461cb9-9060-46f6-af4a-a53a7737c906%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-trending-articles%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 25ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 129584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:02:00 GMT

OPTIONS
H2 200 00000000-0000-4000-8000-64d101d2ef8e
livecomments.viafoura.co/v4/livecomments/ Frame 0
0 278ms
111ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e?limit=3&container_id=story-6197e26903cd1f0c0fca5fdf&reply_limit=2&sorted_by=newest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.news9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.news9.com
access-control-allow-methods: POST,PUT,GET,DELETE,PATCH
access-control-allow-headers: content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age: 43200

GET
H2 200 135.12a6f1c6e642186dd14a.css
cdn.viafoura.net/ 5 KB
2 KB 7ms
6ms Stylesheet
text/css 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/135.12a6f1c6e642186dd14a.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22b518a35f90caaf1b6055c7d21c3b79a03cfcf1a5aa9921a13de983ec143760

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:21 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:55:07 GMT
server: AmazonS3
age: 198384
etag: W/"cfaee6b202f4daa8fe1f08bc148fca0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 2nLgRNdTwUQNsseGPeCb.W2lvwuA8iZx
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: -CocavZ7eMRvdwy_cgOt7h16p78lgMO_TCn1UaZSBmkV4uPzwn_23g==

GET
H2 200 trending_articles_js.db90f92629b7fa928d09.js Show response
cdn.viafoura.net/chunks/ 17 KB
6 KB 7ms
6ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/trending_articles_js.db90f92629b7fa928d09.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d887e66ad63d76c740736e7ec9693e4fa6744ae21acf5fe2b10d5b5f2c2481d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:21 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:55:06 GMT
server: AmazonS3
age: 198384
etag: W/"66bd4991fce089fa1a17a9c40262f6cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: wpAX8nuR8f9zo4V8zGU5afc43wMfWJHY
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: aTTp4w1P4RUQ1V8T4eHT5G-0OiUo7oKU7r1F3qYbhsDMc3UQInKA0A==

GET
H2 200 trending_articles-module-js.d2c151b836fc94fe5ad5.js Show response
cdn.viafoura.net/chunks/vuex_store/ 3 KB
1 KB 13ms
12ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/trending_articles-module-js.d2c151b836fc94fe5ad5.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ff2c8c2ecaa4cbdfe068a718d666b0ad2cda8eb12e3c23fd112ebae73aa52a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:22 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:54 GMT
server: AmazonS3
age: 198383
etag: W/"fe3cbb01591164fc471d4bf452c0bb44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: CRjzgdgMjI0UmVOwstxwpU3ku8594UsX
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: EnvygRhVjvty-pWR_dSieP5VNPrYEuP0zGpUXaWLfOMAApvzRMMDmA==

GET
H2 200 vendors~chat_js~comments_js~liveblog_js.7b1af9e6b5a736bd9151.js Show response
cdn.viafoura.net/chunks/ 18 KB
6 KB 7ms
7ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~chat_js~comments_js~liveblog_js.7b1af9e6b5a736bd9151.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33bdb88e85e52a8bb699aa0f38b5b8ae377a3cdc6005ca4268bc9b38406822dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:55:04 GMT
server: AmazonS3
age: 198386
etag: W/"9a2d362fd3cca9781217bfd17b4679f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ctcIC0yL.9Pdn_2qvYdtc8Mso6s8UJFp
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: KSO8dF09eWym8mk57WKFNsrOWfG8jqWk9kiPHS2Q6O3yrM5j3s0U9g==

GET
H2 200 vendors~comments_js~liveblog_js.4e23dc6a55bb5e11ffb7.js Show response
cdn.viafoura.net/chunks/ 251 KB
58 KB 8ms
7ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~comments_js~liveblog_js.4e23dc6a55bb5e11ffb7.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebe95d28d7825cbc1c71b7a594d8e4424fb5af47b7ac5bf1f55e4f1c3e09cb12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 18:54:56 GMT
server: AmazonS3
age: 198386
etag: W/"9063cb3a05e3a7e760eae1a138cb14b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: SrbNQHDsAI9xU9Mls659.Am9.XC_pR9l
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: qpWKTAl7NCHorBLuWyiVzeSY0r0oQ4IM7Zp8MMTy84xzx0RFspA1aA==

GET
H2 200 4.dccc409ad8da4a31bb47.css
cdn.viafoura.net/ 4 KB
1 KB 12ms
11ms Stylesheet
text/css 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/4.dccc409ad8da4a31bb47.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea17174ab03f3417adac0c8fa031c71e97c16550a826b280fcb230dc943bf904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:55:07 GMT
server: AmazonS3
age: 198386
etag: W/"f99c58149f14f1578a384663ba93931e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: nm2T9agoaD_Catx5ueY9ejnKkXgaVK5J
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: -48_8gacLTRDzWlNWUOzGcpjZp5SeaXX7B3L7ATY6WiH05TRxFm8Yg==

GET
H2 200 default~chat_js~comments_js~liveblog_js.e1f01688125271aa50e7.js Show response
cdn.viafoura.net/chunks/ 14 KB
5 KB 13ms
12ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/default~chat_js~comments_js~liveblog_js.e1f01688125271aa50e7.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42411dfedafd18333e1a9771d9a248548d3b43e38fbf9e56b4b6312079292022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:58 GMT
server: AmazonS3
age: 198386
etag: W/"3b77bc50aab70587cd0685586d93e5b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 46T_Da_imDX2S2NQpYeiMH4RmDv9XlLW
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: agU8bygsBjFHjQ9tPUwKs-adVYnxudu74EBkBso8xNnWe6am2ulL6w==

GET
H2 200 31.fa661c971def5cf4658b.css
cdn.viafoura.net/ 68 KB
10 KB 13ms
13ms Stylesheet
text/css 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/31.fa661c971def5cf4658b.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e92cfb53bff5a2aaf2267a8d5d4345d040a8a847f8246712760d003be49ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:55:07 GMT
server: AmazonS3
age: 198386
etag: W/"8373b13a8086421b040f1f63333fd0c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: RcWLgcoFGgHlxSBZdfLGA0tBaH4BORzC
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: sV4cyKPIG443mH5X9W3KaPEP2wlb1BRyTwz5b_X4gXvmqoMqfLYScA==

GET
H2 200 comments_js.a486ea1daa3cef2c19cb.js Show response
cdn.viafoura.net/chunks/ 224 KB
43 KB 13ms
13ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/comments_js.a486ea1daa3cef2c19cb.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fedbec7003d35511c1021ce75cb0e2729d54704ff5527792c545777564dc706

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:58 GMT
server: AmazonS3
age: 198386
etag: W/"09e6fab1da3258463b63a44fb227782e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: pzLarNnyBnrrCCoXNDG1gqKkHIX64RqM
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: GopOxn5hZVCRRECpv4tI6u0VIjrAv_g9MD_dWjxf41q5ARNGok_CAg==

GET
H2 200 livecomments-module-js.49025e23e5a45e11b23f.js Show response
cdn.viafoura.net/chunks/vuex_store/ 30 KB
7 KB 14ms
14ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/livecomments-module-js.49025e23e5a45e11b23f.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85da2bbea9110c5d3984cb99f9a53bba19088d253dca492fea2035b491efb866

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:54 GMT
server: AmazonS3
age: 198386
etag: W/"abf85eaaf8400c5641ade7c3d78e40ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: o12pXzSgHtegJcG7VbsNzZgGfI6bszHE
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 2gKjLzMvm3ex3ipXAPDJ9sDaxMtXU7weHBYpPqFMqlVcGAdo1-OcSw==

GET
H2 200 content-module-js.be801b8216fa9725565e.js Show response
cdn.viafoura.net/chunks/vuex_store/ 11 KB
3 KB 15ms
15ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/content-module-js.be801b8216fa9725565e.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f3036522df5b7efb698138c80dc881afdbc0f48a9b86cbe522b1e2d6632c758

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:54 GMT
server: AmazonS3
age: 198386
etag: W/"dce3cdb27c5f5de669fa8ba0ec9c1e7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Er1fmlqCwT_XeYMdsNFiEk7YgkRgpZq5
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 8KOj5cUSg5A084WWAQAz-crmo8xdvpDOFxwqCqLkl-VdcPYPe7scQQ==

GET
H2 200 threads-module-js.a747a54dd8ee5e2621d4.js Show response
cdn.viafoura.net/chunks/vuex_store/ 12 KB
4 KB 15ms
15ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/threads-module-js.a747a54dd8ee5e2621d4.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e391695ef0597c3d3b3dce40cd456544f70d2bec9df1d0eef12865d3d310258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:55 GMT
server: AmazonS3
age: 198386
etag: W/"7f1d72e3b9037eb106c275e1c96e5542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: sJhnHF8jkpuznnmhWsvE3x3pVQMXyRSN
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: uDW99YGlVArMH46du0M_oWliyzw-JN7hEAiUepzManMIeT_emFyIxg==

GET
H2 200 interaction-module-js.95f3f9fa2db67c8e7ae0.js Show response
cdn.viafoura.net/chunks/vuex_store/ 1 KB
1 KB 15ms
15ms Script
application/javascript 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vuex_store/interaction-module-js.95f3f9fa2db67c8e7ae0.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f538fa1219672539d3355f1e0a11cc08bcedbfa2e2c61d38264974d5441f43e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 18:54:54 GMT
server: AmazonS3
age: 198386
etag: W/"85139ed63add07f16d0ac49600c4225f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: xVnOEna7PUM6Vlvw04Mtl_WDgri5WZRn
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: gFprOsIOpb4sc6ify9qondsv5aSuPy8F1pCRZlya9KDMSWExpyTyqQ==

GET
H2 200 00000000-0000-4000-8000-64d101d2ef8e Show response
livecomments.viafoura.co/v4/livecomments/ 877 B
495 B 133ms
124ms XHR
application/json 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e?limit=3&container_id=story-6197e26903cd1f0c0fca5fdf&reply_limit=2&sorted_by=newest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: 9e163bce3efc4f9e0c6f0dce7f53eb5be9c3fa2e328a57dc658be74792b733d4

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 342
content-type: application/json

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1708685698&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&ul=en-us&de=UTF-8&dt=Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEIZAAAAAC~&jid=986427046&gjid=134382729&cid=1223548984.1637805704&tid=UA-87198801-1&_gid=1813245467.1637805704&_r=1&_slc=1&cd1=47cc46ab-cee2-4fde-a282-be2034432b9a&cd2=none&cd3=170&cd4=www.news9.com&cd5=%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&cd6=Passive%20Tagger&cd7=20fe803606282dab73cd930ad9b68f4e&z=425617634

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 loaded
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-64d101d2ef8e/indicator/ Frame 0
0 308ms
100ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-64d101d2ef8e/indicator/loaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.news9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.news9.com
access-control-allow-methods: GET,POST,DELETE,PUT,PATCH
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type
access-control-max-age: 43200

POST
H2 202 loaded Show response
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-64d101d2ef8e/indicator/ 0
131 B 106ms
106ms XHR
application/json 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-64d101d2ef8e/indicator/loaded
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:45 GMT
access-control-allow-credentials: true
content-length: 0
content-type: application/json; charset=utf-8

GET
H2 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9184 580 KB
191 KB 52ms
8ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Tue, 23 Nov 2021 05:05:22 GMT
expires: Wed, 23 Nov 2022 05:05:22 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 161783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Nov 2021 02:01:45 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 41ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87198801-1&cid=1223548984.1637805704&jid=986427046&gjid=134382729&_gid=1813245467.1637805704&_u=aGDAAEIZAAAAAC~&z=1513160657

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Nov 2021 02:01:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 02EB 580 KB
190 KB 28ms
17ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Tue, 23 Nov 2021 05:05:22 GMT
expires: Wed, 23 Nov 2022 05:05:22 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 161783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 trending Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/ 5 KB
2 KB 111ms
103ms XHR
application/json 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/trending?limit=6&content_container_window_days=7&content_window_hours=1&sorted_by=total_visible_contents
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: 665c36531e407cef6fc83199d674290587eb488cb5ad024ea81aca2240face57

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 1857
content-type: application/json

OPTIONS
H2 200 trending
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/ Frame 0
0 139ms
111ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/trending?limit=6&content_container_window_days=7&content_window_hours=1&sorted_by=total_visible_contents
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.news9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.news9.com
access-control-allow-methods: POST,PUT,GET,DELETE,PATCH
access-control-allow-headers: content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age: 43200

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4928 37 KB
13 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 01:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Nov 2021 02:11:20 GMT

GET
H2 200 all Show response
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-64d101d2ef8e/ 36 B
222 B 116ms
104ms XHR
application/json 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-64d101d2ef8e/all
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 59
content-type: application/json; charset=utf-8

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:58:32 GMT
x-content-type-options: nosniff
age: 28993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:58:32 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 51ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=1223548984.1637805704&jid=986427046&_u=aGDAAEIZAAAAAC~&z=1507582999

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
20ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=1223548984.1637805704&jid=986427046&_u=aGDAAEIZAAAAAC~&z=1507582999

Requested by

Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EBAC 37 KB
13 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 01:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Nov 2021 02:11:20 GMT

GET
H2 200 custom.json Show response
rdc.m32.media/adops/custom_files/news9.com/ 2 KB
1 KB 153ms
118ms XHR
application/json 35.227.246.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdc.m32.media/adops/custom_files/news9.com/custom.json
Requested by: Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.246.163 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.246.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 /
Resource Hash: f09e1e93305a6e61e269c200c4a5e8770750e0f9f9a1bedaa540de2c27c4bd52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 10:35:48 GMT
server: nginx/1.10.3
etag: W/"619e1584-97c"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900
alt-svc: clear
via: 1.1 google
expires: Thu, 25 Nov 2021 02:16:45 GMT

GET
H2 200 ingest
i.viafoura.co/v3/www.news9.com/ 67 B
324 B 106ms
106ms Image
image/png 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.news9.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1637805705%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1637805705%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%229ba8faba-509f-40ab-90ff-a78832100202%22%2C%22firstVisit%22%3A1637805705%2C%22previousVisit%22%3A1637805705%2C%22currentVisit%22%3A1637805705%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22section%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageImage%22%3A%22https%3A%2F%2Fcdn.field59.com%2FKOTV%2F633491626353f3bc92fe906326f2c125cbddba5d_fl9-360p_50.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22path%22%3A%22%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22title%22%3A%22Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22Arvest%20Winterfest%20kicks%20off%20on%20Friday%20in%20downtown%20Tulsa.%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%22f7270d45101b95c0453f998a9c70e0f4c43c1f4d%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22a8461cb9-9060-46f6-af4a-a53a7737c906%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-trending-articles%22%2C%22vf-tray%22%5D%2C%22content_container_uuid%22%3A%22869887f6-d96b-4dad-8d40-b5fc0542473a%22%2C%22content_container_type%22%3A%22comments%22%2C%22widget_type%22%3A%22vf-conversations%22%2C%22v%22%3A1%2C%22event_type%22%3A%22analytics.container.load%22%7D
Requested by: Host: www.news9.com
URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 comments Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/869887f6-d96b-4dad-8d40-b5fc0542473a/ 38 B
216 B 110ms
108ms XHR
application/json 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/869887f6-d96b-4dad-8d40-b5fc0542473a/comments?limit=3&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 64
content-type: application/json

OPTIONS
H2 200 comments
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/869887f6-d96b-4dad-8d40-b5fc0542473a/ Frame 0
0 104ms
103ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-64d101d2ef8e/869887f6-d96b-4dad-8d40-b5fc0542473a/comments?limit=3&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.news9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.news9.com
access-control-allow-methods: POST,PUT,GET,DELETE,PATCH
access-control-allow-headers: content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age: 43200

GET
H2 200 / Show response
geoloc.m32.media/json/ 231 B
400 B 135ms
102ms XHR
application/json 35.227.201.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geoloc.m32.media/json/

Requested by

Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.201.248 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

248.201.227.35.bc.googleusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

abb2ff3466a4c5064d3cb87dc2faee36d57fd975bbe35dcf62e9a11f26fddc00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
x-database-date: Thu, 25 Nov 2021 02:00:15 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubdomains;
alt-svc: clear
via: 1.1 google

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/a-5829bef557ca5f49/ 27 B
207 B 191ms
176ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/a-5829bef557ca5f49/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-encoding: gzip
content-disposition: attachment; filename=1.txt
cache-control: public, max-age=54, s-maxage=86400
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 157ms
149ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=619eee8898192897&bkl=0&bl=1&pdt=1148&sid=619eee8898192897&pub=a-5829bef557ca5f49&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.news9.com&fp=story%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1637805705454&jsl=4097&uvs=619eee88489c6d37000&skipb=1&callback=addthis.cbs.jsonp__118844423982408460
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5a9636f9e4d1e6766db8cd974c43eb41ca6103ea2146166ac4b6f90873c31aff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 02:01:45 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1E18 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 6078 71 KB
26 KB 10ms
10ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 25 Nov 2021 02:01:45 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

POST
H2 200 v2kfkkTmxXOKehfzJSqljOOa0J7ycN2G_zzX1WRMl0_y36-ciZC9QSs3AhMHY4LhDCrBI7tQq8xj07YY4dw Show response
voraciousgrip.com/ 216 B
347 B 17ms
17ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2kfkkTmxXOKehfzJSqljOOa0J7ycN2G_zzX1WRMl0_y36-ciZC9QSs3AhMHY4LhDCrBI7tQq8xj07YY4dw

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

49aa9de81d388043e62b5f99cd8d1993abcd45d7af1e4c3e0ad9765be3aeb59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 25 Nov 2021 02:01:45 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 26187baf
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Thu, 25 Nov 2021 02:01:44 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/15283051/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
348 B

7ms
7ms

Script
application/javascript

13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 01:46:08 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: iH6xE0ouxrEidHJtUWwr8CIWn5z2FgEGw9eBZcgIXV25DjIjD1i4zA==

Redirect headers

date: Thu, 25 Nov 2021 02:01:45 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: prQ6oQ1LUdHPsYjdEHH-aH_SDhl7QtoSK63rxcX_pfSId407RT9iTA==

POST
H2 200 v2frctQoZPgFJUY1Hh2U5FIzlcWfxX7QmyL1hTycU4bdXW5Q95Xv5l5mD0s1TbXa0W-EsSD_ZcMy_riuRyw Show response
voraciousgrip.com/ 2 KB
810 B 402ms
402ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2frctQoZPgFJUY1Hh2U5FIzlcWfxX7QmyL1hTycU4bdXW5Q95Xv5l5mD0s1TbXa0W-EsSD_ZcMy_riuRyw

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

56b8bc67752d73b57d101c6d938230528dc9ad4b135166d05161b4cf38fe50b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
date: Thu, 25 Nov 2021 02:01:45 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
x-hostname: 26187baf
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 770

OPTIONS
H2 200 loaded
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-64d101d2ef8e/indicator/ Frame 0
0 100ms
100ms Preflight 50.17.45.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-64d101d2ef8e/indicator/loaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-45-48.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.news9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.news9.com
access-control-allow-methods: GET,PUT,DELETE,PATCH,POST
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type
access-control-max-age: 43200

GET
H2 200 defaultavatar.28fea6b8b2b5fdb61025943a5aac4c45.png
cdn.viafoura.net/assets/ 676 B
1 KB 7ms
7ms Image
image/png 2600:9000:2057:9200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viafoura.net/assets/defaultavatar.28fea6b8b2b5fdb61025943a5aac4c45.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:55:19 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 18:54:44 GMT
server: AmazonS3
age: 198387
etag: "28fea6b8b2b5fdb61025943a5aac4c45"
x-cache: Hit from cloudfront
x-amz-version-id: d2l_HWW7FSkgcK41sV84rb5pqFibT62H
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 676
x-amz-cf-id: vaBm6hDNk13M3-DGQlcXR8iY-8wADSYlaav1qS5T9g3ZxgGfD__jdw==

POST
H2 202 loaded Show response
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-64d101d2ef8e/indicator/ 0
131 B 113ms
112ms XHR
application/json 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-64d101d2ef8e/indicator/loaded
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://www.news9.com
date: Thu, 25 Nov 2021 02:01:45 GMT
access-control-allow-credentials: true
content-length: 0
content-type: application/json; charset=utf-8

GET
H2 200 ingest
i.viafoura.co/v3/www.news9.com/ 67 B
324 B 103ms
102ms Image
image/png 54.144.244.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.news9.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1637805705%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1637805705%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%229ba8faba-509f-40ab-90ff-a78832100202%22%2C%22firstVisit%22%3A1637805705%2C%22previousVisit%22%3A1637805705%2C%22currentVisit%22%3A1637805705%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.news9.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22section%22%3A%2200000000-0000-4000-8000-64d101d2ef8e%22%2C%22pageImage%22%3A%22https%3A%2F%2Fcdn.field59.com%2FKOTV%2F633491626353f3bc92fe906326f2c125cbddba5d_fl9-360p_50.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22path%22%3A%22%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22title%22%3A%22Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22Arvest%20Winterfest%20kicks%20off%20on%20Friday%20in%20downtown%20Tulsa.%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%22f7270d45101b95c0453f998a9c70e0f4c43c1f4d%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Watch%3A%20Arvest%20Winterfest%20To%20Kick%20Off%20In%20Downtown%20Tulsa%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22a8461cb9-9060-46f6-af4a-a53a7737c906%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-conversations-count%22%2C%22vf-conversations%22%2C%22vf-trending-articles%22%2C%22vf-tray%22%5D%2C%22widget%22%3A%22vf-conversations%22%2C%22adData%22%3A%7B%22index%22%3A0%2C%22container_id%22%3A%22story-6197e26903cd1f0c0fca5fdf%22%2C%22total_count%22%3A0%7D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.trackAd%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.244.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-244-112.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST multitracking
hb.mediafuse.com/adunit/ 0
0

GET
H2 200 48376d61a96a2cb6463c9cf5079b678c8d89589a.jpg
cdn.field59.com/KWTV/ 124 KB
124 KB 127ms
126ms Image
image/pjpeg 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KWTV/48376d61a96a2cb6463c9cf5079b678c8d89589a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9365acadfbcd2ee343e6e3b672602d22275afac4da23302eae90a7c242fa843b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
cf-cache-status: HIT
x-amz-request-id: 493DXCQA3YXAEY7G
cf-ray: 6b374a7d0909d208-MAN
x-amz-replication-status: COMPLETED
content-length: 126558
x-amz-id-2: JxlWnzTMSUCIpXMJhDo8S0P5jmFPlCCHMbsWh7GXSJhOdKYTBfTyyfqRHadgG0cDDzLWKZS46zc=
last-modified: Thu, 25 Nov 2021 00:12:58 GMT
server: cloudflare
etag: "45b9fbb9f91fcac97cce388c99ac44cb-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 9w8ft7.1BTfwWdBNbZLC23lijB83ojRw
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/pjpeg
expires: Sat, 25 Dec 2021 02:01:45 GMT

GET
H2 200 kwtv-1280x720.png
www.news9.com/img/ 14 KB
15 KB 205ms
203ms Image
image/png 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/kwtv-1280x720.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

341416b1af6b6d8b8cb6ff105abe3dc04cb312437380718757ed8f5fe5c3729f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 14405
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Nov 2021 19:59:05 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"3845-17d493b0728"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1637805705901
cache-control: public, max-age=518400, no-cache="set-cookie"
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: ISMKLvpFm_AU43N7nuJSL_hBxrZM7XnJzg1hP4WHMsa--d7HHVMwJg==

GET
H2 200 789d7087b375b5426b8956b4d31abdb48bafc63c_SITM_Aircheck__Part_1_frame_126709_custom.jpeg
cdn.field59.com/KOTV/ 61 KB
62 KB 60ms
59ms Image
image/webp 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KOTV/789d7087b375b5426b8956b4d31abdb48bafc63c_SITM_Aircheck__Part_1_frame_126709_custom.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3cf59c3c07680a4106437fe1d74b53336024b43e4c08e3dead9a9cefce08c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
cf-cache-status: HIT
age: 16628
cf-polished: qual=85, origFmt=jpeg, origSize=92787
x-amz-replication-status: PENDING
content-length: 62914
content-disposition: inline; filename="789d7087b375b5426b8956b4d31abdb48bafc63c_SITM_Aircheck__Part_1_frame_126709_custom.webp"
x-amz-request-id: Y9HYFY9FQ0Y25ZSM
x-amz-id-2: 1bNVCsX7iNKeg0Jt7uAvCVCL51ytv7GtUbKwb9z0N6bh8vs/qyNWWXRHSRZXxM3H1P+t0+gyqp0=
last-modified: Wed, 24 Nov 2021 19:42:51 GMT
server: cloudflare
etag: "bec5d30a16ed5d00309c5f7d51692377-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 25 Dec 2021 02:01:45 GMT
cache-control: public, max-age=2592000
x-amz-version-id: Uf8H0icaiGG9KdESrAhyiRyd8Hm8eCTa
accept-ranges: bytes
cf-ray: 6b374a7d090ad208-MAN
cf-bgj: imgq:85,h2pri

GET
H2 200 ce2a127ddb8ac3273bc2476fe6b834852bf0cdff.jpg
cdn.field59.com/KWTV/ 190 KB
191 KB 39ms
38ms Image
image/pjpeg 104.16.59.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/KWTV/ce2a127ddb8ac3273bc2476fe6b834852bf0cdff.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.59.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfcd303861b036744a9ed9d77f9450b761de94fd53e59a041fadcec89b5848c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:45 GMT
cf-cache-status: HIT
age: 545313
cf-ray: 6b374a7d090bd208-MAN
x-amz-replication-status: COMPLETED
content-length: 195063
x-amz-id-2: Xr/qcEjTuH8Z5IUzYfh14g7HyML/yAbau5R0xjGWoaMlBlYRQsuweiKQglI2iHB4d9SKdtXlATA=
last-modified: Thu, 18 Nov 2021 18:20:25 GMT
server: cloudflare
etag: "53139c985b1fb121f704cc10f74ea8d4-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 5N9E0TSGQTEAXVCB
cache-control: public, max-age=2592000
x-amz-version-id: WmX.F5LVU9OEmmbSBAF86fNy1JmJK9V3
accept-ranges: bytes
content-type: image/pjpeg
expires: Sat, 25 Dec 2021 02:01:45 GMT

GET
H/1.1 200
OK tree-lighting.1637251632270.jpeg
hot-town-images.s3.amazonaws.com/kwtv/production/2021/November/18/ 110 KB
111 KB 498ms
180ms Image
image/jpeg 52.217.163.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hot-town-images.s3.amazonaws.com/kwtv/production/2021/November/18/tree-lighting.1637251632270.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.163.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 64863ebaf4d43ec6d5cf5935dbe3fa530cdfc5625c1538e7df563f4ce4767d2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 02:01:47 GMT
Last-Modified: Thu, 18 Nov 2021 16:07:13 GMT
Server: AmazonS3
x-amz-request-id: EBR0K71X7TXEMVD3
ETag: "c0e1bb64404700c96d692322ce672558"
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 112857
x-amz-id-2: wX9/Gcll8NKcIBxAOES9/wHwWKnua7F1IeTm5KR8temPsTQb1cprCPv94vYyJZWY9ZjQPFlZdOU=

GET
H2 200 ConsentManager,Sticky2 Show response
voraciousgrip.com/v2ebaWeqsyxD09Dcr5467HYYJ6eou6hOfN48PhwlCEPVTX2qwsQWpXLjCQ5nDSHm7CCJtw41cQ7IEYH8W/ 274 KB
80 KB 343ms
343ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2ebaWeqsyxD09Dcr5467HYYJ6eou6hOfN48PhwlCEPVTX2qwsQWpXLjCQ5nDSHm7CCJtw41cQ7IEYH8W/ConsentManager,Sticky2

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

5c7fa1ec4fb5034038328c320d097a74ddead3d3463476d1d0b6005aab0c47c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "270aa532b3a3e201627e8dab58144e7209ef5e8c4db66f3a2931928c48c663f7"
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.news9.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
x-hostname: 26187baf
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Thu, 25 Nov 2021 02:01:46 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
653 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2ebaWeqsyxD09Dcr5467HYYJ6eou6hOfN48PhwlCEPVTX2qwsQWpXLjCQ5nDSHm7CCJtw41cQ7IEYH8W/ConsentManager,Sticky2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 00:02:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 02:01:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 02:01:46 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 37 KB
37 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 14:44:06 GMT
x-content-type-options: nosniff
age: 40660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 14:44:06 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 37 KB
37 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 14:44:06 GMT
x-content-type-options: nosniff
age: 40660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 14:44:06 GMT

GET
H2 200 MSwwY2M0NjQ2ODllODM
images.getadmiral.com/ 3 KB
3 KB 123ms
47ms Image
image/png 2606:4700:3034::6815:4466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MSwwY2M0NjQ2ODllODM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b460056ee814c31634d52ab2725083363be94f487b706cddcc729aeacd7bec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:46 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2579
server: cloudflare
x-datacenter: gce-europe-west1
etag: "c8a53abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wPmRGVHRojAJENp%2B7XVNcmjRRgLub9vHQzOPHohnimLnSo39rotki7O4e6QWdXWGgNa%2FuenPu%2BcBXqIgsdgy7xDyg0r6qaifLZIpbPtu0bVcefhpWtufTbvyvIUVHaz6dE1bIvpM7sirQozwTOTTaGmHa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=300
x-hostname: cole
cf-ray: 6b374a824de23759-MXP

GET
H2 200 v4_311442_8088.json Show response
player.mediafuse.com/prebidlink/2729676/ 22 KB
6 KB 159ms
123ms XHR
application/json 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.mediafuse.com/prebidlink/2729676/v4_311442_8088.json?cb=www.news9.com
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hbw_master_311442_8088.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 99334975ad7de5090ac4c310aaeeedb3c6998846e168f075c562d97624b1e9ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:46 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 23:37:01 GMT
server: nginx
etag: W/"619ecc9d-591f"
content-type: application/json
access-control-allow-origin: https://www.news9.com
cache-control: max-age=3600
expires: Thu, 25 Nov 2021 03:01:46 GMT

POST
H2 200 v2kfkkTmxXOKehfzJSqljOOa0J7ycN2G_zzX1WRMl0_y36-ciZC9QSs3AhMHY4LhDCrBI7tQq8xj07YY4dw Show response
voraciousgrip.com/ 272 B
331 B 26ms
26ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2kfkkTmxXOKehfzJSqljOOa0J7ycN2G_zzX1WRMl0_y36-ciZC9QSs3AhMHY4LhDCrBI7tQq8xj07YY4dw

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2iig_GRQ-bgA3f7sDbRi-3gE6cl0lyYWET9MUNEvRDRx62kctn9lLkBNKh7m8gtX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

cbd45ba2ca02bf7cb9b6741d06c193180c657fb4bc9d540c4b30ee516353fff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 25 Nov 2021 02:01:46 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 26187baf
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 272
expires: Thu, 25 Nov 2021 02:01:45 GMT

POST
H2 200 establish Show response
www.news9.com/session/ 101 B
911 B 203ms
202ms XHR
text/html 2600:9000:214f:f000:e:9741:2b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/session/establish

Requested by

Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1637191579472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:f000:e:9741:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

acc3ef5408aa6c8c5f3d849cfc4e391343475fed9d5c655f423ab42a5aa59706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Nov 2021 02:01:46 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 101
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2, no-cache="set-cookie"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: cvjDiDOWmQcLSmCdvs6t7iM_l8dIiezezFvSYLbK_lGkvDDaAuFrpg==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 54ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news9.com%2F&domain=www.news9.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.news9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.news9.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 3247
date: Thu, 25 Nov 2021 02:01:47 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news9.com%2F&domain=www.news9.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=ATfPu3wrYjhqZ0l3L09CNnRKQk5ZbDdDQ0JZZmtRNlkwRnAxQUJhN1g1eUt0SGM1cWJSVUxHK29MWnNNdVJ4cmhTUDVqOURZc1VMck8wSUMzMVF2TThzYm00L3J1b0taUXJwTzFFQUh5NGljdzNzZ3hLb3RqZk1mQnJibk...

342 B
600 B

50ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ATfPu3wrYjhqZ0l3L09CNnRKQk5ZbDdDQ0JZZmtRNlkwRnAxQUJhN1g1eUt0SGM1cWJSVUxHK29MWnNNdVJ4cmhTUDVqOURZc1VMck8wSUMzMVF2TThzYm00L3J1b0taUXJwTzFFQUh5NGljdzNzZ3hLb3RqZk1mQnJibkNHUC9rMGF2QTIvVUdVVGo2VW1MZm0xejNtWmFleUpxNzZ6UktBWkVhelVnaDc2SFdIcmxkYi9XWlExNWNoK2gzcFVRNmJYYXF4NWE5NTdDS1cyN1FqcGJNeExhRms0Q1d2WGlmbnV3YVJ2b2lSM2xmWjdZPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8138500dafc698394657d949b0a2e96ede496dbdd49c8f175dbbe9d5e279033c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 25 Nov 2021 02:01:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2965
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 25 Nov 2021 02:01:47 GMT
location: https://mug.criteo.com/sid?cpp=ATfPu3wrYjhqZ0l3L09CNnRKQk5ZbDdDQ0JZZmtRNlkwRnAxQUJhN1g1eUt0SGM1cWJSVUxHK29MWnNNdVJ4cmhTUDVqOURZc1VMck8wSUMzMVF2TThzYm00L3J1b0taUXJwTzFFQUh5NGljdzNzZ3hLb3RqZk1mQnJibkNHUC9rMGF2QTIvVUdVVGo2VW1MZm0xejNtWmFleUpxNzZ6UktBWkVhelVnaDc2SFdIcmxkYi9XWlExNWNoK2gzcFVRNmJYYXF4NWE5NTdDS1cyN1FqcGJNeExhRms0Q1d2WGlmbnV3YVJ2b2lSM2xmWjdZPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1881
content-length: 482
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
531 B 44ms
9ms XHR
application/json 51.89.21.30
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/454946/hb_311442_8088.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p25.id5-sync.com

Software

Resource Hash

85da468f47eccffef66d53eac92590984278064519ca19dec76283de19d0d086

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.news9.com
Date: Thu, 25 Nov 2021 02:01:46 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 52ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 972
date: Thu, 25 Nov 2021 02:01:46 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 json
trc.taboola.com/griffin-news9/trc/3/ 66 KB
18 KB 782ms
780ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/griffin-news9/trc/3/json?tim=02%3A01%3A49.764&lti=deflated&data=%7B%22id%22%3A692%2C%22ii%22%3A%22%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1637750341605%2C%22vi%22%3A1637805709761%2C%22cv%22%3A%2220211124-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22%22%2C%22gwto%22%3Atrue%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5202%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A18%2C%22uim%22%3A%22thumbs-2r%3Aabp%3D0%22%2C%22uip%22%3A%22below-main-feed%22%2C%22orig_uip%22%3A%22below-main-feed%22%2C%22cd%22%3A1378.703125%2C%22mw%22%3A1050%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-%2Cbelow-main-feed%3Dthumbs-2r%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211124-11-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 774
date: Thu, 25 Nov 2021 02:01:50 GMT
content-encoding: gzip
server: nginx
x-timer: S1637805710.771969,VS0,VE774
x-served-by: cache-hhn4030-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.news9.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
0 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211124-11-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Z9vEYl_N8SSxpCpJAub2PIMzfFITjGTm
content-encoding: gzip
etag: "32f01c4091f73eabe019005d909e2e44"
age: 26575
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6020
x-amz-id-2: aurejYjY70YFFkforrvHbtOdP1odO2chDqtl154vTknARDuyeV8Pl8zpMKEC5WI62ELOaz3BllE=
x-served-by: cache-hhn4030-HHN
last-modified: Wed, 03 Nov 2021 10:38:29 GMT
server: AmazonS3
x-timer: S1637805711.568240,VS0,VE0
date: Thu, 25 Nov 2021 02:01:50 GMT
vary: Accept-Encoding
x-amz-request-id: 3ZVEGQ0Y2AM0NG7J
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 4
x-cache-hits: 18557

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
938 B 8ms
8ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211124-11-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: SaZoTsX4ny11TP1YZbP8i3tjs4BdrMLw
content-encoding: gzip
etag: "978cfe7fd9cd031786ca00806b338a40"
age: 26579
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 714
x-amz-id-2: XUBScFPIhILAYL5pQllSSSOE+oK4RR/dEu5uD9H2ojw/BkReqUyrC64GnbemxgrgrYxMAB5NJr8=
x-served-by: cache-hhn4030-HHN
last-modified: Wed, 03 Nov 2021 10:38:29 GMT
server: AmazonS3
x-timer: S1637805711.568352,VS0,VE0
date: Thu, 25 Nov 2021 02:01:50 GMT
vary: Accept-Encoding
x-amz-request-id: KV2H6R30M11Y2H7M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 4
x-cache-hits: 18406

GET tfa-eid.20211124-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ 0
0

GET sha256.20211124-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ 0
0

GET floating-unit.20211124-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ 0
0

GET explore-more.20211124-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ 0
0

GET feed-card-placeholder.20211124-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ 0
0

GET userx.20211124-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ 0
0

GET tb
15.taboola.com/ 0
0

GET supply-feature
trc.taboola.com/griffin-news9/log/3/ 0
0

GET f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.mediafuse.com
URL: https://hb.mediafuse.com/geo/

Domain: hb.mediafuse.com
URL: https://hb.mediafuse.com/adunit/tracking?event=11&type=0&client_id=311442&site_id=8088&full_page_url=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&adid=eb88ra.48&vpbv=N024&lifecycle_tte=849

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: hb.mediafuse.com
URL: https://hb.mediafuse.com/adunit/multitracking

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tfa-eid.20211124-11-RELEASE.es6.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sha256.20211124-11-RELEASE.es6.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/floating-unit.20211124-11-RELEASE.es6.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/explore-more.20211124-11-RELEASE.es6.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20211124-11-RELEASE.es6.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/userx.20211124-11-RELEASE.es6.js

Domain: 15.taboola.com
URL: https://15.taboola.com/tb?oid=15&pubnm=griffin-news9&unitType=244&tbloc=&pageType=text&pstn=below-main-feed&uuip=Feed%20-%20below-main-feed&cisrf=&cirf=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&encoded=1&uid=38081346-4d9f-4230-8d2f-1d0627c44293-tuct898740d&variant=0|1786173828&callback=TRC.videoTagCallbacks.videoCallback1&cb=1637805710603&tagid=&cntry=DE&platform=1&sesid=aeec3c588d7bc310337d096243032cfc&itemid=/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa-&viewid=1637805709761&geolat=&geoing=&deviceifa=&appid=&sd=v2_aeec3c588d7bc310337d096243032cfc_38081346-4d9f-4230-8d2f-1d0627c44293-tuct898740d_1637805709_1637805709_CNawjgYQkbw9GMGzz6bVLyABKAEwODib4wlAiIoQSIa02QNQouwQWABgAGiQmMHcuKuioghwAA&ri=efdc8b0f915944fdfde6d5346bd2d128&appname=&cdb=&gdprApplies=true&rid=&sii=-2665983697000185954&oee=true&tpubid=1007121&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=NW&hasGDPRConsent=true&tcfVersion=2&cmpStatus=0&tnetid=1007120&prcnt=&layer=

Domain: trc.taboola.com
URL: https://trc.taboola.com/griffin-news9/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=9a0d4a6b7152f8822094e7a7fed5f199&sd=v2_aeec3c588d7bc310337d096243032cfc_38081346-4d9f-4230-8d2f-1d0627c44293-tuct898740d_1637805709_1637805709_CNawjgYQkbw9GMGzz6bVLyABKAEwODib4wlAiIoQSIa02QNQouwQWABgAGiQmMHcuKuioghwAA&ui=38081346-4d9f-4230-8d2f-1d0627c44293-tuct898740d&pi=/story/6197e26903cd1f0c0fca5fdf/watch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&wi=-2665983697000185954&pt=text&vi=1637805709761&d=%7B%22event_type%22%3A%22taboola_reminder%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=02%3A01%3A50.567&id=2078&llvl=2&cv=20211124-11-RELEASE&

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.news9.com/story/6197e26903cd1f0c0fca5fdf	1969-12-31 23:59:59	Name: ntvSession Value: {"id":7965478,"placementID":1073330,"lastInteraction":1637805704744,"sessionStart":1637805704744,"sessionEndDate":1637884800000,"experiment":""}
www.news9.com/	1970-01-19 23:16:55	Name: connect.sid Value: s%3A7ZYJXBp6qQmJ7D_Im5PTfjUpowr3l0cm.D8eEmHIXzQiYo4iefzP8XqwvMkpeNuSlaIbWsgLlzek
.scorecardresearch.com/	1970-01-20 16:13:33	Name: UID Value: 1ZOK3SJZQKA2GYPJSBHTH7g1637805704
.news9.com/	1970-01-20 16:27:57	Name: _ga Value: GA1.2.1223548984.1637805704
.news9.com/	1970-01-19 22:58:12	Name: _gid Value: GA1.2.1813245467.1637805704
.news9.com/	1970-01-19 22:56:45	Name: _gat_UA-572554-6 Value: 1
www.news9.com/	1970-01-20 07:42:21	Name: usprivacy Value: 1---
www.news9.com/	1970-01-19 23:39:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.news9.com/	1970-01-20 07:42:21	Name: _pubcid Value: afefe99b-f816-46ed-af90-206446cd6d3f
.jsrdn.com/	1970-01-20 16:27:57	Name: u Value: dbe7fe51-2bc9-403e-9cb9-051420d67798
www.news9.com/	1970-01-20 07:42:21	Name: ntv_as_us_privacy Value: 1---
.ad.gt/	1970-01-20 16:27:57	Name: au_id Value: 47cc46ab-cee2-4fde-a282-be2034432b9a
.ad.gt/	1970-01-19 22:58:12	Name: au_idmatch Value: {"apn": "2021-11-25", "ttd": "2021-11-25", "pub": "2021-11-25", "adx": "2021-11-25", "halo": "2021-11-25", "goo": "2021-11-25", "ppnt": "2021-11-25", "mediamath": "2021-11-25", "bees": "2021-11-25"}
.betweendigital.com/	1970-01-20 07:42:21	Name: dc Value: was1
.betweendigital.com/	1970-01-20 07:42:21	Name: tuuid Value: dbdeedf1-da31-5349-9065-044ff1fbeac7
.betweendigital.com/	1970-01-20 07:42:21	Name: ut Value: YZ7uiAACTdhD8YlHwtV-ERI9tt2DwSHfnjXHRg==
.betweendigital.com/	1970-01-20 07:42:21	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:42:21	Name: unm Value: 1
.adnxs.com/	1970-01-20 01:06:21	Name: uuid2 Value: 3359715487119889352
.pubmatic.com/	1970-01-20 01:06:21	Name: KTPCACOOKIE Value: true
.doubleclick.net/	1970-01-20 08:18:21	Name: IDE Value: AHWqTUly9W5D5i-SRxLoXDJFUuH3BaPKchw7fqwkrKRJ-WPL-nf7tZsFzYspm_uOyAQ
.mathtag.com/	1970-01-20 08:22:40	Name: uuid Value: 5bed619e-ee88-4b00-9845-e3356fa8b2c4
.pubmatic.com/	1970-01-20 01:06:21	Name: KADUSERCOOKIE Value: F2279161-27CA-4DB3-AB90-A4AB4BFAB198
.adsrvr.org/	1970-01-20 07:42:21	Name: TDID Value: c144686c-10ad-4762-8ca0-f48d7451bc40
.adsrvr.org/	1970-01-20 07:42:21	Name: TDCPM Value: CAEYBSABKAIyCwj2yrOvyPCXOhAFOAE.
prebid.a-mo.net/	1970-01-20 07:42:21	Name: __amc Value: 1_1637805704_1637805704
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 7ee3322adccf78fe
.viafoura.co/	1970-01-19 23:39:57	Name: VfSess Value: ikffrn0odbvjd1af1ur2f0733m
.viafoura.co/	1969-12-31 23:59:59	Name: vfThirdpartyCookiesEnabled Value: true
.a-mo.net/	1970-01-20 07:42:21	Name: amuid2 Value: 1de26c79-7b4a-4062-bc5e-615c0ac90507
.postrelease.com/	1970-01-20 07:42:21	Name: opt_out Value: 1
.ad.gt/	1970-01-20 16:27:57	Name: last_seeng_hosted Value: 1637805704698
.ad.gt/	1970-01-20 16:27:57	Name: g_hosted Value:
.ad.gt/	1970-01-20 16:27:57	Name: last_seentd Value: 1637805704714
.ad.gt/	1970-01-20 16:27:57	Name: tdid Value: c144686c-10ad-4762-8ca0-f48d7451bc40
.ad.gt/	1970-01-20 16:27:57	Name: first_seentd Value: 1637805704714
.ad.gt/	1970-01-20 16:27:57	Name: last_seenadnxs Value: 1637805704718
.ad.gt/	1970-01-20 16:27:57	Name: adnxs_id Value: 3359715487119889352
.ad.gt/	1970-01-20 16:27:57	Name: first_seenadnxs Value: 1637805704718
.ad.gt/	1970-01-20 16:27:57	Name: last_seenpulsepoint Value: 1637805704718
.ad.gt/	1970-01-20 16:27:57	Name: uid Value: UAdNmOYUayHc
www.news9.com/	1970-01-19 22:56:47	Name: _vfb Value: www%2Enews9%2Ecom.00000000-0000-4000-8000-64d101d2ef8e.1.10.1637805705....
www.news9.com/	1970-01-19 22:56:46	Name: _vfz Value: www%2Enews9%2Ecom.00000000-0000-4000-8000-64d101d2ef8e.1637805705.1.medium=direct\|source=\|sharer_uuid=\|terms=
www.news9.com/	1970-01-20 07:42:21	Name: _vfa Value: www%2Enews9%2Ecom.00000000-0000-4000-8000-64d101d2ef8e.9ba8faba-509f-40ab-90ff-a78832100202.1637805705.1637805705.1637805705.1
.news9.com/	1970-01-19 22:56:45	Name: _gat_auPassiveTagger Value: 1
.bidr.io/	1970-01-20 08:25:15	Name: bito Value: ABSCMU7DPd0AACqk6DCPLQ
.bidr.io/	1970-01-20 08:25:15	Name: bitoIsSecure Value: ok
.ad.gt/	1970-01-20 16:27:57	Name: last_seenmediamath Value: 1637805704723
.ad.gt/	1970-01-20 16:27:57	Name: user_id Value: 5bed619e-ee88-4b00-9845-e3356fa8b2c4
.ad.gt/	1970-01-20 16:27:57	Name: last_seenadx Value: 1637805704724
.ad.gt/	1970-01-20 16:27:57	Name: google_gid Value: CAESEDJFsjEOQbCz59IgmlE5xiY
.ad.gt/	1970-01-20 16:27:57	Name: first_seenadx Value: 1637805704724
.ad.gt/	1970-01-20 16:27:57	Name: last_seenpbm Value: 1637805704727
.ad.gt/	1970-01-20 16:27:57	Name: pbm Value: F2279161-27CA-4DB3-AB90-A4AB4BFAB198
.ad.gt/	1970-01-20 16:27:57	Name: first_seenpbm Value: 1637805704727
.ad.gt/	1970-01-20 16:27:57	Name: last_seenhaloid Value: 1637805704917
.ad.gt/	1970-01-20 16:27:57	Name: halo_id Value: 0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 16:27:57	Name: first_seenhaloid Value: 1637805704918
.viafoura.co/	1970-01-20 07:42:21	Name: vfDeviceId Value: 0e3f9d4a-47df-45fe-a919-f70c4349fbda
.ad.gt/	1970-01-20 16:27:57	Name: last_seenbeeswax Value: 1637805705117
.ad.gt/	1970-01-20 16:27:57	Name: beeswax_id Value: ABSCMU7DPd0AACqk6DCPLQ
www.news9.com/	1970-01-20 08:25:33	Name: __atuvc Value: 1%7C47
www.news9.com/	1970-01-19 22:56:47	Name: __atuvs Value: 619eee88489c6d37000
.addthis.com/	1970-01-20 08:25:33	Name: uvc Value: 1%7C47
www.news9.com/	1970-01-19 22:56:46	Name: m32_pubgeo Value: eyJpcCI6IjE5NC4zNi4xMDguMjEiLCJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6IkRldXRzY2hsYW5kIiwicmVnaW9uX2NvZGUiOiJCRSIsInJlZ2lvbl9uYW1lIjoiQmVybGluIiwiY2l0eSI6IkJlcmxpbiIsInRpbWVfem9uZSI6IkV1cm9wZS9CZXJsaW4iLCJsYXRpdHVkZSI6NTIuNTE5NiwibG9uZ2l0dWRlIjoxMy40MDY5LCJtZXRyb19jb2RlIjowLCJwb3N0YWxfY29kZSI6IjEwMTc4In0=
.addthis.com/	1970-01-20 08:25:33	Name: loc Value: MDAwMDBFVURFQlcyMjgyMTg5ODAwNDAwMDBDSA==
.news9.com/	1970-01-21 01:13:33	Name: _awl Value: 2.1637805706.0.4-79eef98b-57713b07525edfe358881ef6eaac76bf-6763652d6575726f70652d7765737431-619eee89-0
.news9.com/	1970-01-21 01:13:33	Name: _admrla Value: 2.0-57713b07-525e-dfe3-5888-1ef6eaac76bf
www.news9.com/	1970-01-19 22:56:45	Name: AWSELB Value: 25FF43150EA7A899016095596A835186B07B1FC077C8573E0537FABD26D5F9B715E022FD373E226CDD6C62BCFFEF87301E82D4A6255EE99F986FF3F578DB5B7FE6A7D89B78
www.news9.com/	1970-01-20 08:18:21	Name: cto_bundle Value: OiRyc183ZFBGenhacFpEQ1luUXdwd1E4SnROdkMwRlJmZlduSWFQekdLV1dyOGQwekwxb3ZlbjFSTGlVcTQ4Z3p3MnNoY3BHY1ZxJTJGRmZRaHFNRVdMcmxtekoycnBHQnlaRmpmOVg5UkZTaFB1R2FkcU1WcmdVbmRBb0JSb2UxNVI1VzVX
www.news9.com/	1970-01-20 08:18:21	Name: cto_bidid Value: MNiHp19BZWJFbmIxQ0dpaWx6SDZOR1hxRDY1WEVTVkRZeWlrS2pFJTJCT2kwOUhYdG9RJTJGVWw2MFdvc1J5SmZZc2xFWWpmckV4eWNGNXF0UEJSc08lMkZhVlVJSkxtUSUzRCUzRA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hb.mediafuse.com/adunit/tracking?event=11&type=0&client_id=311442&site_id=8088&full_page_url=https%3A%2F%2Fwww.news9.com%2Fstory%2F6197e26903cd1f0c0fca5fdf%2Fwatch%3A-arvest-winterfest-to-kick-off-in-downtown-tulsa-&adid=eb88ra.48&vpbv=N024&lifecycle_tte=849 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://hb.mediafuse.com/geo/ Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://hb.mediafuse.com/adunit/multitracking Message: Failed to load resource: net::ERR_CONNECTION_RESET
javascript	warning	URL: https://www.news9.com/story/6197e26903cd1f0c0fca5fdf/watch:-arvest-winterfest-to-kick-off-in-downtown-tulsa- Message: The resource https://www.news9.com/css/above-the-fold-bundle-kwtv.css?v=1637191579472 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.ad.gt
ads.betweendigital.com
ads.servenobid.com
adtelligent-d.openx.net
ap.lijit.com
api.viafoura.co
aufp.io
baron.kwtv.com
bh.contextweb.com
c.jsrdn.com
c2shb.ssp.yahoo.com
cdn.field59.com
cdn.taboola.com
cdn.viafoura.net
cm.g.doubleclick.net
colossusssp.com
dmx.districtm.io
fonts.googleapis.com
fonts.gstatic.com
geoloc.m32.media
griffin-communications.akamaized.net
gum.criteo.com
hb.mediafuse.com
hbopenbid.pubmatic.com
hot-town-images.s3.amazonaws.com
i.viafoura.co
ib.adnxs.com
id5-sync.com
ids.ad.gt
image2.pubmatic.com
images.getadmiral.com
imasdk.googleapis.com
interaction.viafoura.co
jadserve.postrelease.com
livecomments.viafoura.co
lockerdome.com
m.addthis.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
notifications.viafoura.co
onetag-sys.com
p.ad.gt
pagead2.googlesyndication.com
pixels.ad.gt
player.adtelligent.com
player.field59.com
player.mediafuse.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.adnxs.com
rdc.m32.media
redirect.field59.com
rules.quantcount.com
s.jsrdn.com
s.ntv.io
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.mathtag.com
sync.medidexs.com
tag.1rx.io
trc.taboola.com
u.openx.net
v1.addthisedge.com
voraciousgrip.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.news9.com
z.moatads.com
15.taboola.com
cdn.taboola.com
hb.mediafuse.com
s7.addthis.com
trc.taboola.com
104.154.142.214
104.16.190.66
104.16.59.230
104.75.88.126
13.35.253.42
142.250.186.98
142.250.74.194
147.75.61.140
151.101.193.44
178.250.0.157
18.214.172.53
185.184.10.30
185.29.134.244
185.33.220.100
185.33.221.11
185.64.189.112
185.64.190.80
198.148.27.140
2.18.234.163
2.18.235.40
213.174.135.1
213.174.135.2
213.19.147.42
2600:1f18:44f0:4864:2e6d:ca5a:dd6:8b7c
2600:9000:2057:9200:8:2ae1:d740:93a1
2600:9000:211e:7000:6:44e3:f8c0:93a1
2600:9000:214f:9c00:8:48e:53c0:93a1
2600:9000:214f:f000:e:9741:2b40:93a1
2606:4700:3034::6815:4466
2606:4700::6812:acf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2003
2a00:1450:4001:801::2006
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9c
2a02:2638::1c
2a02:26f0:6c00::210:ba12
34.248.11.216
35.157.246.167
35.190.64.11
35.227.201.248
35.227.246.163
35.244.159.8
35.71.131.137
37.252.161.190
44.239.35.110
50.17.45.48
51.89.21.30
51.89.9.254
52.211.199.54
52.217.163.169
52.27.221.5
52.35.106.12
52.42.90.222
54.144.244.112
54.171.114.180
54.191.177.235
54.77.51.122
54.84.153.193
72.251.249.13
8.2.111.126
96.46.186.57
021312a141f1518eff6a9488e9e861213e3528472a7e653153064f17b72dcc18
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09ba54532a528547927d74e6427490332112a2a30fe87777b7d8aef89878ef02
0b80bede5a232aca777d31ae328d2135ddcc954a48fc869e044cee3938c4e370
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
12213bea98c8084ba17ee563197afccded4180696dd2a937ff5cf331e719bfb1
1235bad3461d90b834f1380fba5e3ce0c1ac4b62923006a6c4f4233b38c1d55e
1238ba124c3b2d0da8185a42e18f5a17782378a1582ba6ee948c2564a620b2f6
134000bc474cfa398e5c84b7c210a70d52743769f48ed4470d2f85cf9d380392
1528d9f2cf3bc47fe68df73fab96c0da113c958a1c2c41d76186ba60ba78c042
15fd592c9c93ee2f5fc7ec099f10f6992144a31e2ac293e395a9fd44d14dba70
17eb924d22900560a7bf80b118c400137df8af1e4047886890db98a52b8d3958
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
1c0d9024da2473bb63130b2d0935294f9e7a227465ec9c76359652653426de14
1ff2c8c2ecaa4cbdfe068a718d666b0ad2cda8eb12e3c23fd112ebae73aa52a3
222e98227d55604801023dd64bb7df837858f8caa80840cdce8ebc3f88a2785b
22b518a35f90caaf1b6055c7d21c3b79a03cfcf1a5aa9921a13de983ec143760
246c42cd0cb013e03f8616c3f3f41b0e4a75ba722c6c883a91e5990cdddbd3a7
29860c35fc9c08719bb8777e71d12ccc8051df496afe3cfa5e8d8e85eec1bf56
2b4c71785b32b297ebb0bcd011b1f2e7e27ab7a58364b5f12abf16bf9c9dec0c
2d099ff331fd80ce99362e26888c136f1164d1180095b29de47b9c95ffd2fa02
2d77fc02330ac49356623756806e6bbfa94aae1b8bc7b1b426c93c1255007631
2ec855206935e32d9ad48b5919e4c66b5f4366e04ab07fdade79bab9ff58033c
2ee20a2aecbf355c60a450fb6f3fb14c2a95d0d41d44b777ab4b3b91a1d9a9f3
320e48973b75574afce198236b2ee06ff1a93843f870334dba25cd7f837af6a6
32674304623cff29b77e90c303d394d81be78fcfb7dbf68d4c1ddbc4ab584f57
32677b68d6c321a220fe682ec250d504cefc7827c97d2d4e590dc6f8369c6111
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33bdb88e85e52a8bb699aa0f38b5b8ae377a3cdc6005ca4268bc9b38406822dc
341416b1af6b6d8b8cb6ff105abe3dc04cb312437380718757ed8f5fe5c3729f
37c38f52c8e719592c34edf2e2a316c79816de3aaaaaa294e85a75ab24df8e06
3950d1e388ce27da40fba3e5f6487e17e77263cda84668dd3897ca977f0b1108
39610e42b4615bc8ff36e4803a872df22a2da08bed3e2d57ee801042c69de97f
39b113d2a49d58a3c68893b1913979187cdd407f8bcb17e344093d85b8ad4868
3b460056ee814c31634d52ab2725083363be94f487b706cddcc729aeacd7bec1
3ec14db7ebe78d1451de872a3fe1227bc129e1b6b5300e294f80d4977da0a0aa
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
410ede96574deff70f06480aa12ef5436affe93d2e611a728af16eafa082028d
41b260a03a5df03405d9120167aeae07d471bd894d8466266b6c1bf0ed4ae749
42411dfedafd18333e1a9771d9a248548d3b43e38fbf9e56b4b6312079292022
425365f73e24cf04189200211a1277866c6d8d785c52b4889e45fec1ddc7de67
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42cac8700a4be94d6bddefeaae0adc5566ff988af5aed9b18afe3ef69ea82b9b
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
49aa9de81d388043e62b5f99cd8d1993abcd45d7af1e4c3e0ad9765be3aeb59d
4b9645f8baee2847565faefbec2f3b6af42520ca254ec02fe4072f7880472e97
4bb474cb0451f2050a36a10aef499676e6975686dc6c5eb64847464836f16e22
4ccb64cb52eff9e8c10713a938a73ec2461b8b1e71acef86c52cd7242c3b0090
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e27e6c7d9b541697fa5726f3b214ee454c7ca66547298aff4289ca8f1e321ec
4e61a4760414182560d07c6f9044e724dbe3d0821e1d3e54284ffecc70d7f21c
4ec2efb360d7b9bee859a1ce6b5a9946621280f6b30cd4a3abaf3b774d8c9f60
4ee1dc0652b3caa5b36c10034a4b558de9ea3a5596608b04f043d69b2caf1573
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
56b8bc67752d73b57d101c6d938230528dc9ad4b135166d05161b4cf38fe50b8
5771c4607a8b38561287f16cf9051ea82d59775e7be812412e232c6b4e238d79
5a9636f9e4d1e6766db8cd974c43eb41ca6103ea2146166ac4b6f90873c31aff
5c7fa1ec4fb5034038328c320d097a74ddead3d3463476d1d0b6005aab0c47c7
5e391695ef0597c3d3b3dce40cd456544f70d2bec9df1d0eef12865d3d310258
5e554a79c82d7292297617179cb1ce618b5fc41cb6440da1818d4e521337a186
5f3036522df5b7efb698138c80dc881afdbc0f48a9b86cbe522b1e2d6632c758
5fff2ea18e128fd267f278d114bc3015eebff72ff3a53d2c799c8b6072b83205
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
64863ebaf4d43ec6d5cf5935dbe3fa530cdfc5625c1538e7df563f4ce4767d2b
6594ba22d79685e83a0727d5dc34bab12a4be3ebd81e245a0f97518f2760fd13
65d42ccb61bb226cf39d94329f330e6d32efd52b5e2d93b46e09a12da22c91d1
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
665c36531e407cef6fc83199d674290587eb488cb5ad024ea81aca2240face57
673f0c4c6e9d4401fa7177b57c167202af447ce04228a063e161273d2f2ffe6a
681697e0dc2243d1e62981c6875cf5b9cbf76ec136d8ea70ed0c1b0c2013f936
6978d6ed9f35481ca4ecbea829edf97a546383281f1f3f6b75605004829db3ab
69ed89c2dfc6eb6593d9c11103d07edf68b6aa1d509e3a65bdc1ac883e3874ce
6a424d31fddf83e59bf6bef7e76582aa3ef2730c06e3b165f9bde255058b48c1
6b18edaf9e9c6513d4ca4fd3b3dcc45d02466da02e7b8ee33e03909468bd3dad
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
713760822db9e6209e5d9f0c2bd386fa69b5de91cf79ba970e24318a3f7d3069
7149b2f6b4122b981da3491cdd4021a072b36f18a8d76fccf7bf05cd104e6097
72f235433161ea0cf2dbf1adc8d1e5ab74acd22928b110a4197d02f0efec3f40
73bef7e87ab472fb1917b6b058f194f2d653aa81e1419f8f6d5274f43c0ae40b
74b76e212e893c2899d00c906e3645d682633ceea23f6a34e369f701d3b3a4b1
74cce4dce8fe1ecd160646775e0d025b1af701454c7f93e6ca94327709614c80
76011718680d039abf4f8a9c10e633658dbec8f84c146025ed36b1adbb9f239d
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
78e92cfb53bff5a2aaf2267a8d5d4345d040a8a847f8246712760d003be49ca1
7afd1220823e11508d3f03c32dc889df0202be78768e5f19071f003276d54faa
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
80601538a0ee8a547d5a71ffd7569443c3018ed64a7db33c061dfaac73444582
8138500dafc698394657d949b0a2e96ede496dbdd49c8f175dbbe9d5e279033c
822b2d9a8657e5d378641c4f6d94f71e5bb839492109ae079326413131073c07
8245d54068174260617f2b2ab63635d08393dfb8ac9936c70ee2eea064cda9ad
82872942670ff42dcfb0ef956ff55a8254ebb6a5f459340862136b466ba8f14b
83cb67864b0c8eaab9b1050884b82b0c5becab32d0e707e28366ba86b89c6747
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84ca5d2510165bb299e1b16c802885394ef50136344eac023834ab9483ab2793
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fc2a20a2ef48b021bc675fb0111c2a670c0eea104251c7dbb013e806577574
85da2bbea9110c5d3984cb99f9a53bba19088d253dca492fea2035b491efb866
85da468f47eccffef66d53eac92590984278064519ca19dec76283de19d0d086
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
868b8c26f4178f6aec1eed2e6c782df4f6393907b386fd4d0d0eacce8985487d
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89d4a8af51026c0f55a5f5d8f07a71f883b9a210b12fbdb8a0439da1534c0f5c
8cb232efac7b5ed5be1481555f32d1e27e5297870b41d5ac04f167725dc9fd39
8d59f2c7986bc73bf37e3da9d7d9a0cbf7686dede1cb5a1649c43569848bde6e
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
8fa30542bf685cdb924f53b6b1225bc64628080191c9e8a4baa4988696988701
90bdc9c1d8a5dc0421ba323867d2409fb830b3fdb3612e50f455e86c7a9fc966
9365acadfbcd2ee343e6e3b672602d22275afac4da23302eae90a7c242fa843b
94f5b5b388c4ec894c739e140d7ac619000744f5ad134f37196711f85b6648fa
9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa
99334975ad7de5090ac4c310aaeeedb3c6998846e168f075c562d97624b1e9ed
9d3cf59c3c07680a4106437fe1d74b53336024b43e4c08e3dead9a9cefce08c6
9de1aa7a92b7804147226747e889a8b8493a0b1828a8a3ec45e2c3a601097605
9e163bce3efc4f9e0c6f0dce7f53eb5be9c3fa2e328a57dc658be74792b733d4
9fedbec7003d35511c1021ce75cb0e2729d54704ff5527792c545777564dc706
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2948e734b30234f618ad4f32aaf10ab14043f23e0f3a34fe2fbe17f792b1c5b
a686f16433a3735348ef810653ed942515cb211def2fcb735bd6fd6460897efa
aa0cc96ef38973360d16ea89d3085e4d19af315405bffa2dc0dd61b3a0a46849
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abb2ff3466a4c5064d3cb87dc2faee36d57fd975bbe35dcf62e9a11f26fddc00
abbe756a6737a9739b5be51eebfe7a89d3db8a24f327e98cbb422d90ba0d2019
abe28fd014f7f27af098a5935c489ff0eeeaa4fbe8fb6f9008c7ef8d2bf550f5
acc3ef5408aa6c8c5f3d849cfc4e391343475fed9d5c655f423ab42a5aa59706
accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3c6ad816a37d85bc797523815f833f6e0c997fcb5726a918fd7417b4d0bf40
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b991c1ea66dc32cad7cd6a7204502bb2f250bd6f572de06a875decfaf7abab90
b9e2fefadf988dca2c87bffd051ea7b25f02d776056128a8ce9b7970f55ca5b7
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbc90ca308f343ae84240d24d830836aa2da323edabf08e9f5e81d79b2468b28
bc1954c12721fcd9ad8b3551790887b9ac792d365de488a23bff2efe4611a2e2
bd66449ad1c15e314ce865c32f46abc0a2771188f89697609655804bafc05a80
bdbfd7103de44415a582357fe1360f93792aeb64d61ca2ea35d6b59d92d32b41
bf15f38177d9c9cd104d3ad6f2af6c347eec35d74a615ba56a897ab6513d5fb7
c193fa47a8ff355952cd825a6d96074f55614a4cc46e4b7046f12a7cf497bee8
c1ebc73ad4ac6af6dfdc049158d6c38875d080527a1f3c07f753e17a2b5a8cd9
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbd45ba2ca02bf7cb9b6741d06c193180c657fb4bc9d540c4b30ee516353fff5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce831fb353ac6f0ec90bfed0eb0dda5ce18a38acdc95bcc4d404d4871e36cc40
cfcd303861b036744a9ed9d77f9450b761de94fd53e59a041fadcec89b5848c2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d18aa1defb6c903d276ee46db5caa5d24ef221c2f8dcf8aefff9b5ab7bddad2a
d286e31993062c84db7d15274216bef3d70b38cf4e25439abe6e2834f12786ea
d39f03985a4a6824d555bf6dde413e4a7e915869923da35d64392c0ca4d97c12
d7ee693d731ccec6b88e44fd405fd9b6b662ad31a8217309b5c2fa261a6b2176
d887e66ad63d76c740736e7ec9693e4fa6744ae21acf5fe2b10d5b5f2c2481d8
dad2f241aa89fdc9cebe0090e9d0588dc1fa425c95dac52f0fba3a6f2a761fb3
dd0f4e1f424aaa177397234687b72ab877e2f9c0967ccc7abe5d1593264acc18
ddaa0d52bb744fbadd01e0d802c1703e49d7650eeb66bded570111b6c9752528
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a142521c963aa85dcb971035ff05ddff5cc56cbce2b56dac1ee5d43e219b24
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e29676f8ca9a2e43ae3e1be9fdd6125dfa223947b54490692078bc265c5c62f1
e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0
e2b72404d0447a03b0deaf4540927edf76316826bf854723de522c9e7c089825
e35b7ad540c7293df5e10c7d472d04c1cedff4da5df05f6e976307225c53efb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75c387c3861cf2e96a55bfed9c075e90b33f12f7ed1f5d19c96ee45d93fa858
ea17174ab03f3417adac0c8fa031c71e97c16550a826b280fcb230dc943bf904
eb9b2f6eb930b8366b2706fc77474a1abce5d9ae2fcc1e90a4f1f1bd8be670f2
ebe95d28d7825cbc1c71b7a594d8e4424fb5af47b7ac5bf1f55e4f1c3e09cb12
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed21abfa886775b7c7574549aa2f73bbfa790d41e45c33271ef18e57ef27b1a2
ed54c0ae4ca8f8ff3681fe15ae558dfcd8227e94fa1a3c82e162f4393e66fe25
ee07f71a184c255aea1022f27404eebd7adbf48a7d32f853aac80ad06f517dc1
ee58b25cc007e315b31d035f6bc66a8f81764590c4bf39777bf3c2088fd394f5
eee849b7f4de9a729bee459cd14b54f711b06bad7fced8abf0214a69268e52f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdfb5bb2d5d705028e76bb88094ce82751083667aa1e113ece7d75a91a950ba
f09e1e93305a6e61e269c200c4a5e8770750e0f9f9a1bedaa540de2c27c4bd52
f38fe068544020288dbc729ab2e8e2f41e0fdc9236a32148846a2fd678cfd3f5
f3cd4dfe6f2850712e6284d9b7c39859d93c45a3aa9c60c3aa9f2fc6346a377b
f538fa1219672539d3355f1e0a11cc08bcedbfa2e2c61d38264974d5441f43e9
f53913229bc74a06e46b284c0b54a835c667110cda5cab2c38f3e5513eff4f8b
fb955bf42c9817465d4df126c6836e0fd5bb57e2b37e38281ca64a1215122355
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
feec6e4629bdc113a4dcad659bb722feea16ddd23724c5c36cf8fb30089ce4d2

www.news9.com Open in urlscan Pro 2600:9000:214f:f000:e:9741:2b40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

266 Requests

91 %HTTPS

30 %IPv6

57 Domains

80 Subdomains

64 IPs

9 Countries

3637 kBTransfer

10875 kBSize

71 Cookies

12 Outgoing links

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.news9.com Open in urlscan Pro
2600:9000:214f:f000:e:9741:2b40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

91 %
HTTPS

30 %
IPv6

57
Domains

80
Subdomains

64
IPs

9
Countries

3637 kB
Transfer

10875 kB
Size

71
Cookies

266 HTTP transactions
0 data transactions